Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-3647 HSM _not only_ small fixes and to do list goes here
  3. LU-3658

No user input verification in LL_IOC_HSM_REQUEST of ll_dir_ioctl()

Details

    • Technical task
    • Resolution: Fixed
    • Blocker
    • Lustre 2.5.0
    • Lustre 2.5.0
    • 9435

    Description

      the code snippet is as follows:

                      /* We don't know the true size yet; copy the fixed-size part */
                if (copy_from_user(hur, (void *)arg, sizeof(*hur))) {
                        OBD_FREE_PTR(hur);
                        RETURN(-EFAULT);
                }

                /* Compute the whole struct size */
                totalsize = hur_len(hur);
                OBD_FREE_PTR(hur);
                OBD_ALLOC_LARGE(hur, totalsize);
                if (hur == NULL)
                        RETURN(-ENOMEM);

      So if the user space program passes in a malicious data with huge hur_len, the kernel will be in trouble. We need to make sure the itemcount is reasonable.

      Attachments

        Activity

          [LU-3658] No user input verification in LL_IOC_HSM_REQUEST of ll_dir_ioctl()
          jay Jinshan Xiong (Inactive) made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]
          jay Jinshan Xiong (Inactive) made changes -
          Labels Original: hsm New: HSM
          jay Jinshan Xiong (Inactive) made changes -
          Labels New: hsm
          adilger Andreas Dilger made changes -
          Affects Version/s New: Lustre 2.5.0 [ 10295 ]
          adilger Andreas Dilger made changes -
          Fix Version/s New: Lustre 2.5.0 [ 10295 ]
          doug Doug Oucharek (Inactive) made changes -
          Priority Original: Minor [ 4 ] New: Blocker [ 1 ]
          jay Jinshan Xiong (Inactive) made changes -
          Assignee Original: WC Triage [ wc-triage ] New: Jinshan Xiong [ jay ]
          jay Jinshan Xiong (Inactive) made changes -
          Parent New: LU-3647 [ 20020 ]
          Severity Original: 3 [ 10022 ]
          Issue Type Original: Bug [ 1 ] New: Technical task [ 7 ]
          jay Jinshan Xiong (Inactive) created issue -

          People

            jay Jinshan Xiong (Inactive)
            jay Jinshan Xiong (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: