Re: [dm-devel] [PATCH v2 1/6] device-mapper: Check that target specs are sufficiently aligned

From: Mike Snitzer <snitzer@kernel.org>
To: Demi Marie Obenour <demi@invisiblethingslab.com>
Cc: dm-devel@redhat.com, mpatocka@redhat.com,
	linux-kernel@vger.kernel.org, Alasdair Kergon <agk@redhat.com>
Subject: Re: [dm-devel] [PATCH v2 1/6] device-mapper: Check that target specs are sufficiently aligned
Date: Thu, 22 Jun 2023 18:54:56 -0400	[thread overview]
Message-ID: <ZJTRQP1XqlQAC2Xb@redhat.com> (raw)
In-Reply-To: <ZJSmYgvwoSY6Gb4f@itl-email>

On Thu, Jun 22 2023 at  3:51P -0400,
Demi Marie Obenour <demi@invisiblethingslab.com> wrote:

> On Thu, Jun 22, 2023 at 12:28:28PM -0400, Mike Snitzer wrote:
> > On Sat, Jun 03 2023 at 10:52P -0400,
> > Demi Marie Obenour <demi@invisiblethingslab.com> wrote:
> > 
> > > Otherwise subsequent code will dereference a misaligned
> > > `struct dm_target_spec *`, which is undefined behavior.
> > > 
> > > Signed-off-by: Demi Marie Obenour <demi@invisiblethingslab.com>
> > > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
> > > Cc: stable@vger.kernel.org
> > > ---
> > >  drivers/md/dm-ioctl.c | 7 +++++++
> > >  1 file changed, 7 insertions(+)
> > > 
> > > diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c
> > > index cc77cf3d410921432eb0c62cdede7d55b9aa674a..34fa74c6a70db8aa67aaba3f6a2fc4f38ef736bc 100644
> > > --- a/drivers/md/dm-ioctl.c
> > > +++ b/drivers/md/dm-ioctl.c
> > > @@ -1394,6 +1394,13 @@ static inline fmode_t get_mode(struct dm_ioctl *param)
> > >  static int next_target(struct dm_target_spec *last, uint32_t next, void *end,
> > >  		       struct dm_target_spec **spec, char **target_params)
> > >  {
> > > +	static_assert(_Alignof(struct dm_target_spec) <= 8,
> > > +		      "struct dm_target_spec has excessive alignment requirements");
> > 
> > Really not sure what you mean by "has excessive alignment requirements"...
> 
> This patch checks that struct dm_target_spec is 8-byte aligned.  That is
> okay if its alignment is 8 or less, but not if is 16 or more, so I added
> a static assert to check that struct dm_target_spec indeed requires at
> most 8-byte alignment.  That said, “excessive alignment requirements” is
> (as shown by you having to ask this question) a bad error message.
> Would “must not require more than 8-byte alignment” be better?

Yes, that's better, I've updated it to use that.

> > > +	if (next % 8) {
> > > +		DMERR("Next target spec (offset %u) is not 8-byte aligned", next);
> > > +		return -EINVAL;
> > > +	}
> > > +
> > >  	*spec = (struct dm_target_spec *) ((unsigned char *) last + next);
> > >  	*target_params = (char *) (*spec + 1);
> > >  
> > 
> > But this patch and patches 2 and 3 need more review. I'd like Mikulas to review.
> > 
> > I did pick up patches 4-6 for the upcoming 6.5 merge window.
> 
> Thanks!
> 
> > Note, please prefix with "dm ioctl" instead of "device-mapper".
> 
> Good to know, thanks!  I have several additional patches written that
> require patch 4.  Should I send patches 1 through 3 in the same series
> as well?

I did end up picking up patches 1-3 and rebased so they are in front
of your patches 4-6 like you intended.

But I agree with Mikulas, I'm not seeing the point in tagging any of
these for stable@.

All commits are currently at the tip of dm-6.5, see:
https://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm.git/log/?h=dm-6.5

Mike

--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel