[PATCH] Fix unaligned pointer accesses of btrfs_key->offset

linux-btrfs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Ben Peddell <klightspeed@killerwolves.net>
To: linux-btrfs@vger.kernel.org
Subject: [PATCH] Fix unaligned pointer accesses of btrfs_key->offset
Date: Sun, 12 Aug 2012 20:30:05 +1000	[thread overview]
Message-ID: <502785AD.9080904@killerwolves.net> (raw)

The offset field in the btrfs_key structure is unaligned.

Unlike x86, unaligned accesses on ARM will result in Unaligned Access
traps, which are usually ignored, and the lower bits of the pointer
address being accessed are zeroed.

This means that in this case the lower 8 bits of the value that should
go into key->offset actually goes into key->type, the value that is put
into key->offset is shifted right 8 bits, and the top 8 bits remain from
the previous value in key->offset.

This currently occurs in mkfs.btrfs, causing it to abort, and could
potentially occur in the filesystem driver, causing internal corruption.

This patch works around the two unaligned accesses of key->offset through
a pointer by giving find_next_chunk an aligned pointer.

---
 volumes.c |    8 ++++++--
 1 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/volumes.c b/volumes.c
index 8dca5e1..47a6d5f 100644
--- a/volumes.c
+++ b/volumes.c
@@ -644,6 +644,7 @@ int btrfs_alloc_chunk(struct btrfs_trans_handle *trans,
 	u64 avail;
 	u64 max_avail = 0;
 	u64 percent_max;
+	u64 offset;
 	int num_stripes = 1;
 	int min_stripes = 1;
 	int sub_stripes = 0;
@@ -760,7 +761,8 @@ again:
 	key.objectid = BTRFS_FIRST_CHUNK_TREE_OBJECTID;
 	key.type = BTRFS_CHUNK_ITEM_KEY;
 	ret = find_next_chunk(chunk_root, BTRFS_FIRST_CHUNK_TREE_OBJECTID,
-			      &key.offset);
+			      &offset);
+	key.offset = offset;
 	if (ret)
 		return ret;

@@ -864,6 +866,7 @@ int btrfs_alloc_data_chunk(struct btrfs_trans_handle *trans,
 	struct list_head *cur;
 	struct map_lookup *map;
 	u64 calc_size = 8 * 1024 * 1024;
+	u64 offset;
 	int num_stripes = 1;
 	int sub_stripes = 0;
 	int ret;
@@ -874,7 +877,8 @@ int btrfs_alloc_data_chunk(struct btrfs_trans_handle *trans,
 	key.objectid = BTRFS_FIRST_CHUNK_TREE_OBJECTID;
 	key.type = BTRFS_CHUNK_ITEM_KEY;
 	ret = find_next_chunk(chunk_root, BTRFS_FIRST_CHUNK_TREE_OBJECTID,
-			      &key.offset);
+			      &offset);
+	key.offset = offset;
 	if (ret)
 		return ret;

-- 
1.7.3.4

                 reply	other threads:[~2012-08-12 10:40 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:8dca5e1 dfblob:47a6d5f )
 OR (
bs:"[PATCH] Fix unaligned pointer accesses of btrfs_key->offset" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=502785AD.9080904@killerwolves.net \
    --to=klightspeed@killerwolves.net \
    --cc=linux-btrfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).