From: "Darrick J. Wong" <darrick.wong@oracle.com>
To: Andreas Dilger <adilger@dilger.ca>
Cc: Miklos Szeredi <miklos@szeredi.hu>,
Alexander Viro <viro@zeniv.linux.org.uk>,
linux-kernel <linux-kernel@vger.kernel.org>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
"fuse-devel@lists.sourceforge.net"
<fuse-devel@lists.sourceforge.net>,
Richard Hansen <rhansen@rhansen.org>
Subject: Re: [PATCH v2] fuse: Fix IOC_[GS]ET{FLAGS,VERSION} argument size brokenness.
Date: Fri, 20 Dec 2013 18:45:54 -0800 [thread overview]
Message-ID: <20131221024554.GA20750@birch.djwong.org> (raw)
In-Reply-To: <99199002-0C82-42B6-B237-163561AD821B@dilger.ca>
On Fri, Dec 20, 2013 at 07:09:23PM -0700, Andreas Dilger wrote:
> To be honest, FS_IOC_SETVERSION isn't used by many/any users, so it might be
> better to avoid doing anything with that for now.
>
> In the past we even talked about adding a deprecation warning for that ioctl
> since it adds complexity for little value.
I suspect that most FUSE servers don't handle any of these four ioctls,
but so long as they're there, we ought to make them less surprising to
userspace.
As far as getting rid of SETVERSION, I think that's best left to a fs driver
(or a fuse server) to make that decision, unless everyone wants to eliminate
SETVERSION entirely? I don't remember anyone complaining when I proposed to
disable SETVERSION on metadata_csum ext4 filesystems, but that's hardly
conclusive. :)
The only providers of SETVERSION seem to be ext[234], reiser3, and ocfs2.
--D
>
> Cheers, Andreas
>
> > On Dec 20, 2013, at 16:35, "Darrick J. Wong" <darrick.wong@oracle.com> wrote:
> >
> > The IOC_[GS]ETFLAGS and IOC_[GS]ETVERSION ioctls, despite being
> > defined to take a "long" parameter, actually take "int" parameters.
> > FUSE unfortunately assumed that the ioctl definitions never lie, and
> > transfers a long's worth of data in and out of userspace, which causes
> > stack smashing in chattr, and other bugs elsewhere.
> >
> > So, special-case this in FUSE so that we don't crash userland.
> >
> > v2: Do the same for the IOC_[GS]ETVERSION ioctls, as Richard Hansen
> > points out.
> >
> > Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
> > ---
> > fs/fuse/file.c | 16 ++++++++++++++++
> > 1 file changed, 16 insertions(+)
> >
> > diff --git a/fs/fuse/file.c b/fs/fuse/file.c
> > index 7e70506..f8766ab 100644
> > --- a/fs/fuse/file.c
> > +++ b/fs/fuse/file.c
> > @@ -2385,6 +2385,22 @@ long fuse_do_ioctl(struct file *file, unsigned int cmd, unsigned long arg,
> > iov->iov_base = (void __user *)arg;
> > iov->iov_len = _IOC_SIZE(cmd);
> >
> > + /*
> > + * The IOC_[GS]ETFLAGS and IOC_[GS]ETVERSION ioctls take int
> > + * parameters even though the ioctl definition specifies long.
> > + * Userland has been expecting int for ages (and chattr
> > + * segfaults on FUSE filesystems), so special case that here.
> > + * The IOC32 variants were declared with int, so they don't
> > + * need this correction.
> > + */
> > + switch (cmd) {
> > + case FS_IOC_GETFLAGS:
> > + case FS_IOC_SETFLAGS:
> > + case FS_IOC_GETVERSION:
> > + case FS_IOC_SETVERSION:
> > + iov->iov_len = sizeof(int);
> > + }
> > +
> > if (_IOC_DIR(cmd) & _IOC_WRITE) {
> > in_iov = iov;
> > in_iovs = 1;
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2013-12-21 2:45 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-19 23:27 [PATCH] fuse: Fix IOC_[GS]ETFLAGS argument size brokenness Darrick J. Wong
2013-12-20 6:19 ` Richard Hansen
[not found] ` <52B3E16F.7070409-ATUMkS0HV+5AfugRpC6u6w@public.gmane.org>
2013-12-20 23:10 ` Darrick J. Wong
2013-12-20 16:48 ` Richard Hansen
[not found] ` <20131219232739.GA10192-PTl6brltDGh4DFYR7WNSRA@public.gmane.org>
2013-12-20 23:35 ` [PATCH v2] fuse: Fix IOC_[GS]ET{FLAGS, VERSION} " Darrick J. Wong
2013-12-21 2:09 ` [PATCH v2] fuse: Fix IOC_[GS]ET{FLAGS,VERSION} " Andreas Dilger
2013-12-21 2:45 ` Darrick J. Wong [this message]
2014-01-06 17:50 ` [fuse-devel] [PATCH v2] fuse: Fix IOC_[GS]ET{FLAGS, VERSION} " Miklos Szeredi
2014-01-07 1:34 ` Darrick J. Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131221024554.GA20750@birch.djwong.org \
--to=darrick.wong@oracle.com \
--cc=adilger@dilger.ca \
--cc=fuse-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=rhansen@rhansen.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).