From: Jens Axboe <jens.axboe@oracle.com>
To: Arnd Bergmann <arnd@arndb.de>
Cc: linux-kernel@vger.kernel.org, abhishekrai@google.com,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH] Fix blktrace setup 32-bit ioctl on 64-bit kernels
Date: Tue, 2 Oct 2007 10:37:59 +0200 [thread overview]
Message-ID: <20071002083758.GD5236@kernel.dk> (raw)
In-Reply-To: <200710021015.33203.arnd@arndb.de>
On Tue, Oct 02 2007, Arnd Bergmann wrote:
> On Tuesday 02 October 2007, Jens Axboe wrote:
> >
> > The layout of struct blk_user_trace_setup is a bit unfortunate, it gets
> > padded differently on 32-bit and 64-bit archs. So right now it's not
> > possible to trace 64-bit kernels with a 32-bit app. This patch fixes
> > that up by adding a compat ioctl handler for BLKTRACESETUP.
>
> actually, I would guess that it is currently working on s390, sparc64,
> powerpc, parisc and mips, but your patch breaks it :(.
Not so good. But how could it work on the above archs, surely the
padding (and thuse resulting size of the structure) is different?
> > diff --git a/fs/compat_ioctl.c b/fs/compat_ioctl.c
> > index 5a5b711..b18b9cc 100644
> > --- a/fs/compat_ioctl.c
> > +++ b/fs/compat_ioctl.c
>
> I'd prefer to not add anything to fs/compat_ioctl.c at all, but always
> handle these in the places where the native version is handled.
Fine with me.
> In your case, I'd either mark BLKTRACESETUP32 as COMPATIBLE_IOCTL() and
> handle it from inside of blk_trace_ioctl(), or handle it in
> compat_blkdev_ioctl.
OK
> > @@ -2052,6 +2052,51 @@ static int raw_ioctl(unsigned fd, unsigned cmd, unsigned long arg)
> > }
> > return ret;
> > }
> > +
> > +struct blk_user_trace_setup32 {
> > + char name[32];
> > + u16 act_mask;
> > + u16 pad;
> > + u32 buf_size;
> > + u32 buf_nr;
> > + u64 start_lba;
> > + u64 end_lba;
> > + u32 pid;
> > +} __attribute__((packed));
>
> Errm, no. Everyone makes that mistake once, so you're in good company,
> but the packed attribute makes this incorrect on every architecture
> except x86_64 and ia64, because only i386 has no padding before the u64
> and after the last member.
>
> We now have the compat_u64 type that behaves like the 32 bit user space
> version of an unsigned long long. If you use that to define
> compat_blk_user_trace_setup, you don't need the attribute.
And ditto for u16 and u32, I gather? If you notice, it's not padding in
front of the u64 that bites me here, it's before the u32.
> > +#define BLKTRACESETUP32 _IOWR(0x12,115,struct blk_user_trace_setup32)
> > +
> > +static int blktrace32_setup(int fd, unsigned cmd, unsigned long arg)
>
> The naming convention these days is to use a 'compat_' prefix, not a '32'
> postfix.
OK, I will adapt.
> > +{
> > + struct blk_user_trace_setup __user *buts = compat_alloc_user_space(sizeof(*buts));
> > + struct blk_user_trace_setup32 __user *buts32 = compat_ptr(arg);
> > + int err;
> > +
> > + if (copy_in_user(&buts->name, &buts32->name, BDEVNAME_SIZE) ||
> > + get_user(buts->act_mask, &buts32->act_mask) ||
> > + get_user(buts->buf_size, &buts32->buf_size) ||
> > + get_user(buts->buf_nr, &buts32->buf_nr) ||
> > + get_user(buts->start_lba, &buts32->start_lba) ||
> > + get_user(buts->end_lba, &buts32->end_lba) ||
> > + get_user(buts->pid, &buts32->pid))
> > + return -EFAULT;
> > +
> > + err = sys_ioctl(fd, BLKTRACESETUP, (unsigned long) buts);
> > + if (err)
> > + return err;
> > +
> > + if (copy_to_user(&buts32->name, &buts->name, BDEVNAME_SIZE) ||
> > + put_user(buts32->act_mask, &buts->act_mask) ||
> > + put_user(buts32->buf_size, &buts->buf_size) ||
> > + put_user(buts32->buf_nr, &buts->buf_nr) ||
> > + put_user(buts32->start_lba, &buts->start_lba) ||
> > + put_user(buts32->end_lba, &buts->end_lba) ||
> > + put_user(buts32->pid, &buts->pid))
> > + return -EFAULT;
> > +
> > + return err;
>
> Most of these fields are read-only for the kernel, so you should only need
> the first copy_to_user. I think you should split the blk_trace_setup function
> to have the common code take a struct blk_user_trace_setup kernel pointer,
> and one or two versions that just do the copy_{to,from}_user.
I was pretty sure that we modified start_lba and end_lba and copied
those back as well, so it was a conscious decision to just copy
everything for safety. But checking we only do mangle and copy back
->name, so your suggestion is a good one.
--
Jens Axboe
next prev parent reply other threads:[~2007-10-02 8:36 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-02 7:39 [PATCH] Fix blktrace setup 32-bit ioctl on 64-bit kernels Jens Axboe
2007-10-02 7:52 ` David Miller
2007-10-02 8:15 ` Arnd Bergmann
2007-10-02 8:37 ` Jens Axboe [this message]
2007-10-02 9:28 ` Jens Axboe
2007-10-03 9:34 ` Arnd Bergmann
2007-10-03 15:55 ` Arnd Bergmann
2007-10-03 22:48 ` Arnd Bergmann
2007-10-04 18:16 ` Jens Axboe
2007-10-04 18:44 ` Arnd Bergmann
2007-10-05 10:41 ` Jens Axboe
2007-10-05 12:30 ` [PATCH] block: move ioctl conversion to compat_blkdev_ioctl Arnd Bergmann
2007-10-05 12:41 ` Jens Axboe
2007-10-05 12:41 ` Arnd Bergmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071002083758.GD5236@kernel.dk \
--to=jens.axboe@oracle.com \
--cc=abhishekrai@google.com \
--cc=arnd@arndb.de \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox