[PATCH] [RESEND] orangefs: fix out-of-bounds fsid access

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] [RESEND] orangefs: fix out-of-bounds fsid access
@ 2024-03-20 18:05 Arnd Bergmann
  0 siblings, 0 replies; 7+ messages in thread
From: Arnd Bergmann @ 2024-03-20 18:05 UTC (permalink / raw)
  To: Mike Marshall
  Cc: Arnd Bergmann, Martin Brandenburg, Vlastimil Babka, devel,
	linux-kernel

From: Arnd Bergmann <arnd@arndb.de>

orangefs_statfs() copies two consecutive fields of the superblock into
the statfs structure, which triggers a warning from the string fortification
helpers:

In file included from fs/orangefs/super.c:8:
include/linux/fortify-string.h:592:4: error: call to '__read_overflow2_field' declared with 'warning' attribute: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Werror,-Wattribute-warning]
                        __read_overflow2_field(q_size_field, size);

Change the memcpy() to an individual assignment of the two fields, which helps
both the compiler and human readers understand better what it does.

Link: https://lore.kernel.org/all/20230622101701.3399585-1-arnd@kernel.org/
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
I sent this last year but never got a reply
---
 fs/orangefs/super.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/fs/orangefs/super.c b/fs/orangefs/super.c
index fd20ed1de4e9..c714380ab38b 100644
--- a/fs/orangefs/super.c
+++ b/fs/orangefs/super.c
@@ -201,7 +201,10 @@ static int orangefs_statfs(struct dentry *dentry, struct kstatfs *buf)
 		     (long)new_op->downcall.resp.statfs.files_avail);
 
 	buf->f_type = sb->s_magic;
-	memcpy(&buf->f_fsid, &ORANGEFS_SB(sb)->fs_id, sizeof(buf->f_fsid));
+	buf->f_fsid = (__kernel_fsid_t) {{
+		ORANGEFS_SB(sb)->fs_id,
+		ORANGEFS_SB(sb)->id,
+	}};
 	buf->f_bsize = new_op->downcall.resp.statfs.block_size;
 	buf->f_namelen = ORANGEFS_NAME_MAX;
 
-- 
2.39.2


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* [PATCH] [RESEND] orangefs: fix out-of-bounds fsid access
@ 2024-04-08  7:50 Arnd Bergmann
  2024-04-08 14:36 ` Jan Kara
  0 siblings, 1 reply; 7+ messages in thread
From: Arnd Bergmann @ 2024-04-08  7:50 UTC (permalink / raw)
  To: linux-fsdevel, Mike Marshall
  Cc: Arnd Bergmann, Alexander Viro, Christian Brauner, Jan Kara,
	Martin Brandenburg, devel, Vlastimil Babka, Kees Cook,
	Justin Stitt, linux-kernel

From: Arnd Bergmann <arnd@arndb.de>

orangefs_statfs() copies two consecutive fields of the superblock into
the statfs structure, which triggers a warning from the string fortification
helpers:

In file included from fs/orangefs/super.c:8:
include/linux/fortify-string.h:592:4: error: call to '__read_overflow2_field' declared with 'warning' attribute: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Werror,-Wattribute-warning]
                        __read_overflow2_field(q_size_field, size);

Change the memcpy() to an individual assignment of the two fields, which helps
both the compiler and human readers understand better what it does.

Link: https://lore.kernel.org/all/20230622101701.3399585-1-arnd@kernel.org/
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Christian Brauner <brauner@kernel.org>
Cc: Jan Kara <jack@suse.cz>
Cc: linux-fsdevel@vger.kernel.org
Cc: Mike Marshall <hubcap@omnibond.com>
Cc: Martin Brandenburg <martin@omnibond.com>
Cc: devel@lists.orangefs.org
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
Resending to VFS maintainers, I sent this a couple of times to the
orangefs maintainers but never got a reply
---
 fs/orangefs/super.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/fs/orangefs/super.c b/fs/orangefs/super.c
index fb4d09c2f531..152478295766 100644
--- a/fs/orangefs/super.c
+++ b/fs/orangefs/super.c
@@ -201,7 +201,10 @@ static int orangefs_statfs(struct dentry *dentry, struct kstatfs *buf)
 		     (long)new_op->downcall.resp.statfs.files_avail);
 
 	buf->f_type = sb->s_magic;
-	memcpy(&buf->f_fsid, &ORANGEFS_SB(sb)->fs_id, sizeof(buf->f_fsid));
+	buf->f_fsid = (__kernel_fsid_t) {{
+		ORANGEFS_SB(sb)->fs_id,
+		ORANGEFS_SB(sb)->id,
+	}};
 	buf->f_bsize = new_op->downcall.resp.statfs.block_size;
 	buf->f_namelen = ORANGEFS_NAME_MAX;
 
-- 
2.39.2


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [PATCH] [RESEND] orangefs: fix out-of-bounds fsid access
  2024-04-08  7:50 Arnd Bergmann
@ 2024-04-08 14:36 ` Jan Kara
  2024-04-08 21:21   ` Justin Stitt
  0 siblings, 1 reply; 7+ messages in thread
From: Jan Kara @ 2024-04-08 14:36 UTC (permalink / raw)
  To: Arnd Bergmann
  Cc: linux-fsdevel, Mike Marshall, Arnd Bergmann, Alexander Viro,
	Christian Brauner, Jan Kara, Martin Brandenburg, devel,
	Vlastimil Babka, Kees Cook, Justin Stitt, linux-kernel

On Mon 08-04-24 09:50:43, Arnd Bergmann wrote:
> From: Arnd Bergmann <arnd@arndb.de>
> 
> orangefs_statfs() copies two consecutive fields of the superblock into
> the statfs structure, which triggers a warning from the string fortification
> helpers:
> 
> In file included from fs/orangefs/super.c:8:
> include/linux/fortify-string.h:592:4: error: call to '__read_overflow2_field' declared with 'warning' attribute: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Werror,-Wattribute-warning]
>                         __read_overflow2_field(q_size_field, size);
> 
> Change the memcpy() to an individual assignment of the two fields, which helps
> both the compiler and human readers understand better what it does.
> 
> Link: https://lore.kernel.org/all/20230622101701.3399585-1-arnd@kernel.org/
> Cc: Alexander Viro <viro@zeniv.linux.org.uk>
> Cc: Christian Brauner <brauner@kernel.org>
> Cc: Jan Kara <jack@suse.cz>
> Cc: linux-fsdevel@vger.kernel.org
> Cc: Mike Marshall <hubcap@omnibond.com>
> Cc: Martin Brandenburg <martin@omnibond.com>
> Cc: devel@lists.orangefs.org
> Signed-off-by: Arnd Bergmann <arnd@arndb.de>
> ---
> Resending to VFS maintainers, I sent this a couple of times to the
> orangefs maintainers but never got a reply
> ---
>  fs/orangefs/super.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/orangefs/super.c b/fs/orangefs/super.c
> index fb4d09c2f531..152478295766 100644
> --- a/fs/orangefs/super.c
> +++ b/fs/orangefs/super.c
> @@ -201,7 +201,10 @@ static int orangefs_statfs(struct dentry *dentry, struct kstatfs *buf)
>  		     (long)new_op->downcall.resp.statfs.files_avail);
>  
>  	buf->f_type = sb->s_magic;
> -	memcpy(&buf->f_fsid, &ORANGEFS_SB(sb)->fs_id, sizeof(buf->f_fsid));
> +	buf->f_fsid = (__kernel_fsid_t) {{
> +		ORANGEFS_SB(sb)->fs_id,
> +		ORANGEFS_SB(sb)->id,
> +	}};

Frankly, this initializer is hard to understand for me. Why not simple:

	buf->f_fsid[0] = ORANGEFS_SB(sb)->fs_id;
	buf->f_fsid[1] = ORANGEFS_SB(sb)->id;

								Honza
-- 
Jan Kara <jack@suse.com>
SUSE Labs, CR

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] [RESEND] orangefs: fix out-of-bounds fsid access
  2024-04-08 14:36 ` Jan Kara
@ 2024-04-08 21:21   ` Justin Stitt
  2024-04-09  5:54     ` Arnd Bergmann
  0 siblings, 1 reply; 7+ messages in thread
From: Justin Stitt @ 2024-04-08 21:21 UTC (permalink / raw)
  To: Jan Kara
  Cc: Arnd Bergmann, linux-fsdevel, Mike Marshall, Arnd Bergmann,
	Alexander Viro, Christian Brauner, Martin Brandenburg, devel,
	Vlastimil Babka, Kees Cook, linux-kernel

On Mon, Apr 8, 2024 at 7:36 AM Jan Kara <jack@suse.cz> wrote:
> Frankly, this initializer is hard to understand for me. Why not simple:
>
>         buf->f_fsid[0] = ORANGEFS_SB(sb)->fs_id;
>         buf->f_fsid[1] = ORANGEFS_SB(sb)->id;
>

+1 for this idea, seems easier to read for me.

>                                                                 Honza
> --
> Jan Kara <jack@suse.com>
> SUSE Labs, CR

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] [RESEND] orangefs: fix out-of-bounds fsid access
  2024-04-08 21:21   ` Justin Stitt
@ 2024-04-09  5:54     ` Arnd Bergmann
  2024-04-09 16:26       ` Mike Marshall
  0 siblings, 1 reply; 7+ messages in thread
From: Arnd Bergmann @ 2024-04-09  5:54 UTC (permalink / raw)
  To: Justin Stitt, Jan Kara
  Cc: Arnd Bergmann, linux-fsdevel, Mike Marshall, Alexander Viro,
	Christian Brauner, Martin Brandenburg, devel, Vlastimil Babka,
	Kees Cook, linux-kernel

On Mon, Apr 8, 2024, at 23:21, Justin Stitt wrote:
> On Mon, Apr 8, 2024 at 7:36 AM Jan Kara <jack@suse.cz> wrote:
>> Frankly, this initializer is hard to understand for me. Why not simple:
>>
>>         buf->f_fsid[0] = ORANGEFS_SB(sb)->fs_id;
>>         buf->f_fsid[1] = ORANGEFS_SB(sb)->id;
>>
>
> +1 for this idea, seems easier to read for me.

Yes, good idea, I'll send this as v2 after my next round
of build testing.

      Arnd

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] [RESEND] orangefs: fix out-of-bounds fsid access
  2024-04-09  5:54     ` Arnd Bergmann
@ 2024-04-09 16:26       ` Mike Marshall
  2024-04-09 19:33         ` Arnd Bergmann
  0 siblings, 1 reply; 7+ messages in thread
From: Mike Marshall @ 2024-04-09 16:26 UTC (permalink / raw)
  To: Arnd Bergmann
  Cc: Justin Stitt, Jan Kara, Arnd Bergmann, linux-fsdevel,
	Alexander Viro, Christian Brauner, Martin Brandenburg, devel,
	Vlastimil Babka, Kees Cook, linux-kernel, Mike Marshall

I applied Arnd's patch on top of Linux 6.9-rc3 and
ran through xfstests with no issue.

Also, instead of Arnd's patch, I used Jan's idea:

+
+       buf->f_fsid.val[0] = ORANGEFS_SB(sb)->fs_id;
+       buf->f_fsid.val[1] = ORANGEFS_SB(sb)->id;
+

And ran that through as well, no issue.

Sorry for missing the earlier patch.

-Mike

On Tue, Apr 9, 2024 at 1:55 AM Arnd Bergmann <arnd@arndb.de> wrote:
>
> On Mon, Apr 8, 2024, at 23:21, Justin Stitt wrote:
> > On Mon, Apr 8, 2024 at 7:36 AM Jan Kara <jack@suse.cz> wrote:
> >> Frankly, this initializer is hard to understand for me. Why not simple:
> >>
> >>         buf->f_fsid[0] = ORANGEFS_SB(sb)->fs_id;
> >>         buf->f_fsid[1] = ORANGEFS_SB(sb)->id;
> >>
> >
> > +1 for this idea, seems easier to read for me.
>
> Yes, good idea, I'll send this as v2 after my next round
> of build testing.
>
>       Arnd

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] [RESEND] orangefs: fix out-of-bounds fsid access
  2024-04-09 16:26       ` Mike Marshall
@ 2024-04-09 19:33         ` Arnd Bergmann
  0 siblings, 0 replies; 7+ messages in thread
From: Arnd Bergmann @ 2024-04-09 19:33 UTC (permalink / raw)
  To: Mike Marshall
  Cc: Justin Stitt, Jan Kara, Arnd Bergmann, linux-fsdevel,
	Alexander Viro, Christian Brauner, Martin Brandenburg, devel,
	Vlastimil Babka, Kees Cook, linux-kernel

On Tue, Apr 9, 2024, at 18:26, Mike Marshall wrote:
> I applied Arnd's patch on top of Linux 6.9-rc3 and
> ran through xfstests with no issue.
>
> Also, instead of Arnd's patch, I used Jan's idea:
>
> +
> +       buf->f_fsid.val[0] = ORANGEFS_SB(sb)->fs_id;
> +       buf->f_fsid.val[1] = ORANGEFS_SB(sb)->id;
> +
>
> And ran that through as well, no issue.
>
> Sorry for missing the earlier patch.

Thanks!

I was about to send the updated patch and can skip that now.

   Arnd

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2024-04-09 19:34 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-20 18:05 [PATCH] [RESEND] orangefs: fix out-of-bounds fsid access Arnd Bergmann
  -- strict thread matches above, loose matches on Subject: below --
2024-04-08  7:50 Arnd Bergmann
2024-04-08 14:36 ` Jan Kara
2024-04-08 21:21   ` Justin Stitt
2024-04-09  5:54     ` Arnd Bergmann
2024-04-09 16:26       ` Mike Marshall
2024-04-09 19:33         ` Arnd Bergmann

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox