2015-12-15 18:09:51

by Okash Khawaja

[permalink] [raw]
Subject: [PATCH] staging: lustre: fix address space mismatches

This patch fixes address space warnings from sparse. Function
lprocfs_write_helper() accepts user space buffer but was being
passed kernel space buffer by these functions:

contention_seconds_store()
lockless_truncate_store()

Since these functions are used to implement show and store functions of
lustre_attr object and since lustre_attr object is used to implement object
inheritance through use of `container_of`, the address space warnings
show up at multiple places inside driver's code base.

This patch creates a user space version of lustre_attr object lustre_attr_u.
Keeping function names and signatures same - other than the __user attribute -
ensures that object inheritance continues to work as it was, but address
space discrepency is removed. That removes a whole bunch of address
space warnings.

Signed-off-by: Okash Khawaja <[email protected]>
---
drivers/staging/lustre/lustre/include/lprocfs_status.h | 16 ++++++++++++++++
drivers/staging/lustre/lustre/osc/lproc_osc.c | 12 ++++++------
2 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/drivers/staging/lustre/lustre/include/lprocfs_status.h b/drivers/staging/lustre/lustre/include/lprocfs_status.h
index f18c0c7..df6d9d5 100644
--- a/drivers/staging/lustre/lustre/include/lprocfs_status.h
+++ b/drivers/staging/lustre/lustre/include/lprocfs_status.h
@@ -698,6 +698,22 @@ static struct lustre_attr lustre_attr_##name = __ATTR(name, mode, show, store)
#define LUSTRE_RO_ATTR(name) LUSTRE_ATTR(name, 0444, name##_show, NULL)
#define LUSTRE_RW_ATTR(name) LUSTRE_ATTR(name, 0644, name##_show, name##_store)

+struct lustre_attr_u {
+ struct attribute attr;
+ ssize_t (*show)(struct kobject *kobj, struct attribute *attr,
+ char *buf);
+ ssize_t (*store)(struct kobject *kobj, struct attribute *attr,
+ const char __user *buf, size_t len);
+};
+
+#define LUSTRE_ATTR_U(name, mode, show, store) \
+static struct lustre_attr_u lustre_attr_u_##name = __ATTR(name, mode, show, \
+ store)
+
+#define LUSTRE_RO_ATTR_U(name) LUSTRE_ATTR_U(name, 0444, name##_show, NULL)
+#define LUSTRE_RW_ATTR_U(name) LUSTRE_ATTR_U(name, 0644, name##_show, \
+ name##_store)
+
extern const struct sysfs_ops lustre_sysfs_ops;

/* all quota proc functions */
diff --git a/drivers/staging/lustre/lustre/osc/lproc_osc.c b/drivers/staging/lustre/lustre/osc/lproc_osc.c
index c4d44e7..dd80780 100644
--- a/drivers/staging/lustre/lustre/osc/lproc_osc.c
+++ b/drivers/staging/lustre/lustre/osc/lproc_osc.c
@@ -474,7 +474,7 @@ static ssize_t contention_seconds_show(struct kobject *kobj,

static ssize_t contention_seconds_store(struct kobject *kobj,
struct attribute *attr,
- const char *buffer,
+ const char __user *buffer,
size_t count)
{
struct obd_device *obd = container_of(kobj, struct obd_device,
@@ -484,7 +484,7 @@ static ssize_t contention_seconds_store(struct kobject *kobj,
return lprocfs_write_helper(buffer, count, &od->od_contention_time) ?:
count;
}
-LUSTRE_RW_ATTR(contention_seconds);
+LUSTRE_RW_ATTR_U(contention_seconds);

static ssize_t lockless_truncate_show(struct kobject *kobj,
struct attribute *attr,
@@ -499,7 +499,7 @@ static ssize_t lockless_truncate_show(struct kobject *kobj,

static ssize_t lockless_truncate_store(struct kobject *kobj,
struct attribute *attr,
- const char *buffer,
+ const char __user *buffer,
size_t count)
{
struct obd_device *obd = container_of(kobj, struct obd_device,
@@ -509,7 +509,7 @@ static ssize_t lockless_truncate_store(struct kobject *kobj,
return lprocfs_write_helper(buffer, count, &od->od_lockless_truncate) ?:
count;
}
-LUSTRE_RW_ATTR(lockless_truncate);
+LUSTRE_RW_ATTR_U(lockless_truncate);

static ssize_t destroys_in_flight_show(struct kobject *kobj,
struct attribute *attr,
@@ -766,13 +766,13 @@ int lproc_osc_attach_seqstat(struct obd_device *dev)
static struct attribute *osc_attrs[] = {
&lustre_attr_active.attr,
&lustre_attr_checksums.attr,
- &lustre_attr_contention_seconds.attr,
+ &lustre_attr_u_contention_seconds.attr,
&lustre_attr_cur_dirty_bytes.attr,
&lustre_attr_cur_grant_bytes.attr,
&lustre_attr_cur_lost_grant_bytes.attr,
&lustre_attr_destroys_in_flight.attr,
&lustre_attr_grant_shrink_interval.attr,
- &lustre_attr_lockless_truncate.attr,
+ &lustre_attr_u_lockless_truncate.attr,
&lustre_attr_max_dirty_mb.attr,
&lustre_attr_max_pages_per_rpc.attr,
&lustre_attr_max_rpcs_in_flight.attr,
--
2.5.2


2015-12-15 18:48:10

by Greg Kroah-Hartman

[permalink] [raw]
Subject: Re: [PATCH] staging: lustre: fix address space mismatches

On Tue, Dec 15, 2015 at 04:50:45PM +0000, Okash Khawaja wrote:
> This patch fixes address space warnings from sparse. Function
> lprocfs_write_helper() accepts user space buffer but was being
> passed kernel space buffer by these functions:
>
> contention_seconds_store()
> lockless_truncate_store()
>
> Since these functions are used to implement show and store functions of
> lustre_attr object and since lustre_attr object is used to implement object
> inheritance through use of `container_of`, the address space warnings
> show up at multiple places inside driver's code base.
>
> This patch creates a user space version of lustre_attr object lustre_attr_u.
> Keeping function names and signatures same - other than the __user attribute -
> ensures that object inheritance continues to work as it was, but address
> space discrepency is removed. That removes a whole bunch of address
> space warnings.
>
> Signed-off-by: Okash Khawaja <[email protected]>
> ---
> drivers/staging/lustre/lustre/include/lprocfs_status.h | 16 ++++++++++++++++
> drivers/staging/lustre/lustre/osc/lproc_osc.c | 12 ++++++------
> 2 files changed, 22 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/staging/lustre/lustre/include/lprocfs_status.h b/drivers/staging/lustre/lustre/include/lprocfs_status.h
> index f18c0c7..df6d9d5 100644
> --- a/drivers/staging/lustre/lustre/include/lprocfs_status.h
> +++ b/drivers/staging/lustre/lustre/include/lprocfs_status.h
> @@ -698,6 +698,22 @@ static struct lustre_attr lustre_attr_##name = __ATTR(name, mode, show, store)
> #define LUSTRE_RO_ATTR(name) LUSTRE_ATTR(name, 0444, name##_show, NULL)
> #define LUSTRE_RW_ATTR(name) LUSTRE_ATTR(name, 0644, name##_show, name##_store)
>
> +struct lustre_attr_u {
> + struct attribute attr;
> + ssize_t (*show)(struct kobject *kobj, struct attribute *attr,
> + char *buf);
> + ssize_t (*store)(struct kobject *kobj, struct attribute *attr,
> + const char __user *buf, size_t len);

sysfs files do not have __user pointers, something is really wrong here
if that's the solution :(

See the other comments in the mailing list archives for how messed up
the __user and kernel pointers are in lustre, and how I'd not recommend
anyone trying to fix them, unless you are a lustre developer and can
test all of your changes...

sorry,

greg k-h

2015-12-15 20:34:34

by Okash Khawaja

[permalink] [raw]
Subject: Re: [PATCH] staging: lustre: fix address space mismatches


> On 15 Dec 2015, at 18:48, Greg KH <[email protected]> wrote:
>
>> On Tue, Dec 15, 2015 at 04:50:45PM +0000, Okash Khawaja wrote:
>> This patch fixes address space warnings from sparse. Function
>> lprocfs_write_helper() accepts user space buffer but was being
>> passed kernel space buffer by these functions:
>>
>> contention_seconds_store()
>> lockless_truncate_store()
>>
>> Since these functions are used to implement show and store functions of
>> lustre_attr object and since lustre_attr object is used to implement object
>> inheritance through use of `container_of`, the address space warnings
>> show up at multiple places inside driver's code base.
>>
>> This patch creates a user space version of lustre_attr object lustre_attr_u.
>> Keeping function names and signatures same - other than the __user attribute -
>> ensures that object inheritance continues to work as it was, but address
>> space discrepency is removed. That removes a whole bunch of address
>> space warnings.
>>
>> Signed-off-by: Okash Khawaja <[email protected]>
>> ---
>> drivers/staging/lustre/lustre/include/lprocfs_status.h | 16 ++++++++++++++++
>> drivers/staging/lustre/lustre/osc/lproc_osc.c | 12 ++++++------
>> 2 files changed, 22 insertions(+), 6 deletions(-)
>>
>> diff --git a/drivers/staging/lustre/lustre/include/lprocfs_status.h b/drivers/staging/lustre/lustre/include/lprocfs_status.h
>> index f18c0c7..df6d9d5 100644
>> --- a/drivers/staging/lustre/lustre/include/lprocfs_status.h
>> +++ b/drivers/staging/lustre/lustre/include/lprocfs_status.h
>> @@ -698,6 +698,22 @@ static struct lustre_attr lustre_attr_##name = __ATTR(name, mode, show, store)
>> #define LUSTRE_RO_ATTR(name) LUSTRE_ATTR(name, 0444, name##_show, NULL)
>> #define LUSTRE_RW_ATTR(name) LUSTRE_ATTR(name, 0644, name##_show, name##_store)
>>
>> +struct lustre_attr_u {
>> + struct attribute attr;
>> + ssize_t (*show)(struct kobject *kobj, struct attribute *attr,
>> + char *buf);
>> + ssize_t (*store)(struct kobject *kobj, struct attribute *attr,
>> + const char __user *buf, size_t len);
>
> sysfs files do not have __user pointers, something is really wrong here
> if that's the solution :(
>
> See the other comments in the mailing list archives for how messed up
> the __user and kernel pointers are in lustre, and how I'd not recommend
> anyone trying to fix them, unless you are a lustre developer and can
> test all of your changes...
>
> sorry,
>
> greg k-h

I see. Thanks for getting back promptly.

Okash -