2022-01-25 08:40:38

by Stephen Rothwell

[permalink] [raw]
Subject: linux-next: build failure after merge of the kspp tree

Hi all,

After merging the kspp tree, today's linux-next build (x86_64
allmodconfig) failed like this:

In file included from include/linux/string.h:253,
from include/linux/bitmap.h:11,
from include/linux/cpumask.h:12,
from arch/x86/include/asm/cpumask.h:5,
from arch/x86/include/asm/msr.h:11,
from arch/x86/include/asm/processor.h:22,
from arch/x86/include/asm/cpufeature.h:5,
from arch/x86/include/asm/thread_info.h:53,
from include/linux/thread_info.h:60,
from arch/x86/include/asm/preempt.h:7,
from include/linux/preempt.h:78,
from include/linux/spinlock.h:55,
from include/linux/wait.h:9,
from include/linux/mempool.h:8,
from include/linux/bio.h:8,
from fs/btrfs/ioctl.c:7:
In function 'fortify_memcpy_chk',
inlined from 'btrfs_ioctl_encoded_write' at fs/btrfs/ioctl.c:5082:3:
include/linux/fortify-string.h:316:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
316 | __write_overflow_field(p_size_field, size);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/fortify-string.h:324:25: error: call to '__read_overflow2_field' declared with attribute warning: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Werror=attribute-warning]
324 | __read_overflow2_field(q_size_field, size);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

Caused by commit

602670289b69 ("fortify: Detect struct member overflows in memcpy() at compile-time")

interacting with commit

504e1ebb6316 ("btrfs: add BTRFS_IOC_ENCODED_WRITE")

from the btrfs tree.

I applied the following hack:

From: Stephen Rothwell <[email protected]>
Date: Tue, 25 Jan 2022 11:47:17 +1100
Subject: [PATCH] fix up for "btrfs: add BTRFS_IOC_ENCODED_WRITE"

Signed-off-by: Stephen Rothwell <[email protected]>
---
fs/btrfs/ioctl.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
index 73ad918a05a9..d34620034f8e 100644
--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@@ -5079,9 +5079,14 @@ static int btrfs_ioctl_encoded_write(struct file *file, void __user *argp,
}
args.iov = compat_ptr(args32.iov);
args.iovcnt = args32.iovcnt;
- memcpy(&args.offset, &args32.offset,
- sizeof(args) -
- offsetof(struct btrfs_ioctl_encoded_io_args, offset));
+ args.offset = args32.offset;
+ args.flags = args32.flags;
+ args.len = args32.len;
+ args.unencoded_len = args32.unencoded_len;
+ args.unencoded_offset = args32.unencoded_offset;
+ args.compression = args32.compression;
+ args.encryption = args32.encryption;
+ memcpy(args.reserved, args32.reserved, sizeof(args.reserved));
#else
return -ENOTTY;
#endif
--
2.34.1

--
Cheers,
Stephen Rothwell


Attachments:
(No filename) (499.00 B)
OpenPGP digital signature

2022-01-25 08:55:47

by Kees Cook

[permalink] [raw]
Subject: Re: linux-next: build failure after merge of the kspp tree

On Tue, Jan 25, 2022 at 11:57:57AM +1100, Stephen Rothwell wrote:
> Hi all,
>
> After merging the kspp tree, today's linux-next build (x86_64
> allmodconfig) failed like this:
>
> In file included from include/linux/string.h:253,
> from include/linux/bitmap.h:11,
> from include/linux/cpumask.h:12,
> from arch/x86/include/asm/cpumask.h:5,
> from arch/x86/include/asm/msr.h:11,
> from arch/x86/include/asm/processor.h:22,
> from arch/x86/include/asm/cpufeature.h:5,
> from arch/x86/include/asm/thread_info.h:53,
> from include/linux/thread_info.h:60,
> from arch/x86/include/asm/preempt.h:7,
> from include/linux/preempt.h:78,
> from include/linux/spinlock.h:55,
> from include/linux/wait.h:9,
> from include/linux/mempool.h:8,
> from include/linux/bio.h:8,
> from fs/btrfs/ioctl.c:7:
> In function 'fortify_memcpy_chk',
> inlined from 'btrfs_ioctl_encoded_write' at fs/btrfs/ioctl.c:5082:3:
> include/linux/fortify-string.h:316:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
> 316 | __write_overflow_field(p_size_field, size);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> include/linux/fortify-string.h:324:25: error: call to '__read_overflow2_field' declared with attribute warning: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Werror=attribute-warning]
> 324 | __read_overflow2_field(q_size_field, size);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors
>
> Caused by commit
>
> 602670289b69 ("fortify: Detect struct member overflows in memcpy() at compile-time")
>
> interacting with commit
>
> 504e1ebb6316 ("btrfs: add BTRFS_IOC_ENCODED_WRITE")
>
> from the btrfs tree.

Thanks!

I found the btrfs patch here:
https://lore.kernel.org/all/ec08e6f559ab47b3300ca5a67e8fc984fd3f040f.1637179348.git.osandov@fb.com/

>
> I applied the following hack:
>
> From: Stephen Rothwell <[email protected]>
> Date: Tue, 25 Jan 2022 11:47:17 +1100
> Subject: [PATCH] fix up for "btrfs: add BTRFS_IOC_ENCODED_WRITE"
>
> Signed-off-by: Stephen Rothwell <[email protected]>
> ---
> fs/btrfs/ioctl.c | 11 ++++++++---
> 1 file changed, 8 insertions(+), 3 deletions(-)
>
> diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
> index 73ad918a05a9..d34620034f8e 100644
> --- a/fs/btrfs/ioctl.c
> +++ b/fs/btrfs/ioctl.c
> @@ -5079,9 +5079,14 @@ static int btrfs_ioctl_encoded_write(struct file *file, void __user *argp,
> }
> args.iov = compat_ptr(args32.iov);
> args.iovcnt = args32.iovcnt;
> - memcpy(&args.offset, &args32.offset,
> - sizeof(args) -
> - offsetof(struct btrfs_ioctl_encoded_io_args, offset));
> + args.offset = args32.offset;
> + args.flags = args32.flags;
> + args.len = args32.len;
> + args.unencoded_len = args32.unencoded_len;
> + args.unencoded_offset = args32.unencoded_offset;
> + args.compression = args32.compression;
> + args.encryption = args32.encryption;
> + memcpy(args.reserved, args32.reserved, sizeof(args.reserved));
> #else
> return -ENOTTY;
> #endif

I'll see if I can construct something shorter using struct_group().

-Kees

--
Kees Cook

2022-01-25 20:01:26

by David Sterba

[permalink] [raw]
Subject: Re: linux-next: build failure after merge of the kspp tree

On Tue, Jan 25, 2022 at 11:57:57AM +1100, Stephen Rothwell wrote:
> Hi all,
>
> After merging the kspp tree, today's linux-next build (x86_64
> allmodconfig) failed like this:
>
> In file included from include/linux/string.h:253,
> from include/linux/bitmap.h:11,
> from include/linux/cpumask.h:12,
> from arch/x86/include/asm/cpumask.h:5,
> from arch/x86/include/asm/msr.h:11,
> from arch/x86/include/asm/processor.h:22,
> from arch/x86/include/asm/cpufeature.h:5,
> from arch/x86/include/asm/thread_info.h:53,
> from include/linux/thread_info.h:60,
> from arch/x86/include/asm/preempt.h:7,
> from include/linux/preempt.h:78,
> from include/linux/spinlock.h:55,
> from include/linux/wait.h:9,
> from include/linux/mempool.h:8,
> from include/linux/bio.h:8,
> from fs/btrfs/ioctl.c:7:
> In function 'fortify_memcpy_chk',
> inlined from 'btrfs_ioctl_encoded_write' at fs/btrfs/ioctl.c:5082:3:
> include/linux/fortify-string.h:316:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
> 316 | __write_overflow_field(p_size_field, size);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> include/linux/fortify-string.h:324:25: error: call to '__read_overflow2_field' declared with attribute warning: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Werror=attribute-warning]
> 324 | __read_overflow2_field(q_size_field, size);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors
>
> Caused by commit
>
> 602670289b69 ("fortify: Detect struct member overflows in memcpy() at compile-time")
>
> interacting with commit
>
> 504e1ebb6316 ("btrfs: add BTRFS_IOC_ENCODED_WRITE")
>
> from the btrfs tree.
>
> I applied the following hack:
>
> From: Stephen Rothwell <[email protected]>
> Date: Tue, 25 Jan 2022 11:47:17 +1100
> Subject: [PATCH] fix up for "btrfs: add BTRFS_IOC_ENCODED_WRITE"
>
> Signed-off-by: Stephen Rothwell <[email protected]>
> ---
> fs/btrfs/ioctl.c | 11 ++++++++---
> 1 file changed, 8 insertions(+), 3 deletions(-)
>
> diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
> index 73ad918a05a9..d34620034f8e 100644
> --- a/fs/btrfs/ioctl.c
> +++ b/fs/btrfs/ioctl.c
> @@ -5079,9 +5079,14 @@ static int btrfs_ioctl_encoded_write(struct file *file, void __user *argp,
> }
> args.iov = compat_ptr(args32.iov);
> args.iovcnt = args32.iovcnt;
> - memcpy(&args.offset, &args32.offset,
> - sizeof(args) -
> - offsetof(struct btrfs_ioctl_encoded_io_args, offset));
> + args.offset = args32.offset;
> + args.flags = args32.flags;
> + args.len = args32.len;
> + args.unencoded_len = args32.unencoded_len;
> + args.unencoded_offset = args32.unencoded_offset;
> + args.compression = args32.compression;
> + args.encryption = args32.encryption;
> + memcpy(args.reserved, args32.reserved, sizeof(args.reserved));
> #else
> return -ENOTTY;
> #endif

Thanks, the patchset is still in progress so I'll apply this a fixup
until the patch gets updated.

2022-02-11 11:17:39

by Stephen Rothwell

[permalink] [raw]
Subject: linux-next: build failure after merge of the btrfs tree (Was: Re: linux-next: build failure after merge of the kspp tree)

Hi all,

On Tue, 25 Jan 2022 15:07:30 +0100 David Sterba <[email protected]> wrote:
>
> On Tue, Jan 25, 2022 at 11:57:57AM +1100, Stephen Rothwell wrote:
> >
> > After merging the kspp tree, today's linux-next build (x86_64
> > allmodconfig) failed like this:
> >
> > In file included from include/linux/string.h:253,
> > from include/linux/bitmap.h:11,
> > from include/linux/cpumask.h:12,
> > from arch/x86/include/asm/cpumask.h:5,
> > from arch/x86/include/asm/msr.h:11,
> > from arch/x86/include/asm/processor.h:22,
> > from arch/x86/include/asm/cpufeature.h:5,
> > from arch/x86/include/asm/thread_info.h:53,
> > from include/linux/thread_info.h:60,
> > from arch/x86/include/asm/preempt.h:7,
> > from include/linux/preempt.h:78,
> > from include/linux/spinlock.h:55,
> > from include/linux/wait.h:9,
> > from include/linux/mempool.h:8,
> > from include/linux/bio.h:8,
> > from fs/btrfs/ioctl.c:7:
> > In function 'fortify_memcpy_chk',
> > inlined from 'btrfs_ioctl_encoded_write' at fs/btrfs/ioctl.c:5082:3:
> > include/linux/fortify-string.h:316:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]
> > 316 | __write_overflow_field(p_size_field, size);
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > include/linux/fortify-string.h:324:25: error: call to '__read_overflow2_field' declared with attribute warning: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Werror=attribute-warning]
> > 324 | __read_overflow2_field(q_size_field, size);
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > cc1: all warnings being treated as errors
> >
> > Caused by commit
> >
> > 602670289b69 ("fortify: Detect struct member overflows in memcpy() at compile-time")
> >
> > interacting with commit
> >
> > 504e1ebb6316 ("btrfs: add BTRFS_IOC_ENCODED_WRITE")
> >
> > from the btrfs tree.
> >
> > I applied the following hack:
> >
> > From: Stephen Rothwell <[email protected]>
> > Date: Tue, 25 Jan 2022 11:47:17 +1100
> > Subject: [PATCH] fix up for "btrfs: add BTRFS_IOC_ENCODED_WRITE"
> >
> > Signed-off-by: Stephen Rothwell <[email protected]>
> > ---
> > fs/btrfs/ioctl.c | 11 ++++++++---
> > 1 file changed, 8 insertions(+), 3 deletions(-)
> >
> > diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
> > index 73ad918a05a9..d34620034f8e 100644
> > --- a/fs/btrfs/ioctl.c
> > +++ b/fs/btrfs/ioctl.c
> > @@ -5079,9 +5079,14 @@ static int btrfs_ioctl_encoded_write(struct file *file, void __user *argp,
> > }
> > args.iov = compat_ptr(args32.iov);
> > args.iovcnt = args32.iovcnt;
> > - memcpy(&args.offset, &args32.offset,
> > - sizeof(args) -
> > - offsetof(struct btrfs_ioctl_encoded_io_args, offset));
> > + args.offset = args32.offset;
> > + args.flags = args32.flags;
> > + args.len = args32.len;
> > + args.unencoded_len = args32.unencoded_len;
> > + args.unencoded_offset = args32.unencoded_offset;
> > + args.compression = args32.compression;
> > + args.encryption = args32.encryption;
> > + memcpy(args.reserved, args32.reserved, sizeof(args.reserved));
> > #else
> > return -ENOTTY;
> > #endif
>
> Thanks, the patchset is still in progress so I'll apply this a fixup
> until the patch gets updated.

This has come back today ... presumably the hack was removed but the
original patch was not fixed.

I have used the btrfs tree from next-20220210 for today.

--
Cheers,
Stephen Rothwell


Attachments:
(No filename) (499.00 B)
OpenPGP digital signature

2022-02-11 16:40:57

by David Sterba

[permalink] [raw]
Subject: Re: linux-next: build failure after merge of the btrfs tree (Was: Re: linux-next: build failure after merge of the kspp tree)

On Fri, Feb 11, 2022 at 10:42:38AM +1100, Stephen Rothwell wrote:
> > > --- a/fs/btrfs/ioctl.c
> > > +++ b/fs/btrfs/ioctl.c
> > > @@ -5079,9 +5079,14 @@ static int btrfs_ioctl_encoded_write(struct file *file, void __user *argp,
> > > }
> > > args.iov = compat_ptr(args32.iov);
> > > args.iovcnt = args32.iovcnt;
> > > - memcpy(&args.offset, &args32.offset,
> > > - sizeof(args) -
> > > - offsetof(struct btrfs_ioctl_encoded_io_args, offset));
> > > + args.offset = args32.offset;
> > > + args.flags = args32.flags;
> > > + args.len = args32.len;
> > > + args.unencoded_len = args32.unencoded_len;
> > > + args.unencoded_offset = args32.unencoded_offset;
> > > + args.compression = args32.compression;
> > > + args.encryption = args32.encryption;
> > > + memcpy(args.reserved, args32.reserved, sizeof(args.reserved));
> > > #else
> > > return -ENOTTY;
> > > #endif
> >
> > Thanks, the patchset is still in progress so I'll apply this a fixup
> > until the patch gets updated.
>
> This has come back today ... presumably the hack was removed but the
> original patch was not fixed.

I've updated the patchset and thought the fixup has been applied but no.
I'll fold it to the patch so it doesn't get lost again.