Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp685623pxf; Thu, 18 Mar 2021 09:17:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyK7akD68wg9wXiiq3IywUPbonK9OYwctz4CMGRmb1o7jrls3Y4AmsFOMRuAUWmTFrDQJvt X-Received: by 2002:a17:906:cd05:: with SMTP id oz5mr42690023ejb.345.1616084268482; Thu, 18 Mar 2021 09:17:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616084268; cv=none; d=google.com; s=arc-20160816; b=exJEsTwE6stxwQIaFgR1vsR97+ycVAJZ8eSyWMTgfv8BQ4PK1QyfWHpDTahKaljGjh d3mMbKcBt19XufJNLBU4XUSEPVtruAldMB13TCmwZDqRXAIsE61WeYkAzprtuk6q6PvG PvKaoZDfcuzP04QnhzY4/YG4H5TzZeI/19DV/2KHWttDp/iyPbZBhlvuvUVw9zlRT8Fx zfPvbRzoUDyaPIgy7f/8CoJrSVGW3sEP3Nhi8OrmAFJI6dQj0+B2exjOhMeqaaDKtWtD CmossBrDnP3VYsWwTyc7LC00kUjgxHRbuUIMhPoIDWPk6gUDyp/WkjtGEe/Mkr2fQiaM s4MQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=BINIGwJxwGmOwEiPbRzuCVVu9BcgGBArfEIZAsM96Eo=; b=Zv6jOwtZiwGYMHHM4byVh1131lMO1+vRJbgQRk5+IvfN/tTRhykONYuKCD45lWOzr7 h1kpDPNCmli7b6ugSOzrp1dO3f+8h8X/yfCZnX/HU+6XnC7E+nuEPtqCKlNbFzU9pMsy cIh47/PXw7kvJFOJTdLb/WNHMSILFNO3C7RUHcLjbz26w6kWrshemtzC/tzoZwLL1aY0 Fmf3Ep4ZL5EQduhOana69tFDeeFytv/utjQwcv0w7PLRlrYnubrxxhbq7mZD91evq7uU wNrzdTsj0zGJURAKVzwYYYaUkAzYEYcodxVb9ubtFbXqHYViPeFcuPRI5auduo+hsgdC ToIQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@android.com header.s=20161025 header.b=PJyzt0TQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=android.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a8si1937282edq.601.2021.03.18.09.17.25; Thu, 18 Mar 2021 09:17:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@android.com header.s=20161025 header.b=PJyzt0TQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=android.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231949AbhCRQNy (ORCPT + 99 others); Thu, 18 Mar 2021 12:13:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48784 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230425AbhCRQN0 (ORCPT ); Thu, 18 Mar 2021 12:13:26 -0400 Received: from mail-wm1-x32d.google.com (mail-wm1-x32d.google.com [IPv6:2a00:1450:4864:20::32d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73FA3C06174A for ; Thu, 18 Mar 2021 09:13:26 -0700 (PDT) Received: by mail-wm1-x32d.google.com with SMTP id j4-20020a05600c4104b029010c62bc1e20so3711767wmi.3 for ; Thu, 18 Mar 2021 09:13:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=android.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=BINIGwJxwGmOwEiPbRzuCVVu9BcgGBArfEIZAsM96Eo=; b=PJyzt0TQAZ6q+XU89v8X2lZwTXRSjsGBr+roWlDXFOCw/q7BkcPc9KKR9l3+EBKput BOBLc/wttyIbmktCUuPGof6wydF/xyMXMFU1emN7DYvAdztIqufIGIwExca8SlLseDtq uTEc0LZEE68/QpDM0rEjPP+1WuZxmzceuYPX6tEyVf/2o5Ol1lF3BDb2aRaFFS9rSo0a HsC9n9pOeJtnWPS2t50tj1R8uLt4Rn1dDcEb7PubZ4XhvWufHicBFN9eGsAGliQbVPKE FNLXqByAUPPT91tPyTpNOzClHDMZJDcn3Th3cyLF/vNEXQ3y2mwtpOCN7uasBirnelYi WYOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=BINIGwJxwGmOwEiPbRzuCVVu9BcgGBArfEIZAsM96Eo=; b=HJn2biYqXI8rn/B6X61yRwYjr34xV0L2Kr64XOL55F7ok9dgRT3dACG9r0qy3SId0d hTBebMPgXvaKTlrXtId+9d5qszIw++GMPgEBaJrt2EVW2F4wggku0VR2yla7RFRn0x9q fro9xVi9YldSGdaCkwWuyJm6uwuRtYmE3a0dSFWptVZ7j9yI6dbYsU/oqeCiuyQ/bdM0 CaVzymU+NhNuSUGwnjmFuf8hSR+CHM7k+P1/B6+VSFHNHvH/jFPCZK0EngLsc54w0VOW DsOuTnhahH+Ui7MY/zGTpE6uqdrWI5LXIAvaga+enqa4cuuwXlGWONZeLX2sz+BOromi RSiQ== X-Gm-Message-State: AOAM532xYRtzFgv8ntiX8XcvL4UUvbLN8wbTdSjaBPUyiUxpkT50ejj7 9wZuneIYml7o/grSefEX+OX3zQ== X-Received: by 2002:a7b:ca44:: with SMTP id m4mr11269wml.103.1616084005261; Thu, 18 Mar 2021 09:13:25 -0700 (PDT) Received: from google.com ([2a00:79e0:d:210:d49c:45f3:9d86:b2e9]) by smtp.gmail.com with ESMTPSA id t188sm3042384wma.25.2021.03.18.09.13.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Mar 2021 09:13:24 -0700 (PDT) Date: Thu, 18 Mar 2021 16:13:23 +0000 From: Alessio Balsini To: Arnd Bergmann Cc: Alessio Balsini , Miklos Szeredi , Akilesh Kailash , Amir Goldstein , Antonio SJ Musumeci , David Anderson , Giuseppe Scrivano , Jann Horn , Jens Axboe , Martijn Coenen , Palmer Dabbelt , Paul Lawrence , Peng Tao , Stefano Duo , Zimuzo Ezeozue , wuyan , fuse-devel@lists.sourceforge.net, Android Kernel Team , Linux FS-devel Mailing List , "linux-kernel@vger.kernel.org" Subject: Re: [PATCH RESEND V12 2/8] fuse: 32-bit user space ioctl compat for fuse device Message-ID: References: <20210125153057.3623715-1-balsini@android.com> <20210125153057.3623715-3-balsini@android.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Mar 16, 2021 at 07:53:06PM +0100, Arnd Bergmann wrote: > On Mon, Jan 25, 2021 at 4:48 PM Alessio Balsini wrote: > > > > With a 64-bit kernel build the FUSE device cannot handle ioctl requests > > coming from 32-bit user space. > > This is due to the ioctl command translation that generates different > > command identifiers that thus cannot be used for direct comparisons > > without proper manipulation. > > > > Explicitly extract type and number from the ioctl command to enable > > 32-bit user space compatibility on 64-bit kernel builds. > > > > Signed-off-by: Alessio Balsini > > I saw this commit go into the mainline kernel, and I'm worried that this > doesn't do what the description says. Since the argument is a 'uint32_t', > it is the same on both 32-bit and 64-bit user space, and the patch won't > make any difference for compat mode, as long as that is using the normal > uapi headers. > > If there is any user space that has a different definition of > FUSE_DEV_IOC_CLONE, that may now successfully call > this ioctl command, but the kernel will now also accept any other > command code that has the same type and number, but an > arbitrary direction or size argument. > > I think this should be changed back to specifically allow the > command code(s) that are actually used and nothing else. > > Arnd Hi Arnd, Thanks for spotting this possible criticality. I noticed that 32-bit users pace was unable to use the FUSE_DEV_IOC_CLONE ioctl on 64-bit kernels, so this change avoid this issue by forcing the kernel to interpret 32 and 64 bit FUSE_DEV_IOC_CLONE command as if they were the same. This is the simplest solution I could find as the UAPI is not changed as, as you mentioned, the argument doesn't require any conversion. I understand that this might limit possible future extensions of the FUSE_DEV_IOC_XXX ioctls if their in/out argument changed depending on the architecture, but only at that point we can switch to using the compat layer, right? What I'm worried about is the direction, do you think this would be an issue? I can start working on a compat layer fix meanwhile. Thanks, Alessio