Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp1498445pxf; Fri, 19 Mar 2021 08:23:33 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwr0do7XL77o3Gnc240+htKpKTPOLnkSW9lBEMdKS1iuuA1eQ7wQkttsejiS9Iuk59l7Xgd X-Received: by 2002:a17:906:6c93:: with SMTP id s19mr4932964ejr.151.1616167413733; Fri, 19 Mar 2021 08:23:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616167413; cv=none; d=google.com; s=arc-20160816; b=vMqQtDmGhXxKZw1hP7S+ntmXqcpiQ+ap6AjaWWKRsWtv68Ah/JEDHpGdS52nl9lsCG 9vCAXr2YRPUB3/4UWRTvZwGMWNdPmxnktT7S1vkbpaRrhXqmDU1a7EuC9dASdGsaVZpl i8E95dFzThxS46Awb0lfR6roALdJtZhs6/QuGs6Wmdbt9S4ItIlnpVvGI9V7rlTmHOBc 2ay+13ne0pq5ogfR3j1pSNlhUGC54j6yo2tZnivBsj53+0e4/sjeMGDdsUiYYoQQxn7p kbRISIFtP3+OhwLdgtz2vVZmdTZr7xUjuxo8vfReA5K2xsjweSBbHgZUa/jSMQNe0pSD U2VQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=ZHMAhBAQOpphLRREZJlNVL6uBoRegoHiEupgJ4ClwKw=; b=jIgHjkiNLAd9XgDbw2nfm/cBMAx7mkNegLmqw+FXr33OuODiNuaBs1ItkezNHYSUx9 5G6kHqFELCJ0aSA8HOrfsyjkc3nAxyseVaV5HJ/iwOzntqmvzhbxr2JsBMqz1bQSIhC5 nDW6MQ5wCS1l8DjB7ei/sqYcLSebu6H5rKJQOoa5dXs7v1Xd1PBKp03UF469R34BVk/Q csMfa7RDFbQcKvE/D6NthyaK2QVrUz3QBIFm5/cGuev758qcBUQ6DxkWV9V6axKRo44u fkdq2TBn4+ZcpEUJFt2HZHKdhZDUZeuGYqbPaXLR1ATeCFPC+YCvdOB4r5bss0Z5GbRj JbPg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@android.com header.s=20161025 header.b="BeQ/Y7G9"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=android.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k15si4514864eji.582.2021.03.19.08.23.11; Fri, 19 Mar 2021 08:23:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@android.com header.s=20161025 header.b="BeQ/Y7G9"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=android.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230046AbhCSPVm (ORCPT + 99 others); Fri, 19 Mar 2021 11:21:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38260 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230272AbhCSPVf (ORCPT ); Fri, 19 Mar 2021 11:21:35 -0400 Received: from mail-wr1-x430.google.com (mail-wr1-x430.google.com [IPv6:2a00:1450:4864:20::430]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8A521C06174A for ; Fri, 19 Mar 2021 08:21:35 -0700 (PDT) Received: by mail-wr1-x430.google.com with SMTP id 61so9477432wrm.12 for ; Fri, 19 Mar 2021 08:21:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=android.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=ZHMAhBAQOpphLRREZJlNVL6uBoRegoHiEupgJ4ClwKw=; b=BeQ/Y7G9PKlLSgTvrVqTbv9UYOwFvwQV2vCiiXKrpFdx48ue4RJWqK2E5Y3hZBX0Zc cRVLYAI4PKFcOpaD8KDxYlQVbGKLLSC0XGuySmfIV1xJ7P3J7gkrsggRSyd7n/GhIvwp Csf/+kj/SYoazFwU7t7Q+PMp29QGE0HTy8GowqGzTWMGtmcdsgOSiiJK2e1maqB05JUv P/68MkGcd14W8EKxbJzg0rkb/bmuYLW/u9JDDRIBwfb1p4BPkcyLEFBQ6UsCobSzKv2y jmHkj/KS5zKOJsKRl8B0siydrMFBIJ+hQmh2zfkZYZmMkoJeC/G6cAf2hs96B7ZL8DZu zSjg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=ZHMAhBAQOpphLRREZJlNVL6uBoRegoHiEupgJ4ClwKw=; b=NYxgaRgsUAsI8GVk6b/K7iTvNidtf4vhOj/Xr687C7zFMKLgYjJSPB5ESGUiG6omao YVYDYjHDt+A/CwrXVEOHnESQDOlD9/EsrtJNTneOHqYGuticr0RgRhMgGWix1pcYL0EJ iRFsg6tusgdMLAXSrmRVjEeA0lzKPx8EC9jpDcMXrQ83oKBAmglAF5oXbAqG6Gej1HYO /PeIfTCJHpPwXim9KT9edbx8DWZ5w+PGkAI65Wx0BxQ7a8opxtveTT9mwm360QngXxfV rQ0m9Bz5ftLTCZyP5EsRWQIFRiBFt1H+CITwBNuL0yqdcqwrOXwtHebQb/n16iMatdsZ vFvQ== X-Gm-Message-State: AOAM532VzbgmCBFtRa69+wkpBPh+2Ws6kqZrehVBy50tJfRNLwi5hTYl jVyDT1Ae/9p4LyFb3xCbEe7cBg== X-Received: by 2002:a5d:67c8:: with SMTP id n8mr5097586wrw.351.1616167294369; Fri, 19 Mar 2021 08:21:34 -0700 (PDT) Received: from google.com ([2a00:79e0:d:210:d49c:45f3:9d86:b2e9]) by smtp.gmail.com with ESMTPSA id 13sm6777119wmw.5.2021.03.19.08.21.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Mar 2021 08:21:34 -0700 (PDT) Date: Fri, 19 Mar 2021 15:21:32 +0000 From: Alessio Balsini To: Arnd Bergmann Cc: Alessio Balsini , Miklos Szeredi , Akilesh Kailash , Amir Goldstein , Antonio SJ Musumeci , David Anderson , Giuseppe Scrivano , Jann Horn , Jens Axboe , Martijn Coenen , Palmer Dabbelt , Paul Lawrence , Peng Tao , Stefano Duo , Zimuzo Ezeozue , wuyan , fuse-devel@lists.sourceforge.net, Android Kernel Team , Linux FS-devel Mailing List , "linux-kernel@vger.kernel.org" Subject: Re: [PATCH RESEND V12 2/8] fuse: 32-bit user space ioctl compat for fuse device Message-ID: References: <20210125153057.3623715-1-balsini@android.com> <20210125153057.3623715-3-balsini@android.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 18, 2021 at 10:15:43PM +0100, Arnd Bergmann wrote: > On Thu, Mar 18, 2021 at 5:13 PM Alessio Balsini wrote: > > On Tue, Mar 16, 2021 at 07:53:06PM +0100, Arnd Bergmann wrote: > > > On Mon, Jan 25, 2021 at 4:48 PM Alessio Balsini wrote: > > > > > > > > Thanks for spotting this possible criticality. > > > > I noticed that 32-bit users pace was unable to use the > > FUSE_DEV_IOC_CLONE ioctl on 64-bit kernels, so this change avoid this > > issue by forcing the kernel to interpret 32 and 64 bit > > FUSE_DEV_IOC_CLONE command as if they were the same. > > As far as I can tell from the kernel headers, the command code should > be the same for both 32-bit and 64-bit tasks: 0x8004e500. > Can you find out what exact value you see in the user space that was > causing problems, and how it ended up with a different value than > the 64-bit version? > > If there are two possible command codes, I'd suggest you just change > the driver to handle both variants explicitly, but not any other one. > > > This is the simplest solution I could find as the UAPI is not changed > > as, as you mentioned, the argument doesn't require any conversion. > > > > I understand that this might limit possible future extensions of the > > FUSE_DEV_IOC_XXX ioctls if their in/out argument changed depending on > > the architecture, but only at that point we can switch to using the > > compat layer, right? > > > > What I'm worried about is the direction, do you think this would be an > > issue? > > > > I can start working on a compat layer fix meanwhile. > > For a proper well-designed ioctl interface, compat support should not > need anything beyond the '.compat_ioctl = compat_ptr_ioctl' > assignment. > > Arnd You are right and now I can see what happened here. When I introduce the PASSTHROUGH ioctl, because of the 'void *', the command mismatches on _IOC_SIZE(nr). I solved this by only testing _IOC_NUMBER and _IOC_TYPE, implicitely (mistakenly) removing the _IOC_SIZE check. So, the fuse_dev_ioctl was correctly rejecting the ioctl request from 32-bit userspace because of the wrong size and I was just forcing it to digest the wrong data regardless. Ouch! The commit message for this patch would still be incorrect, but I posted a fix here to bring the ioctl checking back to the original behavior: https://lore.kernel.org/lkml/20210319150514.1315985-1-balsini@android.com/ Thanks for spotting this! Alessio