On Thu, Jun 22, 2023 at 07:29:52PM +0200, Mikulas Patocka wrote: > > > On Sat, 3 Jun 2023, Demi Marie Obenour wrote: > > > Otherwise subsequent code will dereference a misaligned > > `struct dm_target_spec *`, which is undefined behavior. > > > > Signed-off-by: Demi Marie Obenour <demi@xxxxxxxxxxxxxxxxxxxxxx> > > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") > > Cc: stable@xxxxxxxxxxxxxxx > > --- > > drivers/md/dm-ioctl.c | 7 +++++++ > > 1 file changed, 7 insertions(+) > > > > diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c > > index cc77cf3d410921432eb0c62cdede7d55b9aa674a..34fa74c6a70db8aa67aaba3f6a2fc4f38ef736bc 100644 > > --- a/drivers/md/dm-ioctl.c > > +++ b/drivers/md/dm-ioctl.c > > @@ -1394,6 +1394,13 @@ static inline fmode_t get_mode(struct dm_ioctl *param) > > static int next_target(struct dm_target_spec *last, uint32_t next, void *end, > > struct dm_target_spec **spec, char **target_params) > > { > > + static_assert(_Alignof(struct dm_target_spec) <= 8, > > + "struct dm_target_spec has excessive alignment requirements"); > > + if (next % 8) { > > + DMERR("Next target spec (offset %u) is not 8-byte aligned", next); > > + return -EINVAL; > > + } > > + > > *spec = (struct dm_target_spec *) ((unsigned char *) last + next); > > *target_params = (char *) (*spec + 1); > > > > -- > > Sincerely, > > Demi Marie Obenour (she/her/hers) > > Invisible Things Lab > > Hi > > Some architectures (such as 32-bit x86) specify that the alignment of > 64-bit integers is only 4-byte. This could in theory break old userspace > code that only uses 4-byte alignment. I would change "next % 8" to "next % > __alignof__(struct dm_target_spec)". That’s fine, provided that the rest of the code is okay with 4-byte alignment. > I think that there is no need to backport this patch series to the stable > kernels because the bugs that it fixes may only be exploited by the user > with CAP_SYS_ADMIN privilege. So, there is no security or reliability > problem being fixed. I agree that there is no reliability problem, but with kernel lockdown root → kernel is a security boundary, so fixes for memory unsafety problems should still be backported IMO. -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab
Attachment:
signature.asc
Description: PGP signature
-- dm-devel mailing list dm-devel@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/dm-devel