lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 31 Jan 2009 02:48:41 +0100
From:	Arnd Bergmann <arnd@...db.de>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Ankit Jain <me@...itjain.org>, viro@...iv.linux.org.uk,
	hch@...radead.org, linux-fsdevel@...r.kernel.org, mfasheh@...e.com,
	joel.becker@...cle.com, ocfs2-devel@....oracle.com,
	linux-kernel@...r.kernel.org, xfs-masters@....sgi.com,
	xfs@....sgi.com
Subject: Re: [PATCH] fs: Add new pre-allocation ioctls to vfs for compatibility with legacy xfs ioctls

On Saturday 31 January 2009, Andrew Morton wrote:
> Is this written in a standard somewhere?  Is it guaranteed?

Alignment is defined in the architecture psABI documents. 
Unfortunately, many of them were written before the 'long long'
type became part of the C standard, so it's not strictly guaranteed.
AFAICT, the alignment of __u64 on x86 is the same as the alignment
of 'double' by convention.

However, the problem is well-understood: x86 is the only one
that has a problem in 32/64 bit compat mode. m68k has similar
issues with 16/32 bit integers, but those don't apply here.

> If some (perhaps non-gcc) compiler were to lay this out differently
> (perhaps with suitable command-line options) then that's liveable
> with - as long as the kernel never changes the layout.  Of course
> it would be better to avoid this if poss.

If a compiler was using irregular structure alignment, all sorts of
library interfaces would break. The kernel ABI is only a small part
of the problem then.

> The other potential issue with a structure like this is that there's a
> risk that it will lead us to copy four bytes of uninitialised kernel
> memory out to userspace.
> 
> IOW, it seems a generally bad idea to rely upon compiler-added padding
> for this sort of thing.

Agreed in general, but the whole point of this particular patch was to
provide compatibility with an interface that has been part of XFS for
many years.
Linux already has a better interface for new users (sys_fallocate), so
changing the patch would not be helpful and not provide any advantage.

There is also no leak of uninitialized data here, because this structure
is only read, never written.

	Arnd <><
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ