From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Darrick J. Wong" <darrick.wong@oracle.com>
Subject: Re: Argument type for FS_IOC_GETFLAGS/FS_IOC_SETFLAGS ioctls
Date: Tue, 26 Nov 2013 17:01:41 -0800
Message-ID: <20131127010141.GA10273@birch.djwong.org>
References: <20131126200559.GH20559@hall.aurel32.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Alexander Viro <viro@zeniv.linux.org.uk>,
	linux-fsdevel@vger.kernel.org, Robert Edmonds <edmonds@debian.org>,
	Rob Browning <rlb@defaultvalue.org>
To: Aurelien Jarno <aurelien@aurel32.net>
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from userp1040.oracle.com ([156.151.31.81]:40786 "EHLO
	userp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753134Ab3K0BCQ (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Tue, 26 Nov 2013 20:02:16 -0500
Content-Disposition: inline
In-Reply-To: <20131126200559.GH20559@hall.aurel32.net>
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

On Tue, Nov 26, 2013 at 09:05:59PM +0100, Aurelien Jarno wrote:
> Hi,
> 
> If I understand correctly how ioctl declarations works, FS_IOC_GETFLAGS
> and FS_IOC_SETFLAGS ioctls take a pointer to a long argument, at least
> according to include/uapi/linux/fs.h:
> 
> | #define FS_IOC_GETFLAGS                 _IOR('f', 1, long)
> | #define FS_IOC_SETFLAGS                 _IOW('f', 2, long)
> 
> Not also the 32-bit compat versions of the ioctls takes an int:
> 
> | #define FS_IOC32_GETFLAGS               _IOR('f', 1, int)
> | #define FS_IOC32_SETFLAGS               _IOW('f', 2, int)
> 
> However on the kernel side, all the filesystem interpret these values as
> an int. For example in fs/ext4/ioctl.c:
> 
> |        unsigned int flags;
> | ...
> |                 return put_user(flags, (int __user *) arg);
> | ...
> |                 if (get_user(flags, (int __user *) arg))
> | ...
> 
> Most of the userland code seems to pass an int to this ioctl, but a few
> others (e.g.: bup, libexplain) passes a long. While it doesn't make a
> difference on little endian machines, it does make a difference on
> 64-bit big endian machines.
> 
> Could you please tell me if I am wrong in my analysis or if there is a
> actually real problem?

It also causes problems with FUSE, because the kernel fuse driver expects to be
able to transfer a ulong to and from userspace, but chattr & friends only
allocate an int on the stack, so stack mashing seems to happen.

I complained to tytso about it on linux-ext4 a while ago, he suggested
special-casing fuse... I haven't gotten around to doing that.

--D
> 
> Thanks,
> Aurelien
> 
> -- 
> Aurelien Jarno	                        GPG: 1024D/F1BCDB73
> aurelien@aurel32.net                 http://www.aurel32.net