* improve compat handling for the i386 u64 alignment quirk v3 @ 2020-09-17 7:41 Christoph Hellwig 2020-09-17 7:41 ` [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> Christoph Hellwig ` (2 more replies) 0 siblings, 3 replies; 7+ messages in thread From: Christoph Hellwig @ 2020-09-17 7:41 UTC (permalink / raw) To: x86, Jan Kara Cc: linux-arm-kernel, linux-fsdevel, linux-kernel, linux-api, linux-arch Hi all, the i386 ABI is a little special in that it uses less than natural alignment for 64-bit integer types (u64 and s64), and a significant amount of our compat handlers deals with just that. Unfortunately there is no good way to check for this specific quirk at runtime, similar how in_compat_syscall() checks for a compat syscall. This series adds such a check, and then uses the quota code as an example of how this improves the compat handling. I have a few other places in mind where this will also be useful going forward. Changes since v2: - drop the patch to use <linux/compat.h> in the arm64 headers Changes since v1: - use asm-generic/compat.h instead of linux/compat.h for compat_u64 and compat_s64 - fix a typo Diffstat: b/arch/arm64/include/asm/compat.h | 2 b/arch/mips/include/asm/compat.h | 2 b/arch/parisc/include/asm/compat.h | 2 b/arch/powerpc/include/asm/compat.h | 2 b/arch/s390/include/asm/compat.h | 2 b/arch/sparc/include/asm/compat.h | 3 b/arch/x86/entry/syscalls/syscall_32.tbl | 2 b/arch/x86/include/asm/compat.h | 3 b/fs/quota/Kconfig | 5 - b/fs/quota/Makefile | 1 b/fs/quota/compat.h | 34 ++++++++ b/fs/quota/quota.c | 73 +++++++++++++++--- b/include/asm-generic/compat.h | 8 ++ b/include/linux/compat.h | 9 ++ b/include/linux/quotaops.h | 3 b/kernel/sys_ni.c | 1 fs/quota/compat.c | 120 ------------------------------- 17 files changed, 113 insertions(+), 159 deletions(-) ^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> 2020-09-17 7:41 improve compat handling for the i386 u64 alignment quirk v3 Christoph Hellwig @ 2020-09-17 7:41 ` Christoph Hellwig 2020-09-17 15:05 ` Arnd Bergmann 2020-09-17 16:50 ` Al Viro 2020-09-17 7:41 ` [PATCH 2/3] compat: add a compat_need_64bit_alignment_fixup() helper Christoph Hellwig 2020-09-17 7:41 ` [PATCH 3/3] quota: simplify the quotactl compat handling Christoph Hellwig 2 siblings, 2 replies; 7+ messages in thread From: Christoph Hellwig @ 2020-09-17 7:41 UTC (permalink / raw) To: x86, Jan Kara Cc: linux-arm-kernel, linux-fsdevel, linux-kernel, linux-api, linux-arch lift the compat_s64 and compat_u64 definitions into common code using the COMPAT_FOR_U64_ALIGNMENT symbol for the x86 special case. Signed-off-by: Christoph Hellwig <hch@lst.de> --- arch/arm64/include/asm/compat.h | 2 -- arch/mips/include/asm/compat.h | 2 -- arch/parisc/include/asm/compat.h | 2 -- arch/powerpc/include/asm/compat.h | 2 -- arch/s390/include/asm/compat.h | 2 -- arch/sparc/include/asm/compat.h | 3 +-- arch/x86/include/asm/compat.h | 2 -- include/asm-generic/compat.h | 8 ++++++++ 8 files changed, 9 insertions(+), 14 deletions(-) diff --git a/arch/arm64/include/asm/compat.h b/arch/arm64/include/asm/compat.h index 935d2aa231bf06..23a9fb73c04ff8 100644 --- a/arch/arm64/include/asm/compat.h +++ b/arch/arm64/include/asm/compat.h @@ -35,8 +35,6 @@ typedef s32 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; typedef __kernel_fsid_t compat_fsid_t; -typedef s64 compat_s64; -typedef u64 compat_u64; struct compat_stat { #ifdef __AARCH64EB__ diff --git a/arch/mips/include/asm/compat.h b/arch/mips/include/asm/compat.h index 255afcdd79c94b..65975712a22dcf 100644 --- a/arch/mips/include/asm/compat.h +++ b/arch/mips/include/asm/compat.h @@ -26,8 +26,6 @@ typedef s32 compat_caddr_t; typedef struct { s32 val[2]; } compat_fsid_t; -typedef s64 compat_s64; -typedef u64 compat_u64; struct compat_stat { compat_dev_t st_dev; diff --git a/arch/parisc/include/asm/compat.h b/arch/parisc/include/asm/compat.h index 2f4f66a3bac079..8f33085ff1bd88 100644 --- a/arch/parisc/include/asm/compat.h +++ b/arch/parisc/include/asm/compat.h @@ -22,8 +22,6 @@ typedef u32 compat_dev_t; typedef u16 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; -typedef s64 compat_s64; -typedef u64 compat_u64; struct compat_stat { compat_dev_t st_dev; /* dev_t is 32 bits on parisc */ diff --git a/arch/powerpc/include/asm/compat.h b/arch/powerpc/include/asm/compat.h index 3e3cdfaa76c6a5..9191fc29e6ed11 100644 --- a/arch/powerpc/include/asm/compat.h +++ b/arch/powerpc/include/asm/compat.h @@ -27,8 +27,6 @@ typedef s16 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; typedef __kernel_fsid_t compat_fsid_t; -typedef s64 compat_s64; -typedef u64 compat_u64; struct compat_stat { compat_dev_t st_dev; diff --git a/arch/s390/include/asm/compat.h b/arch/s390/include/asm/compat.h index 9547cd5d6cdc21..ea5b9c34b7be5b 100644 --- a/arch/s390/include/asm/compat.h +++ b/arch/s390/include/asm/compat.h @@ -63,8 +63,6 @@ typedef u16 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; typedef __kernel_fsid_t compat_fsid_t; -typedef s64 compat_s64; -typedef u64 compat_u64; typedef struct { u32 mask; diff --git a/arch/sparc/include/asm/compat.h b/arch/sparc/include/asm/compat.h index 40a267b3bd5208..b85842cda99fe0 100644 --- a/arch/sparc/include/asm/compat.h +++ b/arch/sparc/include/asm/compat.h @@ -21,8 +21,7 @@ typedef s16 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; typedef __kernel_fsid_t compat_fsid_t; -typedef s64 compat_s64; -typedef u64 compat_u64; + struct compat_stat { compat_dev_t st_dev; compat_ino_t st_ino; diff --git a/arch/x86/include/asm/compat.h b/arch/x86/include/asm/compat.h index d4edf281fff49d..bf547701f41f87 100644 --- a/arch/x86/include/asm/compat.h +++ b/arch/x86/include/asm/compat.h @@ -27,8 +27,6 @@ typedef u16 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; typedef __kernel_fsid_t compat_fsid_t; -typedef s64 __attribute__((aligned(4))) compat_s64; -typedef u64 __attribute__((aligned(4))) compat_u64; struct compat_stat { compat_dev_t st_dev; diff --git a/include/asm-generic/compat.h b/include/asm-generic/compat.h index a86f65bffab8d0..30f7b18a36f939 100644 --- a/include/asm-generic/compat.h +++ b/include/asm-generic/compat.h @@ -22,4 +22,12 @@ typedef u32 compat_ulong_t; typedef u32 compat_uptr_t; typedef u32 compat_aio_context_t; +#ifdef CONFIG_COMPAT_FOR_U64_ALIGNMENT +typedef s64 __attribute__((aligned(4))) compat_s64; +typedef u64 __attribute__((aligned(4))) compat_u64; +#else +typedef s64 compat_s64; +typedef u64 compat_u64; +#endif + #endif -- 2.28.0 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> 2020-09-17 7:41 ` [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> Christoph Hellwig @ 2020-09-17 15:05 ` Arnd Bergmann 2020-09-17 16:50 ` Al Viro 1 sibling, 0 replies; 7+ messages in thread From: Arnd Bergmann @ 2020-09-17 15:05 UTC (permalink / raw) To: Christoph Hellwig Cc: the arch/x86 maintainers, Jan Kara, Linux ARM, Linux FS-devel Mailing List, linux-kernel, Linux API, linux-arch On Thu, Sep 17, 2020 at 9:46 AM Christoph Hellwig <hch@lst.de> wrote: > > lift the compat_s64 and compat_u64 definitions into common code using the > COMPAT_FOR_U64_ALIGNMENT symbol for the x86 special case. > > Signed-off-by: Christoph Hellwig <hch@lst.de> > --- > arch/arm64/include/asm/compat.h | 2 -- > arch/mips/include/asm/compat.h | 2 -- > arch/parisc/include/asm/compat.h | 2 -- > arch/powerpc/include/asm/compat.h | 2 -- > arch/s390/include/asm/compat.h | 2 -- > arch/sparc/include/asm/compat.h | 3 +-- > arch/x86/include/asm/compat.h | 2 -- > include/asm-generic/compat.h | 8 ++++++++ > 8 files changed, 9 insertions(+), 14 deletions(-) Acked-by: Arnd Bergmann <arnd@arndb.de> ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> 2020-09-17 7:41 ` [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> Christoph Hellwig 2020-09-17 15:05 ` Arnd Bergmann @ 2020-09-17 16:50 ` Al Viro 1 sibling, 0 replies; 7+ messages in thread From: Al Viro @ 2020-09-17 16:50 UTC (permalink / raw) To: Christoph Hellwig Cc: x86, Jan Kara, linux-arm-kernel, linux-fsdevel, linux-kernel, linux-api, linux-arch On Thu, Sep 17, 2020 at 09:41:57AM +0200, Christoph Hellwig wrote: > lift the compat_s64 and compat_u64 definitions into common code using the > COMPAT_FOR_U64_ALIGNMENT symbol for the x86 special case. OK... Unlike the previous series it's not trying to wean arm64 off the direct includes of asm/compat.h, avoiding the breakage you've got there. Looks sane, applied. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 2/3] compat: add a compat_need_64bit_alignment_fixup() helper 2020-09-17 7:41 improve compat handling for the i386 u64 alignment quirk v3 Christoph Hellwig 2020-09-17 7:41 ` [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> Christoph Hellwig @ 2020-09-17 7:41 ` Christoph Hellwig 2020-09-17 7:41 ` [PATCH 3/3] quota: simplify the quotactl compat handling Christoph Hellwig 2 siblings, 0 replies; 7+ messages in thread From: Christoph Hellwig @ 2020-09-17 7:41 UTC (permalink / raw) To: x86, Jan Kara Cc: linux-arm-kernel, linux-fsdevel, linux-kernel, linux-api, linux-arch Add a helper to check if the calling syscall needs a fixup for non-natural 64-bit type alignment in the compat ABI. This will only return true for i386 syscalls on x86_64. Signed-off-by: Christoph Hellwig <hch@lst.de> --- arch/x86/include/asm/compat.h | 1 + include/linux/compat.h | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/arch/x86/include/asm/compat.h b/arch/x86/include/asm/compat.h index bf547701f41f87..0e327a01f50fbb 100644 --- a/arch/x86/include/asm/compat.h +++ b/arch/x86/include/asm/compat.h @@ -209,6 +209,7 @@ static inline bool in_compat_syscall(void) return in_32bit_syscall(); } #define in_compat_syscall in_compat_syscall /* override the generic impl */ +#define compat_need_64bit_alignment_fixup in_ia32_syscall #endif struct compat_siginfo; diff --git a/include/linux/compat.h b/include/linux/compat.h index b354ce58966e2d..fd10c3a692c2cc 100644 --- a/include/linux/compat.h +++ b/include/linux/compat.h @@ -932,6 +932,15 @@ static inline bool in_compat_syscall(void) { return false; } #endif /* CONFIG_COMPAT */ +/* + * Some legacy ABIs like the i386 one use less than natural alignment for 64-bit + * types, and will need special compat treatment for that. Most architectures + * don't need that special handling even for compat syscalls. + */ +#ifndef compat_need_64bit_alignment_fixup +#define compat_need_64bit_alignment_fixup() false +#endif + /* * A pointer passed in from user mode. This should not * be used for syscall parameters, just declare them -- 2.28.0 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 3/3] quota: simplify the quotactl compat handling 2020-09-17 7:41 improve compat handling for the i386 u64 alignment quirk v3 Christoph Hellwig 2020-09-17 7:41 ` [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> Christoph Hellwig 2020-09-17 7:41 ` [PATCH 2/3] compat: add a compat_need_64bit_alignment_fixup() helper Christoph Hellwig @ 2020-09-17 7:41 ` Christoph Hellwig 2 siblings, 0 replies; 7+ messages in thread From: Christoph Hellwig @ 2020-09-17 7:41 UTC (permalink / raw) To: x86, Jan Kara Cc: linux-arm-kernel, linux-fsdevel, linux-kernel, linux-api, linux-arch, Jan Kara Fold the misaligned u64 workarounds into the main quotactl flow instead of implementing a separate compat syscall handler. Signed-off-by: Christoph Hellwig <hch@lst.de> Acked-by: Jan Kara <jack@suse.cz> --- arch/x86/entry/syscalls/syscall_32.tbl | 2 +- fs/quota/Kconfig | 5 -- fs/quota/Makefile | 1 - fs/quota/compat.c | 120 ------------------------- fs/quota/compat.h | 34 +++++++ fs/quota/quota.c | 73 ++++++++++++--- include/linux/quotaops.h | 3 - kernel/sys_ni.c | 1 - 8 files changed, 94 insertions(+), 145 deletions(-) delete mode 100644 fs/quota/compat.c create mode 100644 fs/quota/compat.h diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index 9d11028736661b..3db3d8823dc899 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -142,7 +142,7 @@ 128 i386 init_module sys_init_module 129 i386 delete_module sys_delete_module 130 i386 get_kernel_syms -131 i386 quotactl sys_quotactl compat_sys_quotactl32 +131 i386 quotactl sys_quotactl 132 i386 getpgid sys_getpgid 133 i386 fchdir sys_fchdir 134 i386 bdflush sys_bdflush diff --git a/fs/quota/Kconfig b/fs/quota/Kconfig index d1ceb76adb71e7..b59cd172b5f97c 100644 --- a/fs/quota/Kconfig +++ b/fs/quota/Kconfig @@ -70,8 +70,3 @@ config QFMT_V2 config QUOTACTL bool default n - -config QUOTACTL_COMPAT - bool - depends on QUOTACTL && COMPAT_FOR_U64_ALIGNMENT - default y diff --git a/fs/quota/Makefile b/fs/quota/Makefile index f2b49d0f0287c9..9160639daffa75 100644 --- a/fs/quota/Makefile +++ b/fs/quota/Makefile @@ -4,5 +4,4 @@ obj-$(CONFIG_QFMT_V1) += quota_v1.o obj-$(CONFIG_QFMT_V2) += quota_v2.o obj-$(CONFIG_QUOTA_TREE) += quota_tree.o obj-$(CONFIG_QUOTACTL) += quota.o kqid.o -obj-$(CONFIG_QUOTACTL_COMPAT) += compat.o obj-$(CONFIG_QUOTA_NETLINK_INTERFACE) += netlink.o diff --git a/fs/quota/compat.c b/fs/quota/compat.c deleted file mode 100644 index c305728576193d..00000000000000 --- a/fs/quota/compat.c +++ /dev/null @@ -1,120 +0,0 @@ -// SPDX-License-Identifier: GPL-2.0 - -#include <linux/syscalls.h> -#include <linux/compat.h> -#include <linux/quotaops.h> - -/* - * This code works only for 32 bit quota tools over 64 bit OS (x86_64, ia64) - * and is necessary due to alignment problems. - */ -struct compat_if_dqblk { - compat_u64 dqb_bhardlimit; - compat_u64 dqb_bsoftlimit; - compat_u64 dqb_curspace; - compat_u64 dqb_ihardlimit; - compat_u64 dqb_isoftlimit; - compat_u64 dqb_curinodes; - compat_u64 dqb_btime; - compat_u64 dqb_itime; - compat_uint_t dqb_valid; -}; - -/* XFS structures */ -struct compat_fs_qfilestat { - compat_u64 dqb_bhardlimit; - compat_u64 qfs_nblks; - compat_uint_t qfs_nextents; -}; - -struct compat_fs_quota_stat { - __s8 qs_version; - __u16 qs_flags; - __s8 qs_pad; - struct compat_fs_qfilestat qs_uquota; - struct compat_fs_qfilestat qs_gquota; - compat_uint_t qs_incoredqs; - compat_int_t qs_btimelimit; - compat_int_t qs_itimelimit; - compat_int_t qs_rtbtimelimit; - __u16 qs_bwarnlimit; - __u16 qs_iwarnlimit; -}; - -COMPAT_SYSCALL_DEFINE4(quotactl32, unsigned int, cmd, - const char __user *, special, qid_t, id, - void __user *, addr) -{ - unsigned int cmds; - struct if_dqblk __user *dqblk; - struct compat_if_dqblk __user *compat_dqblk; - struct fs_quota_stat __user *fsqstat; - struct compat_fs_quota_stat __user *compat_fsqstat; - compat_uint_t data; - u16 xdata; - long ret; - - cmds = cmd >> SUBCMDSHIFT; - - switch (cmds) { - case Q_GETQUOTA: - dqblk = compat_alloc_user_space(sizeof(struct if_dqblk)); - compat_dqblk = addr; - ret = kernel_quotactl(cmd, special, id, dqblk); - if (ret) - break; - if (copy_in_user(compat_dqblk, dqblk, sizeof(*compat_dqblk)) || - get_user(data, &dqblk->dqb_valid) || - put_user(data, &compat_dqblk->dqb_valid)) - ret = -EFAULT; - break; - case Q_SETQUOTA: - dqblk = compat_alloc_user_space(sizeof(struct if_dqblk)); - compat_dqblk = addr; - ret = -EFAULT; - if (copy_in_user(dqblk, compat_dqblk, sizeof(*compat_dqblk)) || - get_user(data, &compat_dqblk->dqb_valid) || - put_user(data, &dqblk->dqb_valid)) - break; - ret = kernel_quotactl(cmd, special, id, dqblk); - break; - case Q_XGETQSTAT: - fsqstat = compat_alloc_user_space(sizeof(struct fs_quota_stat)); - compat_fsqstat = addr; - ret = kernel_quotactl(cmd, special, id, fsqstat); - if (ret) - break; - ret = -EFAULT; - /* Copying qs_version, qs_flags, qs_pad */ - if (copy_in_user(compat_fsqstat, fsqstat, - offsetof(struct compat_fs_quota_stat, qs_uquota))) - break; - /* Copying qs_uquota */ - if (copy_in_user(&compat_fsqstat->qs_uquota, - &fsqstat->qs_uquota, - sizeof(compat_fsqstat->qs_uquota)) || - get_user(data, &fsqstat->qs_uquota.qfs_nextents) || - put_user(data, &compat_fsqstat->qs_uquota.qfs_nextents)) - break; - /* Copying qs_gquota */ - if (copy_in_user(&compat_fsqstat->qs_gquota, - &fsqstat->qs_gquota, - sizeof(compat_fsqstat->qs_gquota)) || - get_user(data, &fsqstat->qs_gquota.qfs_nextents) || - put_user(data, &compat_fsqstat->qs_gquota.qfs_nextents)) - break; - /* Copying the rest */ - if (copy_in_user(&compat_fsqstat->qs_incoredqs, - &fsqstat->qs_incoredqs, - sizeof(struct compat_fs_quota_stat) - - offsetof(struct compat_fs_quota_stat, qs_incoredqs)) || - get_user(xdata, &fsqstat->qs_iwarnlimit) || - put_user(xdata, &compat_fsqstat->qs_iwarnlimit)) - break; - ret = 0; - break; - default: - ret = kernel_quotactl(cmd, special, id, addr); - } - return ret; -} diff --git a/fs/quota/compat.h b/fs/quota/compat.h new file mode 100644 index 00000000000000..ef7d1e12d650b3 --- /dev/null +++ b/fs/quota/compat.h @@ -0,0 +1,34 @@ +// SPDX-License-Identifier: GPL-2.0 +#include <linux/compat.h> + +struct compat_if_dqblk { + compat_u64 dqb_bhardlimit; + compat_u64 dqb_bsoftlimit; + compat_u64 dqb_curspace; + compat_u64 dqb_ihardlimit; + compat_u64 dqb_isoftlimit; + compat_u64 dqb_curinodes; + compat_u64 dqb_btime; + compat_u64 dqb_itime; + compat_uint_t dqb_valid; +}; + +struct compat_fs_qfilestat { + compat_u64 dqb_bhardlimit; + compat_u64 qfs_nblks; + compat_uint_t qfs_nextents; +}; + +struct compat_fs_quota_stat { + __s8 qs_version; + __u16 qs_flags; + __s8 qs_pad; + struct compat_fs_qfilestat qs_uquota; + struct compat_fs_qfilestat qs_gquota; + compat_uint_t qs_incoredqs; + compat_int_t qs_btimelimit; + compat_int_t qs_itimelimit; + compat_int_t qs_rtbtimelimit; + __u16 qs_bwarnlimit; + __u16 qs_iwarnlimit; +}; diff --git a/fs/quota/quota.c b/fs/quota/quota.c index 47f9e151988b3e..6b37d58f1067d4 100644 --- a/fs/quota/quota.c +++ b/fs/quota/quota.c @@ -19,6 +19,7 @@ #include <linux/types.h> #include <linux/writeback.h> #include <linux/nospec.h> +#include "compat.h" static int check_quotactl_permission(struct super_block *sb, int type, int cmd, qid_t id) @@ -211,8 +212,18 @@ static int quota_getquota(struct super_block *sb, int type, qid_t id, if (ret) return ret; copy_to_if_dqblk(&idq, &fdq); - if (copy_to_user(addr, &idq, sizeof(idq))) - return -EFAULT; + + if (compat_need_64bit_alignment_fixup()) { + struct compat_if_dqblk __user *compat_dqblk = addr; + + if (copy_to_user(compat_dqblk, &idq, sizeof(*compat_dqblk))) + return -EFAULT; + if (put_user(idq.dqb_valid, &compat_dqblk->dqb_valid)) + return -EFAULT; + } else { + if (copy_to_user(addr, &idq, sizeof(idq))) + return -EFAULT; + } return 0; } @@ -277,8 +288,16 @@ static int quota_setquota(struct super_block *sb, int type, qid_t id, struct if_dqblk idq; struct kqid qid; - if (copy_from_user(&idq, addr, sizeof(idq))) - return -EFAULT; + if (compat_need_64bit_alignment_fixup()) { + struct compat_if_dqblk __user *compat_dqblk = addr; + + if (copy_from_user(&idq, compat_dqblk, sizeof(*compat_dqblk)) || + get_user(idq.dqb_valid, &compat_dqblk->dqb_valid)) + return -EFAULT; + } else { + if (copy_from_user(&idq, addr, sizeof(idq))) + return -EFAULT; + } if (!sb->s_qcop->set_dqblk) return -ENOSYS; qid = make_kqid(current_user_ns(), type, id); @@ -382,6 +401,33 @@ static int quota_getstate(struct super_block *sb, int type, return 0; } +static int compat_copy_fs_qfilestat(struct compat_fs_qfilestat __user *to, + struct fs_qfilestat *from) +{ + if (copy_to_user(to, from, sizeof(*to)) || + put_user(from->qfs_nextents, &to->qfs_nextents)) + return -EFAULT; + return 0; +} + +static int compat_copy_fs_quota_stat(struct compat_fs_quota_stat __user *to, + struct fs_quota_stat *from) +{ + if (put_user(from->qs_version, &to->qs_version) || + put_user(from->qs_flags, &to->qs_flags) || + put_user(from->qs_pad, &to->qs_pad) || + compat_copy_fs_qfilestat(&to->qs_uquota, &from->qs_uquota) || + compat_copy_fs_qfilestat(&to->qs_gquota, &from->qs_gquota) || + put_user(from->qs_incoredqs, &to->qs_incoredqs) || + put_user(from->qs_btimelimit, &to->qs_btimelimit) || + put_user(from->qs_itimelimit, &to->qs_itimelimit) || + put_user(from->qs_rtbtimelimit, &to->qs_rtbtimelimit) || + put_user(from->qs_bwarnlimit, &to->qs_bwarnlimit) || + put_user(from->qs_iwarnlimit, &to->qs_iwarnlimit)) + return -EFAULT; + return 0; +} + static int quota_getxstate(struct super_block *sb, int type, void __user *addr) { struct fs_quota_stat fqs; @@ -390,9 +436,14 @@ static int quota_getxstate(struct super_block *sb, int type, void __user *addr) if (!sb->s_qcop->get_state) return -ENOSYS; ret = quota_getstate(sb, type, &fqs); - if (!ret && copy_to_user(addr, &fqs, sizeof(fqs))) + if (ret) + return ret; + + if (compat_need_64bit_alignment_fixup()) + return compat_copy_fs_quota_stat(addr, &fqs); + if (copy_to_user(addr, &fqs, sizeof(fqs))) return -EFAULT; - return ret; + return 0; } static int quota_getstatev(struct super_block *sb, int type, @@ -816,8 +867,8 @@ static struct super_block *quotactl_block(const char __user *special, int cmd) * calls. Maybe we need to add the process quotas etc. in the future, * but we probably should use rlimits for that. */ -int kernel_quotactl(unsigned int cmd, const char __user *special, - qid_t id, void __user *addr) +SYSCALL_DEFINE4(quotactl, unsigned int, cmd, const char __user *, special, + qid_t, id, void __user *, addr) { uint cmds, type; struct super_block *sb = NULL; @@ -871,9 +922,3 @@ int kernel_quotactl(unsigned int cmd, const char __user *special, path_put(pathp); return ret; } - -SYSCALL_DEFINE4(quotactl, unsigned int, cmd, const char __user *, special, - qid_t, id, void __user *, addr) -{ - return kernel_quotactl(cmd, special, id, addr); -} diff --git a/include/linux/quotaops.h b/include/linux/quotaops.h index 9cf0cd3dc88c68..a0f6668924d3ef 100644 --- a/include/linux/quotaops.h +++ b/include/linux/quotaops.h @@ -27,9 +27,6 @@ static inline bool is_quota_modification(struct inode *inode, struct iattr *ia) (ia->ia_valid & ATTR_GID && !gid_eq(ia->ia_gid, inode->i_gid)); } -int kernel_quotactl(unsigned int cmd, const char __user *special, - qid_t id, void __user *addr); - #if defined(CONFIG_QUOTA) #define quota_error(sb, fmt, args...) \ diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 4d59775ea79c1e..c925d1e1777efc 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -369,7 +369,6 @@ COND_SYSCALL_COMPAT(fanotify_mark); /* x86 */ COND_SYSCALL(vm86old); COND_SYSCALL(modify_ldt); -COND_SYSCALL_COMPAT(quotactl32); COND_SYSCALL(vm86); COND_SYSCALL(kexec_file_load); -- 2.28.0 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* improve compat handling for the i386 u64 alignment quirk v2 @ 2020-07-31 12:21 Christoph Hellwig 2020-07-31 12:22 ` [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> Christoph Hellwig 0 siblings, 1 reply; 7+ messages in thread From: Christoph Hellwig @ 2020-07-31 12:21 UTC (permalink / raw) To: x86, Jan Kara Cc: linux-arm-kernel, linux-fsdevel, linux-kernel, linux-api, linux-arch Hi all, the i386 ABI is a little special in that it uses less than natural alignment for 64-bit integer types (u64 and s64), and a significant amount of our compat handlers deals with just that. Unfortunately there is no good way to check for this specific quirk at runtime, similar how in_compat_syscall() checks for a compat syscall. This series adds such a check, and then uses the quota code as an example of how this improves the compat handling. I have a few other places in mind where this will also be useful going forward. Changes since v1: - use asm-generic/compat.h instead of linux/compat.h for compat_u64 and compat_s64 - fix a typo Diffstat: b/arch/arm64/include/asm/compat.h | 2 b/arch/mips/include/asm/compat.h | 2 b/arch/parisc/include/asm/compat.h | 2 b/arch/powerpc/include/asm/compat.h | 2 b/arch/s390/include/asm/compat.h | 2 b/arch/sparc/include/asm/compat.h | 3 b/arch/x86/entry/syscalls/syscall_32.tbl | 2 b/arch/x86/include/asm/compat.h | 3 b/fs/quota/Kconfig | 5 - b/fs/quota/Makefile | 1 b/fs/quota/compat.h | 34 ++++++++ b/fs/quota/quota.c | 73 +++++++++++++++--- b/include/asm-generic/compat.h | 8 ++ b/include/linux/compat.h | 9 ++ b/include/linux/quotaops.h | 3 b/kernel/sys_ni.c | 1 fs/quota/compat.c | 120 ------------------------------- 17 files changed, 113 insertions(+), 159 deletions(-) ^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> 2020-07-31 12:21 improve compat handling for the i386 u64 alignment quirk v2 Christoph Hellwig @ 2020-07-31 12:22 ` Christoph Hellwig 0 siblings, 0 replies; 7+ messages in thread From: Christoph Hellwig @ 2020-07-31 12:22 UTC (permalink / raw) To: x86, Jan Kara Cc: linux-arm-kernel, linux-fsdevel, linux-kernel, linux-api, linux-arch lift the compat_s64 and compat_u64 definitions into common code using the COMPAT_FOR_U64_ALIGNMENT symbol for the x86 special case. Signed-off-by: Christoph Hellwig <hch@lst.de> --- arch/arm64/include/asm/compat.h | 2 -- arch/mips/include/asm/compat.h | 2 -- arch/parisc/include/asm/compat.h | 2 -- arch/powerpc/include/asm/compat.h | 2 -- arch/s390/include/asm/compat.h | 2 -- arch/sparc/include/asm/compat.h | 3 +-- arch/x86/include/asm/compat.h | 2 -- include/asm-generic/compat.h | 8 ++++++++ 8 files changed, 9 insertions(+), 14 deletions(-) diff --git a/arch/arm64/include/asm/compat.h b/arch/arm64/include/asm/compat.h index 935d2aa231bf06..23a9fb73c04ff8 100644 --- a/arch/arm64/include/asm/compat.h +++ b/arch/arm64/include/asm/compat.h @@ -35,8 +35,6 @@ typedef s32 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; typedef __kernel_fsid_t compat_fsid_t; -typedef s64 compat_s64; -typedef u64 compat_u64; struct compat_stat { #ifdef __AARCH64EB__ diff --git a/arch/mips/include/asm/compat.h b/arch/mips/include/asm/compat.h index 255afcdd79c94b..65975712a22dcf 100644 --- a/arch/mips/include/asm/compat.h +++ b/arch/mips/include/asm/compat.h @@ -26,8 +26,6 @@ typedef s32 compat_caddr_t; typedef struct { s32 val[2]; } compat_fsid_t; -typedef s64 compat_s64; -typedef u64 compat_u64; struct compat_stat { compat_dev_t st_dev; diff --git a/arch/parisc/include/asm/compat.h b/arch/parisc/include/asm/compat.h index 2f4f66a3bac079..8f33085ff1bd88 100644 --- a/arch/parisc/include/asm/compat.h +++ b/arch/parisc/include/asm/compat.h @@ -22,8 +22,6 @@ typedef u32 compat_dev_t; typedef u16 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; -typedef s64 compat_s64; -typedef u64 compat_u64; struct compat_stat { compat_dev_t st_dev; /* dev_t is 32 bits on parisc */ diff --git a/arch/powerpc/include/asm/compat.h b/arch/powerpc/include/asm/compat.h index 3e3cdfaa76c6a5..9191fc29e6ed11 100644 --- a/arch/powerpc/include/asm/compat.h +++ b/arch/powerpc/include/asm/compat.h @@ -27,8 +27,6 @@ typedef s16 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; typedef __kernel_fsid_t compat_fsid_t; -typedef s64 compat_s64; -typedef u64 compat_u64; struct compat_stat { compat_dev_t st_dev; diff --git a/arch/s390/include/asm/compat.h b/arch/s390/include/asm/compat.h index 9547cd5d6cdc21..ea5b9c34b7be5b 100644 --- a/arch/s390/include/asm/compat.h +++ b/arch/s390/include/asm/compat.h @@ -63,8 +63,6 @@ typedef u16 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; typedef __kernel_fsid_t compat_fsid_t; -typedef s64 compat_s64; -typedef u64 compat_u64; typedef struct { u32 mask; diff --git a/arch/sparc/include/asm/compat.h b/arch/sparc/include/asm/compat.h index 40a267b3bd5208..b85842cda99fe0 100644 --- a/arch/sparc/include/asm/compat.h +++ b/arch/sparc/include/asm/compat.h @@ -21,8 +21,7 @@ typedef s16 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; typedef __kernel_fsid_t compat_fsid_t; -typedef s64 compat_s64; -typedef u64 compat_u64; + struct compat_stat { compat_dev_t st_dev; compat_ino_t st_ino; diff --git a/arch/x86/include/asm/compat.h b/arch/x86/include/asm/compat.h index d4edf281fff49d..bf547701f41f87 100644 --- a/arch/x86/include/asm/compat.h +++ b/arch/x86/include/asm/compat.h @@ -27,8 +27,6 @@ typedef u16 compat_nlink_t; typedef u16 compat_ipc_pid_t; typedef u32 compat_caddr_t; typedef __kernel_fsid_t compat_fsid_t; -typedef s64 __attribute__((aligned(4))) compat_s64; -typedef u64 __attribute__((aligned(4))) compat_u64; struct compat_stat { compat_dev_t st_dev; diff --git a/include/asm-generic/compat.h b/include/asm-generic/compat.h index a86f65bffab8d0..30f7b18a36f939 100644 --- a/include/asm-generic/compat.h +++ b/include/asm-generic/compat.h @@ -22,4 +22,12 @@ typedef u32 compat_ulong_t; typedef u32 compat_uptr_t; typedef u32 compat_aio_context_t; +#ifdef CONFIG_COMPAT_FOR_U64_ALIGNMENT +typedef s64 __attribute__((aligned(4))) compat_s64; +typedef u64 __attribute__((aligned(4))) compat_u64; +#else +typedef s64 compat_s64; +typedef u64 compat_u64; +#endif + #endif -- 2.27.0 ^ permalink raw reply related [flat|nested] 7+ messages in thread
end of thread, other threads:[~2020-09-17 16:53 UTC | newest] Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2020-09-17 7:41 improve compat handling for the i386 u64 alignment quirk v3 Christoph Hellwig 2020-09-17 7:41 ` [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> Christoph Hellwig 2020-09-17 15:05 ` Arnd Bergmann 2020-09-17 16:50 ` Al Viro 2020-09-17 7:41 ` [PATCH 2/3] compat: add a compat_need_64bit_alignment_fixup() helper Christoph Hellwig 2020-09-17 7:41 ` [PATCH 3/3] quota: simplify the quotactl compat handling Christoph Hellwig -- strict thread matches above, loose matches on Subject: below -- 2020-07-31 12:21 improve compat handling for the i386 u64 alignment quirk v2 Christoph Hellwig 2020-07-31 12:22 ` [PATCH 1/3] compat: lift compat_s64 and compat_u64 to <asm-generic/compat.h> Christoph Hellwig
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).