From patchwork Sat Jun 3 14:52:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 102842 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp1700778vqr; Sat, 3 Jun 2023 07:54:28 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4Pmh4xfrEfgyC9CAEWyN+sKaupSZcJsYyWlu6U7ysOtFyyTba/LEKbNMSNVQygdnbq/AIh X-Received: by 2002:a05:6a20:12c1:b0:10b:9dc1:c5e5 with SMTP id v1-20020a056a2012c100b0010b9dc1c5e5mr522219pzg.34.1685804068280; Sat, 03 Jun 2023 07:54:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685804068; cv=none; d=google.com; s=arc-20160816; b=dVEMvZTDq7hBniI7GKDQVgVWFCvBIOBLBqBO5cMt+e1HVrVppnNpAuZw+UWS+3CL6j LHfwQATBWeT8zRJcCK89TxsZPrEWvHEmk7ekqp7hTrZi9tC0O9JePl+kjr+uSs6CRGvb kpWytKv5/R7tpdllc8C4rIaUdmQJ5Q845MRW7CJ+FHBy5K+HcJlHDIMFzUp+AGnvvr2n 4YnS6B2Rs3KlzGjeJS1ZcvtmtcfFjn/LphjyXuQjNefId3/mwGdPTyl1Ow31yd7IsSjq G4gjR+cHxniCK0Lu2MK6yHd4rCnZct+evYSFqaJUYEDwAX5vLNlFBsZ4E4nh0QI0MrGU T+jg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=YCzACzClxGa/ktYTHwJaaNWjaN7phPISbw1cPfpWZUo=; b=RDjYMwWJGvt/ErsT3wc0EVkBQ7xIEAP/py7HT5TrdSjTUGaTP43v/t+/iUi6pMHkgI jFIreFU1KVaODOf0c+/lhP/sgpjBtQeI97rJLJFyn7+vlhzU50C8JAe550ItKBsoLQ4R 5J4NI0AVwu2rC/FXqC2YohwznLc59GSLyHBfX6KjDxVx0VuJ59KFEl5fVhHTZb9IwTyj F3f5tv/QTu/lgj5Xc/zmq0jE66oXXM1VnIjXgwwUUs4TLSfJh6NmbfOe/ULRBC3w2jxo P64iizuEzV/J+u0AEXZkYERzZEkuN4x8t+jOnDzhBerV+UbKr0COlNGk/MqncT9gmCkk OjuA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b=pXYzXv05; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=vCBsWyth; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w184-20020a6382c1000000b00542232db0dcsi2813432pgd.792.2023.06.03.07.54.14; Sat, 03 Jun 2023 07:54:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b=pXYzXv05; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=vCBsWyth; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230223AbjFCOxS (ORCPT + 99 others); Sat, 3 Jun 2023 10:53:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60742 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229606AbjFCOxO (ORCPT ); Sat, 3 Jun 2023 10:53:14 -0400 Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5A602CE; Sat, 3 Jun 2023 07:53:13 -0700 (PDT) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id C76425C00C8; Sat, 3 Jun 2023 10:53:12 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Sat, 03 Jun 2023 10:53:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1685803992; x=1685890392; bh=YCzACzClxG a/ktYTHwJaaNWjaN7phPISbw1cPfpWZUo=; b=pXYzXv05o9CAdFMXpOMdKmLWi2 Q5Vuiijm/ua1tXFFnVVd1Mmlyx0n3sJG7LkVHlrx2skKiWiQsHJ5s+xH+jgC0xsU qnJCUnbr2+RZTznR9n9hba8/it5Hsqve8eNGpy0QG3q8nhb0B1fZMwII5oAYzLwz 7Ltro9/nIYFdvObT9L7XkEt3SEUT1fRvXKLzRUcRu0DWmp6C+ElO/93OT/zM8Aot qc/ZHGerpZ5NcMYIvFiQjfF3K6k3pdwGiI/q5Yhhb1BqGoXcKRrTEpbGWzp8Uf33 8phGyAwsIKivy40tWpDXpekYtqYOqbnwMX//S+yA+45b5TOkqsaxN67UJOtg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1685803992; x= 1685890392; bh=YCzACzClxGa/ktYTHwJaaNWjaN7phPISbw1cPfpWZUo=; b=v CBsWyth29tlIlptRZtIJNH+muWrQmiT0Lbs0SbsNteRgKmQXQX+J7Vt5gror77e1 Ta3vwUGl8KlKj4yUjlg7SEmhjxAyAHA/3/GEaOcpKHbkZjqfeFUPzqGPayw4ppWt SY1iURtwhnQk12abr1qwqjnpnn2UOFpHOvFzRcNgap4XiFbgm/vJ8QcL2+l9m6nc yRf9hwoR8sxcEZqlk3scrn+CmX8utRGnawc1t1vP3GSe+0k5uAIC6suw46l5mpJr TYSOPN8JdKHQwvpvEoqy2l0jGPvAv+Wmyju1pHSFcnfe6O/TuNQJHDcwQFJvn/ez wcDzQsQBeOHQnAI6qxI+g== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrfeelhedgkedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgvmhhi ucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhihhngh hslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepjeffjefggfeugeduvedvjeekgfeh gffhhfffjeetkeelueefffetfffhtdduheetnecuvehluhhsthgvrhfuihiivgepudenuc frrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhnghhs lhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 3 Jun 2023 10:53:12 -0400 (EDT) From: Demi Marie Obenour To: Alasdair Kergon , Mike Snitzer , dm-devel@redhat.com Cc: Demi Marie Obenour , linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: [PATCH v2 1/6] device-mapper: Check that target specs are sufficiently aligned Date: Sat, 3 Jun 2023 10:52:39 -0400 Message-Id: <20230603145244.1538-2-demi@invisiblethingslab.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230603145244.1538-1-demi@invisiblethingslab.com> References: <20230601212456.1533-1-demi@invisiblethingslab.com> <20230603145244.1538-1-demi@invisiblethingslab.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767537155071946148?= X-GMAIL-MSGID: =?utf-8?q?1767693686726042179?= Otherwise subsequent code will dereference a misaligned `struct dm_target_spec *`, which is undefined behavior. Signed-off-by: Demi Marie Obenour Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable@vger.kernel.org --- drivers/md/dm-ioctl.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c index cc77cf3d410921432eb0c62cdede7d55b9aa674a..34fa74c6a70db8aa67aaba3f6a2fc4f38ef736bc 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c @@ -1394,6 +1394,13 @@ static inline fmode_t get_mode(struct dm_ioctl *param) static int next_target(struct dm_target_spec *last, uint32_t next, void *end, struct dm_target_spec **spec, char **target_params) { + static_assert(_Alignof(struct dm_target_spec) <= 8, + "struct dm_target_spec has excessive alignment requirements"); + if (next % 8) { + DMERR("Next target spec (offset %u) is not 8-byte aligned", next); + return -EINVAL; + } + *spec = (struct dm_target_spec *) ((unsigned char *) last + next); *target_params = (char *) (*spec + 1); From patchwork Sat Jun 3 14:52:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 102841 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp1700720vqr; Sat, 3 Jun 2023 07:54:18 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7HAidQIKvn8aYUhleCQdwosjRQpLhc3ePrgKFouZytZpxsqOSrJS1GoqIh3aKNfkDDE00A X-Received: by 2002:a17:902:d2c5:b0:1ae:622c:e745 with SMTP id n5-20020a170902d2c500b001ae622ce745mr3693586plc.1.1685804057761; Sat, 03 Jun 2023 07:54:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685804057; cv=none; d=google.com; s=arc-20160816; b=QPZ02FjThRCzfy83RC9WlWiFNDIgPsh5Yzr5H4kA+3MgEyPh/tTMYjqJ5yhrCOAUpQ nL9SDwmiaejZtAJKdAtnzv/zc1/7sGyOGyrp5FGWMrzf0rvme7tbj+ypOcS+vxRDCYFg K29vg7V54f9Ol+d7jMr842BNIINeWM5XpashrnA8c63XzDoFhQsBjp1ncKBaKulc9TzS 50pOLPEGTqpKHbjmku28U2ga3VyGJzBXaC3ZZmgQ3cagaKD9uKFM9YQ94sfMg0s/OYOP wmmIS0b508fDgfQj3Kb+R1WvUTGqb5/n7oRRvm/LuDd4x3KX4esXfxQChZW684LiRzm6 PzHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=aSjkzE25S8BxmyJfHmxx2kjK812O0BGlmJS9UYp63Y4=; b=YMKNcVRYj2EJjBfrxA8WuwF+kNJAOjBl6b1hp5iEop8ScBbXvlZT6PglddY3dFDKAv Sy6CMyKoyCxYS8xWNMc4S0BKOdzt5TuILuMKxAx02J3UPjguP6NzB7Sc0SGIO+2O21eR VvivxZBjIdGnWY3jLwSCkCm+I1q1Kc9U4+L90KorjyRh8NsmtNQUIgs35tKKT+woBD/J 7sTDvJc7lO4FYvyxweFDory51tYj6HX+wNJ3cnQ2OBlqucWD1YJ7CQtMBo00GmsoYLy6 PVVmViVMVYcVB8Svn7wGZOhOqwjL0mOns4Xp6NOqUekh0//f7wSztm01Hcc820vy+CLr XASA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b=i7f0Q9d5; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=JiBQ1MuY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w17-20020a170902e89100b001a24521e826si2817135plg.61.2023.06.03.07.54.04; Sat, 03 Jun 2023 07:54:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b=i7f0Q9d5; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=JiBQ1MuY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230024AbjFCOxU (ORCPT + 99 others); Sat, 3 Jun 2023 10:53:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60754 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229640AbjFCOxP (ORCPT ); Sat, 3 Jun 2023 10:53:15 -0400 Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 983F4197; Sat, 3 Jun 2023 07:53:14 -0700 (PDT) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 05CCE5C00D5; Sat, 3 Jun 2023 10:53:14 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Sat, 03 Jun 2023 10:53:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1685803994; x=1685890394; bh=aSjkzE25S8 BxmyJfHmxx2kjK812O0BGlmJS9UYp63Y4=; b=i7f0Q9d5TEM1LgMqJdRiHaENlq ynQteKNn8bi2ztKCkSRVp4PxCircChHJT/lYVyvSYX0Z7/qgUv30JIzrk7ZYzd9i AKpKIVDyu3UAbtIRA78mvGuQxHdfXgT4ZsQlTamYjEoYxKy3K3SrCDGg6x+TRcWC PRTR9cmPgtqtcQlhEfHPC0N+VDElYhcKIbVFQCNVDt5ii7Z+pgsCClY33l8He98V C+xZF3NFoGeKTHJGUNqkMQ2tt2DgND6dr1InWKfjK2UwmGmAMarSoXt0/8UgfsN/ qIXYrRMLYKpDfyanOmEeliW/NbSDAg+adQX8UewvfqzWjY3IRWMEP6UMqISg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1685803994; x= 1685890394; bh=aSjkzE25S8BxmyJfHmxx2kjK812O0BGlmJS9UYp63Y4=; b=J iBQ1MuYjIHoAHRkeTOW9xDwi5DUzBk+/ahqcMcNfOXPc8+MBgWAtdbyAcZpxzIa1 ne/CK8oMKk7G+IAqFPQTTQOxKru3sgIM+tatRjNxFPMPYFzthPJse+XnxjxmgWgu rG0zNv63FslYu0OuN//1Md2SXw1/m8ZlbTDkDseHCLVTTnGOigAGCEGDPsMh8/yM bKGgGhhl6euDITEJ9ZRAtzHnpAdOavk99iorbnhFA5HmX4/25rx8CJ6j4Tqgzrq2 L98mPoTsXdOEhMrwBSQcz9IKGjbQiuXyUsBZy2E1JtKyInnFAm3MIL7PJnaNeY/f i/odYTx+R7YDYAb3QRjWQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrfeelhedgkedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgvmhhi ucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhihhngh hslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepjeffjefggfeugeduvedvjeekgfeh gffhhfffjeetkeelueefffetfffhtdduheetnecuvehluhhsthgvrhfuihiivgepudenuc frrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhnghhs lhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 3 Jun 2023 10:53:13 -0400 (EDT) From: Demi Marie Obenour To: Alasdair Kergon , Mike Snitzer , dm-devel@redhat.com Cc: Demi Marie Obenour , linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: [PATCH v2 2/6] device-mapper: Avoid pointer arithmetic overflow Date: Sat, 3 Jun 2023 10:52:40 -0400 Message-Id: <20230603145244.1538-3-demi@invisiblethingslab.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230603145244.1538-1-demi@invisiblethingslab.com> References: <20230601212456.1533-1-demi@invisiblethingslab.com> <20230603145244.1538-1-demi@invisiblethingslab.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767537440509240946?= X-GMAIL-MSGID: =?utf-8?q?1767693675559108749?= Especially on 32-bit systems, it is possible for the pointer arithmetic to overflow and cause a userspace pointer to be dereferenced in the kernel. Signed-off-by: Demi Marie Obenour Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable@vger.kernel.org Reviewed-by: Mikulas Patocka --- drivers/md/dm-ioctl.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c index 34fa74c6a70db8aa67aaba3f6a2fc4f38ef736bc..64e8f16d344c47057de5e2d29e3d63202197dca0 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c @@ -1396,6 +1396,25 @@ static int next_target(struct dm_target_spec *last, uint32_t next, void *end, { static_assert(_Alignof(struct dm_target_spec) <= 8, "struct dm_target_spec has excessive alignment requirements"); + static_assert(offsetof(struct dm_ioctl, data) >= sizeof(struct dm_target_spec), + "struct dm_target_spec too big"); + + /* + * Number of bytes remaining, starting with last. This is always + * sizeof(struct dm_target_spec) or more, as otherwise *last was + * out of bounds already. + */ + size_t remaining = (char *)end - (char *)last; + + /* + * There must be room for both the next target spec and the + * NUL-terminator of the target itself. + */ + if (remaining - sizeof(struct dm_target_spec) <= next) { + DMERR("Target spec extends beyond end of parameters"); + return -EINVAL; + } + if (next % 8) { DMERR("Next target spec (offset %u) is not 8-byte aligned", next); return -EINVAL; From patchwork Sat Jun 3 14:52:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 102843 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp1700818vqr; Sat, 3 Jun 2023 07:54:33 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4XDjy8rnUB1LxTXR1FQgsvzm6XQKf6VcWgCUmYf/E3Kcz2QcHyzpbLTmldoCTDA5/4Qkgh X-Received: by 2002:a05:6a21:118a:b0:110:29dc:495e with SMTP id oj10-20020a056a21118a00b0011029dc495emr2128760pzb.18.1685804073645; Sat, 03 Jun 2023 07:54:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685804073; cv=none; d=google.com; s=arc-20160816; b=XoOdIj9vmM09yMDgr8l/oTMkbJ3eATjC4yuAS9F3ekvlFextcY82Kfv/EUogSqhSMk pA6v36WPCQHhnXKfELiOW4ZVa2DnSIxXWlwJsDm4BbkHHLiJYO4Vb1Ce6YLu2yWWTBLm X0QXwiyH0K8IiYKyPP+UTLNZ+n8fPM7Fzv27ig9v1jVza6sflZYDfE2p7Gh3VZNR937+ rSjXTe5AwIrg0PnNhnYd5C5yIGmIy/3BT2o9jxhtm1EK4t/TpYU5J5+UXes8bYBjpidj Mt4k+vBE7kqdwMTv6O5CFCA3PAozRcNrIp769z0nerkN8b+t1HvHSIZgHX1iNdQL22Xl S6vA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=YZHd7YYjlDK6sv+mkKSJgYpLNyemRttpNw5QnchM4bE=; b=jGlga7KJbo/OswFRTkZPeqQGLhX6cTTo2wDIziC78aEbjULKsalv/TBabpm6UxU7tT 5rlCf+B2n9SYCOZ4j/0pNDRlxTaHwhGS0iZ7CpHK2dxfEjWNTVgmowkF7/EheI0z4Dhz 1uerQgyQbFrxULSROz327oYzV+YmS5ltrxtz0cEvQo/2PFFm7RH+3psM3LBUND4A6s8O beMV2A6ZpCzinnbN546smdYt84WrZJtRkkazoRqfpm6xVUxBulAWmY5ezD9gdnMZeP0d sz8i9y1MFH5vzPcmOnub8WcYM0SNLdza4iX4qFSvPSlKifs/NijJz9LkLtdRRAzEkjIw Qh/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b=TnOxlFpR; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=RKSwHSh5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e22-20020a637456000000b00542a44deb65si2471808pgn.676.2023.06.03.07.54.20; Sat, 03 Jun 2023 07:54:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b=TnOxlFpR; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=RKSwHSh5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229640AbjFCOxY (ORCPT + 99 others); Sat, 3 Jun 2023 10:53:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60806 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235476AbjFCOxT (ORCPT ); Sat, 3 Jun 2023 10:53:19 -0400 Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E19CC196; Sat, 3 Jun 2023 07:53:17 -0700 (PDT) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 503095C00C8; Sat, 3 Jun 2023 10:53:17 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute1.internal (MEProxy); Sat, 03 Jun 2023 10:53:17 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1685803997; x=1685890397; bh=YZHd7YYjlD K6sv+mkKSJgYpLNyemRttpNw5QnchM4bE=; b=TnOxlFpRryRJNsR7dpT46fcwU5 WqmiJVKfcJVhI69FXcnQw0XXlGXPg9eAkwuvXv+2oNga3YcKAjpqy3i488+aRrQ1 R5lK/T/ytfC9Y2lXcCgBAXPny4UlKg2y68Bt3b/hiAhg5WH1yPTucdXexc89KnxJ j1CGz+TJS3grfw+G1Cgjm9Sv6qjcOTvodT7ihTNrN5QIGI3I/RfTsbBk56hQq/dj N7LCPY8GSBfWjfzC+P7v6OLtBIxGKpPF8y4q8AUbXmHRxPMcNYoKVzQn/38pKOrn cgHs49N9IOZLlTsTUhzfV30H3FLTnOs/+4aE9dCOlJCooyPlIaVG0RbUS6tg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1685803997; x= 1685890397; bh=YZHd7YYjlDK6sv+mkKSJgYpLNyemRttpNw5QnchM4bE=; b=R KSwHSh5CbZGFPlBIs95J+lFNUW+CiVOmBjXlwhhHamgOnD6blPnTsSZctV6KhZa6 rc8xKQZcZgcSqnTJqDP5e2MCQGsgvnwfyadaEXHClMLKu3tG5xQA54ukTJZzIqI/ 8+MC0YPY2gS6iy9ukE0ol1BYlctioyi3n6uC5y5zxKZgigk8d0sFaEj9Xw0UuXA0 74ubqf28G7Zee6IfmuHYdlAINdOLRb1ZELv1M+ysGpADDiI1rdxdyjLfQJ4PqBMT U+jozsg5GFP3J/LvN5+U9Et3QjGPM8kIC19TnhmtyaZqCZHvDxVA51pJD/AQn00W t2Gm+rYVbFTgUUbmGkvcA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrfeelhedgkedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgvmhhi ucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhihhngh hslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepjeffjefggfeugeduvedvjeekgfeh gffhhfffjeetkeelueefffetfffhtdduheetnecuvehluhhsthgvrhfuihiivgeptdenuc frrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhnghhs lhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 3 Jun 2023 10:53:16 -0400 (EDT) From: Demi Marie Obenour To: Alasdair Kergon , Mike Snitzer , dm-devel@redhat.com Cc: Demi Marie Obenour , linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: [PATCH v2 3/6] device-mapper: structs and parameter strings must not overlap Date: Sat, 3 Jun 2023 10:52:41 -0400 Message-Id: <20230603145244.1538-4-demi@invisiblethingslab.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230603145244.1538-1-demi@invisiblethingslab.com> References: <20230601212456.1533-1-demi@invisiblethingslab.com> <20230603145244.1538-1-demi@invisiblethingslab.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767537733636712173?= X-GMAIL-MSGID: =?utf-8?q?1767693692565429088?= The NUL terminator for each target parameter string must precede the following 'struct dm_target_spec'. Otherwise, dm_split_args() might corrupt this struct. Furthermore, the first 'struct dm_target_spec' must come after the 'struct dm_ioctl', as if it overlaps too much dm_split_args() could corrupt the 'struct dm_ioctl'. Signed-off-by: Demi Marie Obenour Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable@vger.kernel.org Reviewed-by: Mikulas Patocka --- drivers/md/dm-ioctl.c | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c index 64e8f16d344c47057de5e2d29e3d63202197dca0..da6ca26b51d0953df380582bb3a51c2ec22c27cb 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c @@ -1391,7 +1391,7 @@ static inline fmode_t get_mode(struct dm_ioctl *param) return mode; } -static int next_target(struct dm_target_spec *last, uint32_t next, void *end, +static int next_target(struct dm_target_spec *last, uint32_t next, const char *end, struct dm_target_spec **spec, char **target_params) { static_assert(_Alignof(struct dm_target_spec) <= 8, @@ -1404,7 +1404,7 @@ static int next_target(struct dm_target_spec *last, uint32_t next, void *end, * sizeof(struct dm_target_spec) or more, as otherwise *last was * out of bounds already. */ - size_t remaining = (char *)end - (char *)last; + size_t remaining = end - (char *)last; /* * There must be room for both the next target spec and the @@ -1423,10 +1423,7 @@ static int next_target(struct dm_target_spec *last, uint32_t next, void *end, *spec = (struct dm_target_spec *) ((unsigned char *) last + next); *target_params = (char *) (*spec + 1); - if (*spec < (last + 1)) - return -EINVAL; - - return invalid_str(*target_params, end); + return 0; } static int populate_table(struct dm_table *table, @@ -1436,8 +1433,9 @@ static int populate_table(struct dm_table *table, unsigned int i = 0; struct dm_target_spec *spec = (struct dm_target_spec *) param; uint32_t next = param->data_start; - void *end = (void *) param + param_size; + const char *const end = (const char *) param + param_size; char *target_params; + size_t min_size = sizeof(struct dm_ioctl); if (!param->target_count) { DMERR("%s: no targets specified", __func__); @@ -1445,6 +1443,13 @@ static int populate_table(struct dm_table *table, } for (i = 0; i < param->target_count; i++) { + const char *nul_terminator; + + if (next < min_size) { + DMERR("%s: next target spec (offset %u) overlaps %s", + __func__, next, i ? "previous target" : "'struct dm_ioctl'"); + return -EINVAL; + } r = next_target(spec, next, end, &spec, &target_params); if (r) { @@ -1452,6 +1457,15 @@ static int populate_table(struct dm_table *table, return r; } + nul_terminator = memchr(target_params, 0, (size_t)(end - target_params)); + if (nul_terminator == NULL) { + DMERR("%s: target parameters not NUL-terminated", __func__); + return -EINVAL; + } + + /* Add 1 for NUL terminator */ + min_size = (size_t)(nul_terminator - (const char *)spec) + 1; + r = dm_table_add_target(table, spec->target_type, (sector_t) spec->sector_start, (sector_t) spec->length, From patchwork Sat Jun 3 14:52:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 102845 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp1700871vqr; Sat, 3 Jun 2023 07:54:40 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ45XqDrjoPFvms92izULYe1fcjLJy0VhFrYguRX0qY7VkN5X/Hij0czlYOA4Gs2hXqx3qkc X-Received: by 2002:a17:902:c94e:b0:1ae:4c3b:bb0b with SMTP id i14-20020a170902c94e00b001ae4c3bbb0bmr1376974pla.5.1685804080246; Sat, 03 Jun 2023 07:54:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685804080; cv=none; d=google.com; s=arc-20160816; b=IHtRrVEM+MehBakM/To/Fbetr6jGBFS1Dr3A3Yh3W6KKiESWlvsHPgDH3yna1S6Kjv 8p/I4sS0vli3n5hFEMHCOnr/rqLS0eJXPJYu/WZfy+rZDE3uZ4bmgsjGG7XtIGyHkdk7 RCKB9KgVg4PAvYpuTSy8aclSOtaS/8b7TzlobJYJpiKKPCguxJLNMQXrIHpw/GZe6Fne 89bEZeg7b+diiBscoc9HZpb3rYJXaJA9yoxLKtw1yEPhY1svxavdFcI7e1hzVBp6koYi Gbj0+Fr9sRnOoBbxNW8iEEbvIC1bq7hx5jHAJndES0YeFRr7OY2IWMefmaZDf0Ght9a5 jsKw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=SGVGhCOi3wbBYhOjjO56k89nCKOx38H3KskyWEyWiGs=; b=TLq/r9AnPqu9LSAECweeMZrcK7qyPZW3h169CH+WfIc0Ss0xnYivATgZBQGhni53kn gIvbXZYlpDhqDRt88d7HJN1ifQvb9mBzwsxxyXhSub2dg8L+R9D6bWnyLlzPedqN+2wj b6AyLe/8ZE5TjHBxLA9/JVfgUwCyWUOZs+xfAxSlR0nYrCObrrMBiPaDgpqbnVyeeXxz QnoZF691CbmxHOt8uCLufRlfb3TUmzJOORE/GOymjtd4Q7KNpOz5vxQcUYgosoTSLjG/ XIZRalkHrawfJgmI2MheYchjAOP/4bwGtwW35cpVDhgyh9yNYO3paU22uchYc98dByLf RCdQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b=Jp89MgG4; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=UkziZXYY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c10-20020a170903234a00b001a814f7db5fsi2678475plh.632.2023.06.03.07.54.25; Sat, 03 Jun 2023 07:54:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b=Jp89MgG4; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=UkziZXYY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229788AbjFCOx1 (ORCPT + 99 others); Sat, 3 Jun 2023 10:53:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60842 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230216AbjFCOxU (ORCPT ); Sat, 3 Jun 2023 10:53:20 -0400 Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 35E5318D; Sat, 3 Jun 2023 07:53:19 -0700 (PDT) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id A327A5C0159; Sat, 3 Jun 2023 10:53:18 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Sat, 03 Jun 2023 10:53:18 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1685803998; x=1685890398; bh=SGVGhCOi3w bBYhOjjO56k89nCKOx38H3KskyWEyWiGs=; b=Jp89MgG4yUz6UPx66J59ThD/Bv 3ZmoZxMs4OXV2lcM3NtGZ1+UwTxPbybEYji7PBUqV0YDPubWeHhoApOzzqgRunbx u/qf3o3FIUR7HBbfc7NkBLmBiEXcUzLwK/320g73bLp5ay2ZIWznc1FYUb3MSFtl 59VocK8gNlxmhjSUSAZfrTNpmmx56seI0FFOELKYP+IWK4GOvswszANk66ngrsDG CyejlAATPIaaQkQzp88yGgiT6wFnN1mXxmZPe4XJJJGnH8ZrkvF2NZx2jJKjNeY9 RR+AXGW+9HkZ3B8ek24czu+OkLOSH0RQS7TltXzpejPZiiohWxhF7DvT2UFg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1685803998; x= 1685890398; bh=SGVGhCOi3wbBYhOjjO56k89nCKOx38H3KskyWEyWiGs=; b=U kziZXYYR49LS1/JS1PPJU3ZfdZdjsPIGAHpa1LSgkDMjoiXcnVMZMDTuW0VVTEc7 Lf8QpJlAPv5+mQ165EPrrifFO1xdZr1ZeetZex2wKPImB2PPgPNE/k34wH4zIXiY RRJeW0O+OmNb0kamWKXl0CvoraCZuEdkiU35/mOAWXP9fMaC5riJxe0vE9+gzV+I uYfAbfwAgR8OeqlS9S5vhOscLXpBMdP2lI09LLqJtKiYjmxcbzT7sAZ6MZJeRGzt qxCFZbUW0jNtN286djwYT5SzDreLZNhjc4VUfwapiXizqb/ZXMZjNnZuRC44C2pU /1QYevHp01cFM8KqW3LWg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrfeelhedgkedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgvmhhi ucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhihhngh hslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepjeffjefggfeugeduvedvjeekgfeh gffhhfffjeetkeelueefffetfffhtdduheetnecuvehluhhsthgvrhfuihiivgepfeenuc frrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhnghhs lhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 3 Jun 2023 10:53:17 -0400 (EDT) From: Demi Marie Obenour To: Alasdair Kergon , Mike Snitzer , dm-devel@redhat.com Cc: Demi Marie Obenour , linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: [PATCH v2 4/6] device-mapper: Avoid double-fetch of version Date: Sat, 3 Jun 2023 10:52:42 -0400 Message-Id: <20230603145244.1538-5-demi@invisiblethingslab.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230603145244.1538-1-demi@invisiblethingslab.com> References: <20230601212456.1533-1-demi@invisiblethingslab.com> <20230603145244.1538-1-demi@invisiblethingslab.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767537482093037715?= X-GMAIL-MSGID: =?utf-8?q?1767693699596583289?= The version is fetched once in check_version(), which then does some validation and then overwrites the version in userspace with the API version supported by the kernel. copy_params() then fetches the version from userspace *again*, and this time no validation is done. The result is that the kernel's version number is completely controllable by userspace, provided that userspace can win a race condition. Fix this flaw by not copying the version back to the kernel the second time. This is not exploitable as the version is not further used in the kernel. However, it could become a problem if future patches start relying on the version field. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable@vger.kernel.org Signed-off-by: Demi Marie Obenour --- drivers/md/dm-ioctl.c | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c index da6ca26b51d0953df380582bb3a51c2ec22c27cb..7510afe237d979a5ee71afe87a20d49f631de1aa 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c @@ -1873,30 +1873,33 @@ static ioctl_fn lookup_ioctl(unsigned int cmd, int *ioctl_flags) * As well as checking the version compatibility this always * copies the kernel interface version out. */ -static int check_version(unsigned int cmd, struct dm_ioctl __user *user) +static int check_version(unsigned int cmd, struct dm_ioctl __user *user, + struct dm_ioctl *kernel_params) { - uint32_t version[3]; int r = 0; - if (copy_from_user(version, user->version, sizeof(version))) + if (copy_from_user(kernel_params->version, user->version, sizeof(kernel_params->version))) return -EFAULT; - if ((version[0] != DM_VERSION_MAJOR) || - (version[1] > DM_VERSION_MINOR)) { + if ((kernel_params->version[0] != DM_VERSION_MAJOR) || + (kernel_params->version[1] > DM_VERSION_MINOR)) { DMERR("ioctl interface mismatch: kernel(%u.%u.%u), user(%u.%u.%u), cmd(%d)", DM_VERSION_MAJOR, DM_VERSION_MINOR, DM_VERSION_PATCHLEVEL, - version[0], version[1], version[2], cmd); + kernel_params->version[0], + kernel_params->version[1], + kernel_params->version[2], + cmd); r = -EINVAL; } /* * Fill in the kernel version. */ - version[0] = DM_VERSION_MAJOR; - version[1] = DM_VERSION_MINOR; - version[2] = DM_VERSION_PATCHLEVEL; - if (copy_to_user(user->version, version, sizeof(version))) + kernel_params->version[0] = DM_VERSION_MAJOR; + kernel_params->version[1] = DM_VERSION_MINOR; + kernel_params->version[2] = DM_VERSION_PATCHLEVEL; + if (copy_to_user(user->version, kernel_params->version, sizeof(kernel_params->version))) return -EFAULT; return r; @@ -1922,7 +1925,10 @@ static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl *param_kern const size_t minimum_data_size = offsetof(struct dm_ioctl, data); unsigned int noio_flag; - if (copy_from_user(param_kernel, user, minimum_data_size)) + /* Version has been copied from userspace already, avoid TOCTOU */ + if (copy_from_user((char *)param_kernel + sizeof(param_kernel->version), + (char __user *)user + sizeof(param_kernel->version), + minimum_data_size - sizeof(param_kernel->version))) return -EFAULT; if (param_kernel->data_size < minimum_data_size) { @@ -2034,7 +2040,7 @@ static int ctl_ioctl(struct file *file, uint command, struct dm_ioctl __user *us * Check the interface version passed in. This also * writes out the kernel's interface version. */ - r = check_version(cmd, user); + r = check_version(cmd, user, ¶m_kernel); if (r) return r; From patchwork Sat Jun 3 14:52:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 102844 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp1700863vqr; Sat, 3 Jun 2023 07:54:40 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4xydS9YgMujLjPnniJDadYwuLCfiPcHXCAr/8j125tf8TgKwSYnuOKbDzD+BqgNtitujn9 X-Received: by 2002:a05:6a20:8f25:b0:105:2e9e:b13a with SMTP id b37-20020a056a208f2500b001052e9eb13amr1799321pzk.8.1685804079318; Sat, 03 Jun 2023 07:54:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685804079; cv=none; d=google.com; s=arc-20160816; b=1GhalGXWMClcMkMvTlVNs6pSbe2xMp0PEOTadt2wVD7pNmAQX+qVISgt+CRytgL433 v09ALHAmjCj5aQNP6bvidxrb4LuoymI5gJCEE0hWTE1hEHPW0FgVLOFdxyAsxtPtMkhb mgM9IXeWouJQviG81HcnMjnOCc6RpiiMch7w1VoM8FVXwFuONQEcgmu5hXoyYKsOngT3 SP2k7vswSZLr+bsVVKGy9rbGsSrNAjbeP06vmzH4d3jNqKcqNn+i1ILe+Yzt/B0ulYYU IDlk4sjlRsDXibqw00LNlg9kJgAH7gqMmZ+othJ/raIdA39BEwo8gQBt6Au0dySw4RbF cBWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=bzf2lzXwm0yOFyHlXVDw/mThYLsZ0cA++V3ZJ1NyFW4=; b=Tjg06ZnjVxETPxvNvCp6yb9A7M73Rn5uqXoB2pQynYqtQhPO6lBc2FBShoUqvFqbYo 2c8CkSAPPgC0s5JECJjSTuVFgGotEpSrMGqCgUMiVBBB6AMxQUKbcHh+VY4b805LjoD8 q8bjjkRGtJbe4Q6C1/+gcwbZ9TQ6ZirskiKk09cuNVm8yk7g/7kWvVFGW8gaYSDKZPrZ BLrJPygzyktCrcZB9UR4b4oobAlCJDg0UZ30TjjMORkwZyIU144H9SVwlPsLHGOBguIZ /gri5v4gZFSA9xjhaw8Mt+sGqw/2eDafosZWUPlHTO/KiQM5mRunv9XClgqVVv0weK6i 5htQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b=ksRwITEN; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=mK3adYSf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y4-20020aa793c4000000b006391322d3f8si2145533pff.375.2023.06.03.07.54.25; Sat, 03 Jun 2023 07:54:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b=ksRwITEN; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=mK3adYSf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237136AbjFCOxc (ORCPT + 99 others); Sat, 3 Jun 2023 10:53:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60868 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235879AbjFCOxV (ORCPT ); Sat, 3 Jun 2023 10:53:21 -0400 Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C9BEE1A5 for ; Sat, 3 Jun 2023 07:53:20 -0700 (PDT) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 441865C018B; Sat, 3 Jun 2023 10:53:20 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Sat, 03 Jun 2023 10:53:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1685804000; x=1685890400; bh=bzf2lzXwm0 yOFyHlXVDw/mThYLsZ0cA++V3ZJ1NyFW4=; b=ksRwITENMjfZbLijYMBGgB4obj Z8jhiq5RyMTyd7FtGeuPdHhxAtTkH7l5FU2eduhrz+jaXKhExJPqken41iClDagx /7PSOKaEcQmI5VejX1xzh5ADEBtIvTSeXbx1mCm/ex5XmyMxM42zZpWJ0tC6pZWV /zdF1oq7J4H9ZfzPJntxkAz+Nw4dQVMf+ksDop/LjJ3QVO3ltqX6/l1QZAhOl52i FBDH5WCLAVL1VV/0/KXk69BSXntmkInEk+b399rZHodrvvvaNUBn5vXsiaWS/GCb qbAJ5FPdv3H3++kNYAhetFinoEgVgXzwbvTBShksM85uKgX34xQypXarAqbg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1685804000; x= 1685890400; bh=bzf2lzXwm0yOFyHlXVDw/mThYLsZ0cA++V3ZJ1NyFW4=; b=m K3adYSf3veZMGbd7z2H9VE0Rk34pWAOoILfsPZfDA2b6VUwR8d9LPbjmKqGy28qW ItbDoXOIGdomPzzvdmYvQd4CFhjM+b7CHhkTSiH93L0a0yjKNkuyRzd/F1fX8x4H 1w4/5i1PkAAcDBn8GIS1h+6RLk8uxdXocy4uIhNSi6bv3K0RpTM7uIXdi17WoZyz qQ0IpUTX009Yf9zi7PT21hI/jNqIvvowg+eyBOaAws4yu88kRPgOHA6cSJ+6CiD+ x1umJG38gkBLKWuHuuFSFtAXGDIrPeIp2p6P4eCpYTsV0Kfw+jDwKutF14KgDHTj rg7zQo7uL44vEg8lM6WLQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrfeelhedgkedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgvmhhi ucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhihhngh hslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepjeffjefggfeugeduvedvjeekgfeh gffhhfffjeetkeelueefffetfffhtdduheetnecuvehluhhsthgvrhfuihiivgepfeenuc frrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhnghhs lhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 3 Jun 2023 10:53:19 -0400 (EDT) From: Demi Marie Obenour To: Alasdair Kergon , Mike Snitzer , dm-devel@redhat.com Cc: Demi Marie Obenour , linux-kernel@vger.kernel.org Subject: [PATCH v2 5/6] device-mapper: Refuse to create device named "control" Date: Sat, 3 Jun 2023 10:52:43 -0400 Message-Id: <20230603145244.1538-6-demi@invisiblethingslab.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230603145244.1538-1-demi@invisiblethingslab.com> References: <20230601212456.1533-1-demi@invisiblethingslab.com> <20230603145244.1538-1-demi@invisiblethingslab.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767537545562559086?= X-GMAIL-MSGID: =?utf-8?q?1767693698098541447?= Typical userspace setups create a symlink under /dev/mapper with the name of the device, but /dev/mapper/control is reserved for the control device. Therefore, trying to create such a device is almost certain to be a userspace bug. Signed-off-by: Demi Marie Obenour --- drivers/md/dm-ioctl.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c index 7510afe237d979a5ee71afe87a20d49f631de1aa..5b647ab044e44b0c9d0961b5a336b41f50408f88 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c @@ -767,7 +767,12 @@ static int get_target_version(struct file *filp, struct dm_ioctl *param, size_t static int check_name(const char *name) { if (strchr(name, '/')) { - DMERR("invalid device name"); + DMERR("device name cannot contain '/'"); + return -EINVAL; + } + + if (strcmp(name, DM_CONTROL_NODE) == 0) { + DMERR("device name cannot be \"%s\"", DM_CONTROL_NODE); return -EINVAL; } From patchwork Sat Jun 3 14:52:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 102846 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp1700933vqr; Sat, 3 Jun 2023 07:54:49 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4+0CAEjIv05+3wcvJxqapMMMtYeJ4V3GzITQj/rIgwMllY9S+3hERFo7OT8fr/S1aMyqch X-Received: by 2002:a17:90a:e504:b0:259:17bc:1a3c with SMTP id t4-20020a17090ae50400b0025917bc1a3cmr594641pjy.7.1685804089588; Sat, 03 Jun 2023 07:54:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685804089; cv=none; d=google.com; s=arc-20160816; b=Mwr0Tc8IIoSU9yjv9mt62zf33hpnGGC9Ag5cOVvljtOTpe4MDQSRzd0RE/Bol4kNn0 XAzjAVihW3r0qnYuZF8/P2haCNiNvNQSCspZH2Ih+6k1xCe19SCrpg3wmkcuPhqkduqY EfIanWk9MQVPU/cyVRH8Y6QxWLMO6vOw0LmfUxgRA3HXGJSRIaW+18qw41vBeJsbz6Mr XpcWgn7OvMgelT2ZP9C9r4UsV5r0OcyI03ATN8M9cOXCwCTUMRlzhlds4YhVe8Uw0HIW JXs9dPmo3CCyZmbvRLwhpxWDufbGOn24xwZLTgjvnE6629VDO36p144+kDisIyS5wxFV tUPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=F4OXbKEhX/cWHBaWnFmGY6QP2wMBPb2edHzYfPJhig4=; b=MNoPSDrDBOzqKojDmqaLLdo2SJaesWv7vH4XwYQEcNFNKC0UDK8QD7j8n6rFPFfb2w TrSKTB61raW8aV57vnhU4nL+RJ+xnJCkfI/Qz4kueT141afIiVZMmIDf8uefZW3Oyy5Z ysGu58pXoYiieVPbGn+2zeteP6gqQsmHUkosd7QBR93kgEKfqq1lo0PFz0PNlSOaBgCN jUkyEDQOLRkpi0jW3GsYhMyRsWSRgEm2olAPlU461blsxGxDrmc3ebkIvmCn0YGCPLCl Fbaw/3NAoVo4wvwpHxiuV05cUIRGQpWLbptllXzKz51AV4RBuvQohfYvXK6/j1kEOzOY uPiw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b="k/jGMYcX"; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=nWg+9Eev; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j6-20020a17090a694600b00258f959be0csi1804088pjm.182.2023.06.03.07.54.35; Sat, 03 Jun 2023 07:54:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm1 header.b="k/jGMYcX"; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=nWg+9Eev; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237164AbjFCOxe (ORCPT + 99 others); Sat, 3 Jun 2023 10:53:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60894 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229595AbjFCOxX (ORCPT ); Sat, 3 Jun 2023 10:53:23 -0400 Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DB53D18D for ; Sat, 3 Jun 2023 07:53:22 -0700 (PDT) Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 436B55C00C8; Sat, 3 Jun 2023 10:53:22 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Sat, 03 Jun 2023 10:53:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1685804002; x=1685890402; bh=F4OXbKEhX/ cWHBaWnFmGY6QP2wMBPb2edHzYfPJhig4=; b=k/jGMYcXSWRlwp1iXFmb5LZL1K 0nFerI/3Q2ubLUn6uAeTeRYk7BPE+wzpO8j+CExQick59ZwFRozc97HYVtVNeL5l 0DvB3xxb9SRWv2vjGWxqwpaaPUztPhcFc2evqVlpQcjTg7Jb5+aBFpymHefPqS00 fi4e1E9x93FmbljW/WxsHXWeMR+ZBZNaMoAh8eR5lgEaEWdMmuoSmC4mgFcI+Arb fJcuDRTbbbTy8e+zxKu3cpRou26/ndZr8c0pYwFTUGVL9klW9kIQyidHQIa0wGcb 5H5qgRD/mh9KI80PTV1fNjkIXHsBWzEMEelfdNQxv/4Nhl7Y8lv+feQblzAA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1685804002; x= 1685890402; bh=F4OXbKEhX/cWHBaWnFmGY6QP2wMBPb2edHzYfPJhig4=; b=n Wg+9EevZJ8ZOemDgL2dehUME+px4D3TcJV/KwLHq3qS0hxhV0ujPqqxhJ2LlkVfE 3Cm2F+QuHQPtNEDR8NLR3zKfICS8FaDhYJeqaD/spboiIk+98pTQaNYnvlF2EjLd r+Hpy4ZGmdm9ghF/elvqh+oMgjHs6iNBDAOzzOo7TGsbteNUk39gPAxYTKrDUakf /lVRIvUwkj2TWUyIY80HHF6yMAxkZXWjjtmIKdQdxDYDmRtKt2KPKh8dyN00BDCe p9WO6H5uTJU7Ob5eNVLU4XfDM/i5syGd2Y43vSdwQucOnd/N+STfIaR+zFAB1mOP TDiYuEf02bYa2wEyfg0Zw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrfeelhedgkedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomhepffgvmhhi ucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhihhngh hslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepjeffjefggfeugeduvedvjeekgfeh gffhhfffjeetkeelueefffetfffhtdduheetnecuvehluhhsthgvrhfuihiivgeptdenuc frrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhnghhs lhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 3 Jun 2023 10:53:21 -0400 (EDT) From: Demi Marie Obenour To: Alasdair Kergon , Mike Snitzer , dm-devel@redhat.com Cc: Demi Marie Obenour , linux-kernel@vger.kernel.org Subject: [PATCH v2 6/6] device-mapper: "." and ".." are not valid symlink names Date: Sat, 3 Jun 2023 10:52:44 -0400 Message-Id: <20230603145244.1538-7-demi@invisiblethingslab.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230603145244.1538-1-demi@invisiblethingslab.com> References: <20230601212456.1533-1-demi@invisiblethingslab.com> <20230603145244.1538-1-demi@invisiblethingslab.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767537680827275472?= X-GMAIL-MSGID: =?utf-8?q?1767693709306569286?= Using either of these is going to greatly confuse userspace, as they are not valid symlink names and so creating the usual /dev/mapper/NAME symlink will not be possible. As creating a device with either of these names is almost certainly a userspace bug, just error out. Signed-off-by: Demi Marie Obenour --- drivers/md/dm-ioctl.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c index 5b647ab044e44b0c9d0961b5a336b41f50408f88..12be95ee20778b9acd3ea0d98f160a7409028afc 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c @@ -771,8 +771,10 @@ static int check_name(const char *name) return -EINVAL; } - if (strcmp(name, DM_CONTROL_NODE) == 0) { - DMERR("device name cannot be \"%s\"", DM_CONTROL_NODE); + if (strcmp(name, DM_CONTROL_NODE) == 0 || + strcmp(name, ".") == 0 || + strcmp(name, "..") == 0) { + DMERR("device name cannot be \"%s\", \".\", or \"..\"", DM_CONTROL_NODE); return -EINVAL; }