Message ID | 20220503205503.3054173-2-keescook@chromium.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | randstruct: Enable Clang support | expand |
On Tue, 2022-05-03 at 13:54 -0700, Kees Cook wrote: > Clang's structure layout randomization feature gets upset when it sees > struct inode (which is randomized) cast to struct netfs_i_context. This > is due to seeing the inode pointer as being treated as an array of inodes, > rather than "something else, following struct inode". > > Since netfs can't use container_of() (since it doesn't know what the > true containing struct is), it uses this direct offset instead. Adjust > the code to better reflect what is happening: an arbitrary pointer is > being adjusted and cast to something else: use a "void *" for the math. > The resulting binary output is the same, but Clang no longer sees an > unexpected cross-structure cast: > > In file included from ../fs/nfs/inode.c:50: > In file included from ../fs/nfs/fscache.h:15: > In file included from ../include/linux/fscache.h:18: > ../include/linux/netfs.h:298:9: error: casting from randomized structure pointer type 'struct inode *' to 'struct netfs_i_context *' > return (struct netfs_i_context *)(inode + 1); > ^ > 1 error generated. > > Cc: David Howells <dhowells@redhat.com> > Cc: Jeff Layton <jlayton@kernel.org> > Signed-off-by: Kees Cook <keescook@chromium.org> > --- > include/linux/netfs.h | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/include/linux/netfs.h b/include/linux/netfs.h > index c7bf1eaf51d5..0c33b715cbfd 100644 > --- a/include/linux/netfs.h > +++ b/include/linux/netfs.h > @@ -295,7 +295,7 @@ extern void netfs_stats_show(struct seq_file *); > */ > static inline struct netfs_i_context *netfs_i_context(struct inode *inode) > { > - return (struct netfs_i_context *)(inode + 1); > + return (void *)inode + sizeof(*inode); > } > > /** > @@ -307,7 +307,7 @@ static inline struct netfs_i_context *netfs_i_context(struct inode *inode) > */ > static inline struct inode *netfs_inode(struct netfs_i_context *ctx) > { > - return ((struct inode *)ctx) - 1; > + return (void *)ctx - sizeof(struct inode); > } > > /** Looks reasonable. Reviewed-by: Jeff Layton <jlayton@kernel.org>
diff --git a/include/linux/netfs.h b/include/linux/netfs.h index c7bf1eaf51d5..0c33b715cbfd 100644 --- a/include/linux/netfs.h +++ b/include/linux/netfs.h @@ -295,7 +295,7 @@ extern void netfs_stats_show(struct seq_file *); */ static inline struct netfs_i_context *netfs_i_context(struct inode *inode) { - return (struct netfs_i_context *)(inode + 1); + return (void *)inode + sizeof(*inode); } /** @@ -307,7 +307,7 @@ static inline struct netfs_i_context *netfs_i_context(struct inode *inode) */ static inline struct inode *netfs_inode(struct netfs_i_context *ctx) { - return ((struct inode *)ctx) - 1; + return (void *)ctx - sizeof(struct inode); } /**
Clang's structure layout randomization feature gets upset when it sees struct inode (which is randomized) cast to struct netfs_i_context. This is due to seeing the inode pointer as being treated as an array of inodes, rather than "something else, following struct inode". Since netfs can't use container_of() (since it doesn't know what the true containing struct is), it uses this direct offset instead. Adjust the code to better reflect what is happening: an arbitrary pointer is being adjusted and cast to something else: use a "void *" for the math. The resulting binary output is the same, but Clang no longer sees an unexpected cross-structure cast: In file included from ../fs/nfs/inode.c:50: In file included from ../fs/nfs/fscache.h:15: In file included from ../include/linux/fscache.h:18: ../include/linux/netfs.h:298:9: error: casting from randomized structure pointer type 'struct inode *' to 'struct netfs_i_context *' return (struct netfs_i_context *)(inode + 1); ^ 1 error generated. Cc: David Howells <dhowells@redhat.com> Cc: Jeff Layton <jlayton@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> --- include/linux/netfs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)