Virtiofs structs might be allocated with wrong alignment #691
Assignees
Labels
soundness
Something is unsound.
Comments
|
Hi @mkroening! @scotran and I are part of a Virtualization course at UT Austin, and as part of a project we have to contribute to open source repositories. Can we take up this issue? |
|
Go for it! :) |
joannejchen
added a commit
to joannejchen/libhermit-rs
that referenced
this issue
Apr 15, 2023
Alignment of the virtiofs struct was previously based on the alignment of the largest field in fuse_in_header/fuse_out_header. Switched to explicitly align on u32, the type of the first field in the header. Fixes hermit-os#691 Signed-off-by: joannejchen <chenjjoanne@gmail.com>
|
Hi @mrkroening! I created a pull request (#709) with the alignment switched to be based off of the u32 type (the type of the first field in fuse_in_header / fuse_out_header). Are these the changes you intended? |
mkroening
changed the title
joannejchen
added a commit
to joannejchen/libhermit-rs
that referenced
this issue
Apr 18, 2023
Alignment of the virtiofs struct was previously based on the alignment of only the first field. Changed to explicitly use the maximum alignment of all of the fields and added assertions to ensure this manually-allocated layout matches the compiler-generated layout. Fixes hermit-os#691 Signed-off-by: joannejchen <chenjjoanne@gmail.com>
joannejchen
added a commit
to joannejchen/libhermit-rs
that referenced
this issue
Apr 18, 2023
Alignment of the virtiofs struct was previously based on the alignment of only the first field. Changed to explicitly use the maximum alignment of all of the fields and added assertions to ensure this manually-allocated layout matches the compiler-generated layout. Fixes hermit-os#691 Signed-off-by: joannejchen <chenjjoanne@gmail.com>
joannejchen
added a commit
to joannejchen/libhermit-rs
that referenced
this issue
Apr 18, 2023
Alignment of the virtiofs struct was previously based on the alignment of only the first field. Changed to explicitly use the maximum alignment of all of the fields and added assertions to ensure this manually-allocated layout matches the compiler-generated layout. Fixes hermit-os#691 Signed-off-by: joannejchen <chenjjoanne@gmail.com>
joannejchen
added a commit
to joannejchen/libhermit-rs
that referenced
this issue
Apr 18, 2023
Alignment of the virtiofs struct was previously based on the alignment of only the first field. Changed to explicitly use the maximum alignment of all of the fields and added assertions to ensure this manually-allocated layout matches the compiler-generated layout. Fixes hermit-os#691 Signed-off-by: joannejchen <chenjjoanne@gmail.com>
joannejchen
added a commit
to joannejchen/libhermit-rs
that referenced
this issue
Apr 18, 2023
Alignment of the virtiofs struct was previously based on the alignment of only the first field. Changed to explicitly use the maximum alignment of all of the fields and added assertions to ensure this manually-allocated layout matches the compiler-generated layout. Fixes hermit-os#691 Signed-off-by: joannejchen <chenjjoanne@gmail.com>
joannejchen
added a commit
to joannejchen/libhermit-rs
that referenced
this issue
Apr 18, 2023
Alignment of the virtiofs struct was previously based on the alignment of only the first field. Changed to explicitly use the maximum alignment of all of the fields and added assertions to ensure this manually-allocated layout matches the compiler-generated layout. Fixes hermit-os#691 Signed-off-by: joannejchen <chenjjoanne@gmail.com>
|
Thanks for the clarification! I have updated it to pad the layout (and consequently changes the asserts and passing around of the layout as you mentioned), and luckily it doesn't seem to have broken anything! LMK if there's any other issues or fixes! |
bors bot
added a commit
that referenced
this issue
Apr 19, 2023
709: Change alignment of virtiofs structs to be based on the first field. r=mkroening a=joannejchen Alignment of the virtiofs struct was previously based on the alignment of the largest field in fuse_in_header/fuse_out_header. Switched to explicitly align on u32, the type of the first field in the header. Fixes #691 Co-authored-by: joannejchen <chenjjoanne@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are places that manually allocate fuse DSTs with this layout:
https://github.com/hermitcore/libhermit-rs/blob/4a9c2c4f4b3df5a335286939e5eff7f7484d331f/src/fs/fuse.rs#L372
where
Cmdis defined like this:https://github.com/hermitcore/libhermit-rs/blob/4a9c2c4f4b3df5a335286939e5eff7f7484d331f/src/fs/fuse.rs#L291-L297
The layout of the manual allocation has to exactly match the layout returned by
Layout::from_valueof the allocated value (this is something we should add assertions for).Specifically, the alignment might be wrong here for certain fields.
The alignment of a parent struct is not the alignment of the first field as assumed in this code, but the biggest alignment of all fields.
So instead of just the alignment of the first field (
fuse_in_headerin this case), we should request the maximum alignment of all fields.The text was updated successfully, but these errors were encountered: