vfio: use __aligned_u64 in struct vfio_device_gfx_plane_info

The memory layout of struct vfio_device_gfx_plane_info is
architecture-dependent due to a u64 field and a struct size that is not
a multiple of 8 bytes:
- On x86_64 the struct size is padded to a multiple of 8 bytes.
- On x32 the struct size is only a multiple of 4 bytes, not 8.
- Other architectures may vary.

Use __aligned_u64 to make memory layout consistent. This reduces the
chance of 32-bit userspace on a 64-bit kernel breakage.

This patch increases the struct size on x32 but this is safe because of
the struct's argsz field. The kernel may grow the struct as long as it
still supports smaller argsz values from userspace (e.g. applications
compiled against older kernel headers).

Suggested-by: Jason Gunthorpe <jgg@ziepe.ca>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Link: https://lore.kernel.org/r/20230918205617.1478722-3-stefanha@redhat.com
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>

diff --git a/drivers/gpu/drm/i915/gvt/kvmgt.c b/drivers/gpu/drm/i915/gvt/kvmgt.c
index 42ce20e72db767a4bcc6a19ddf1888b5677ea923..faf21be724c3ac6128378d2ced807f88f147ba90 100644 (file)
--- a/drivers/gpu/drm/i915/gvt/kvmgt.c
+++ b/drivers/gpu/drm/i915/gvt/kvmgt.c
@@ -1379,7 +1379,7 @@ static long intel_vgpu_ioctl(struct vfio_device *vfio_dev, unsigned int cmd,
                intel_gvt_reset_vgpu(vgpu);
                return 0;
        } else if (cmd == VFIO_DEVICE_QUERY_GFX_PLANE) {
-               struct vfio_device_gfx_plane_info dmabuf;
+               struct vfio_device_gfx_plane_info dmabuf = {};
                int ret = 0;
 
                minsz = offsetofend(struct vfio_device_gfx_plane_info,

diff --git a/include/uapi/linux/vfio.h b/include/uapi/linux/vfio.h
index 325df32466911198a38b7f2d4077bfabefc0db3c..8a3f83e0bdc1500c6b89feb08dae65e4adff9973 100644 (file)
--- a/include/uapi/linux/vfio.h
+++ b/include/uapi/linux/vfio.h
@@ -816,7 +816,7 @@ struct vfio_device_gfx_plane_info {
        __u32 drm_plane_type;   /* type of plane: DRM_PLANE_TYPE_* */
        /* out */
        __u32 drm_format;       /* drm format of plane */
-       __u64 drm_format_mod;   /* tiled mode */
+       __aligned_u64 drm_format_mod;   /* tiled mode */
        __u32 width;    /* width of plane */
        __u32 height;   /* height of plane */
        __u32 stride;   /* stride of plane */
@@ -829,6 +829,7 @@ struct vfio_device_gfx_plane_info {
                __u32 region_index;     /* region index */
                __u32 dmabuf_id;        /* dma-buf id */
        };
+       __u32 reserved;
 };
 
 #define VFIO_DEVICE_QUERY_GFX_PLANE _IO(VFIO_TYPE, VFIO_BASE + 14)

diff --git a/samples/vfio-mdev/mbochs.c b/samples/vfio-mdev/mbochs.c
index 3764d1911b5128677178771d2b0a373d997a5126..93405264ff2337870e8c0693a0759540424a2f81 100644 (file)
--- a/samples/vfio-mdev/mbochs.c
+++ b/samples/vfio-mdev/mbochs.c
@@ -1262,7 +1262,7 @@ static long mbochs_ioctl(struct vfio_device *vdev, unsigned int cmd,
 
        case VFIO_DEVICE_QUERY_GFX_PLANE:
        {
-               struct vfio_device_gfx_plane_info plane;
+               struct vfio_device_gfx_plane_info plane = {};
 
                minsz = offsetofend(struct vfio_device_gfx_plane_info,
                                    region_index);

diff --git a/samples/vfio-mdev/mdpy.c b/samples/vfio-mdev/mdpy.c
index 064e1c0a7aa832640c77fa9694b214f3c1c3693d..72ea5832c927166111b96fd3e40dbd789b895afc 100644 (file)
--- a/samples/vfio-mdev/mdpy.c
+++ b/samples/vfio-mdev/mdpy.c
@@ -591,7 +591,7 @@ static long mdpy_ioctl(struct vfio_device *vdev, unsigned int cmd,
 
        case VFIO_DEVICE_QUERY_GFX_PLANE:
        {
-               struct vfio_device_gfx_plane_info plane;
+               struct vfio_device_gfx_plane_info plane = {};
 
                minsz = offsetofend(struct vfio_device_gfx_plane_info,
                                    region_index);