From 6de7145ca3db231a84b7516a6cb25878da6ebb19 Mon Sep 17 00:00:00 2001 From: "Michael S. Tsirkin" Date: Sat, 18 Aug 2012 15:44:09 -0700 Subject: tcm_vhost: Fix vhost_scsi_target structure alignment Here TRANSPORT_IQN_LEN is 224, which is a multiple of 4. Since vhost_tpgt is 2 bytes and abi_version is 4, the total size would be 230. But gcc needs struct size be aligned to first field size, which is 4 bytes, so it pads the structure by extra 2 bytes to the total of 232. This padding is very undesirable in an ABI: - it can not be initialized easily - it can not be checked easily - it can leak information between kernel and userspace Simplest solution is probably just to make the padding explicit. (v2: Add check for zero'ed backend->reserved field for VHOST_SCSI_SET_ENDPOINT and VHOST_SCSI_CLEAR_ENDPOINT ops as requested by MST) Reported-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin Signed-off-by: Nicholas Bellinger --- drivers/vhost/tcm_vhost.h | 1 + 1 file changed, 1 insertion(+) (limited to 'drivers/vhost/tcm_vhost.h') diff --git a/drivers/vhost/tcm_vhost.h b/drivers/vhost/tcm_vhost.h index e9d5c020fb39..d9e93557d669 100644 --- a/drivers/vhost/tcm_vhost.h +++ b/drivers/vhost/tcm_vhost.h @@ -93,6 +93,7 @@ struct vhost_scsi_target { int abi_version; char vhost_wwpn[TRANSPORT_IQN_LEN]; unsigned short vhost_tpgt; + unsigned short reserved; }; /* VHOST_SCSI specific defines */ -- cgit v1.2.3