GGLinnk/bees
1
0
Fork 0
mirror of https://github.com/Zygo/bees.git synced 2025-06-16 17:46:16 +02:00
Code Packages Activity

lib: fs: stop using libbtrfs-dev helper functions to re-enable buffer length checks

Browse Source 
The Linux kernel's btrfs headers are better than the libbtrfs-dev headers:

	- the libbtrfs-dev headers have C++ language compatibility issues

	- upstream version in Linux kernel is more accurate and up to date

	- macros in libbtrfs-dev's ctree.h hide information that would
	enable bees to perform runtime buffer length checking

	- enum types whose presence cannot be detected with #ifdef

When accessing members of metadata items from the filesystem, we want
to verify that the member we are accessing is within the boundaries of
the item that was retrieved; otherwise, a memory access violation may
occur or garbage may be returned to the caller.  A simple C++ template,
given a pointer to a structure member and a buffer, can determine that
the buffer contains enough bytes to safely access a struct member.
This was implemented back in 2016, but left unused due to ctree.h issues.

Some btrfs metadata structures have variable length despite using a
fixed-size in-memory structure.  The members that appear earliest in
the structure contain information about which following members of the
structure are used.  The item stored in the filesystem is truncated after
the last used member, and all following members must not be accessed.

'btrfs_stack_*' accessor macros obscure the memory boundaries of the
members they access, which makes it impossible for a C++ template to
verify the memory access.  If the template checks the length of the
entire structure, it will find an access violation for variable-length
metadata items because the item is rarely large enough for the entire
structure.

Get rid of all the libbtrfs-dev accessor macros and reimplement them
with the necessary buffer length checks.

Signed-off-by: Zygo Blaxell <bees@furryterror.org>
This commit is contained in:
Zygo Blaxell
2021-02-22 03:07:37 -05:00
parent 6eb7afa65c
commit 7f660f50b8
6 changed files with 96 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
include/crucible/btrfs.h
View File

@ -13,20 +13,22 @@
// __u64 typedef and friends
#include <linux/types.h>
// try Linux headers first
#include <btrfs/ioctl.h>
// the btrfs headers
#include <linux/btrfs.h>
#include <linux/btrfs_tree.h>
// Supply any missing definitions
#define mutex not_mutex
#include <btrfs/ctree.h>
// Repair the damage
#undef crc32c
#undef min
#undef max
#undef mutex
#undef swap
// And now all the things that have been missing in some version of
// the headers.
#ifndef BTRFS_FIRST_FREE_OBJECTID
enum btrfs_compression_type {
BTRFS_COMPRESS_NONE,
BTRFS_COMPRESS_ZLIB,
BTRFS_COMPRESS_LZO,
BTRFS_COMPRESS_ZSTD,
};
// BTRFS_CSUM_ITEM_KEY is not defined in include/uapi
#ifndef BTRFS_CSUM_ITEM_KEY
#define BTRFS_ROOT_TREE_OBJECTID 1ULL
#define BTRFS_EXTENT_TREE_OBJECTID 2ULL