fix: use correct ioctl wrapper for create_device
#298
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ShadowCurse
force-pushed
the
fix_aarch64_create_device
branch
from
08009fb to
b42e972
Compare
fix: use correct ioctl wrapper for `create_device` Use `ioctl_with_mut_ref` instead of `ioctl_with_ref` in the `create_device` method as it needs to write to the `kvm_create_device` struct passed to it. This incorrect usage of `ioctl_with_ref` causes newer versions of Rust compiler (1.82 and above) to treat the `kvm_create_device` struct as read-only and bypass following reads from it. This optimization lead to incorrect value being passed to the `File::from_raw_fd` call. Signed-off-by: Egor Lazarchuk <[email protected]>
ShadowCurse
force-pushed
the
fix_aarch64_create_device
branch
from
b42e972 to
f7c68d5
Compare
ShadowCurse
requested review from
acatangiu,
andreeaflorescu,
lauralt,
sameo and
roypat
as code owners
| @@ -1300,7 +1300,7 @@ impl VmFd { | |||
| /// ``` | |||
| pub fn create_device(&self, device: &mut kvm_create_device) -> Result<DeviceFd> { | |||
| // SAFETY: Safe because we are calling this with the VM fd and we trust the kernel. | |||
| let ret = unsafe { ioctl_with_ref(self, KVM_CREATE_DEVICE(), device) }; | |||
| let ret = unsafe { ioctl_with_mut_ref(self, KVM_CREATE_DEVICE(), device) }; | |||
There was a problem hiding this comment.
Can you add a test that would trigger the error? As we discussed offline this would not be triggering in the CI because we're not using the latest Rust version. It's enough if we can trigger it locally because eventually we'll be using the latest version in the CI as well.
There was a problem hiding this comment.
We already have tests which can trigger this behavior. Tests are: test_register_unregister_irqfd and test_set_irq_line.
This was referenced Dec 9, 2024
roypat
approved these changes
Dec 9, 2024
rbradford
approved these changes
Dec 9, 2024
This was referenced Dec 9, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary of the PR
Use
ioctl_with_mut_refinstead ofioctl_with_refforcreate_deviceas it needs to write to thekvm_create_devicestruct passed to it.This incorrect usage of the
ioctl_with_refcauses an issue if used with Rust version 1.82(and later) inreleasebuilds. In those cases thekvm_create_devicestruct is considered to be immutable and the followingFile::from_raw_fdcreates a file from an initial value set in thekvm_create_devicebefore the call.The reason unit tests don't fail in CI is because it uses 1.80.1 version and does not run unit tests with
--releaseoption which does not produce the error.Requirements
Before submitting your PR, please make sure you addressed the following
requirements:
git commit -s), and the commit message has max 60 characters for thesummary and max 75 characters for each description line.
test.
Release" section of CHANGELOG.md (if no such section exists, please create one).
unsafecode is properly documented.