tcm_vhost: Fix vhost_scsi_target structure alignment

Here TRANSPORT_IQN_LEN is 224, which is a multiple of 4.
Since vhost_tpgt is 2 bytes and abi_version is 4, the total size would
be 230.  But gcc needs struct size be aligned to first field size, which
is 4 bytes, so it pads the structure by extra 2 bytes to the total of
232.

This padding is very undesirable in an ABI:
- it can not be initialized easily
- it can not be checked easily
- it can leak information between kernel and userspace

Simplest solution is probably just to make the padding
explicit.

(v2: Add check for zero'ed backend->reserved field for VHOST_SCSI_SET_ENDPOINT
     and VHOST_SCSI_CLEAR_ENDPOINT ops as requested by MST)

Reported-by: Michael S. Tsirkin <[email protected]>
Signed-off-by: Michael S. Tsirkin <[email protected]>
Signed-off-by: Nicholas Bellinger <[email protected]>

Author: mstsirkin

drivers/vhost/tcm_vhost.c

@@ -995,11 +995,15 @@ static long vhost_scsi_ioctl(struct file *f, unsigned int ioctl,
 	case VHOST_SCSI_SET_ENDPOINT:
 		if (copy_from_user(&backend, argp, sizeof backend))
 			return -EFAULT;
+		if (backend.reserved != 0)
+			return -EOPNOTSUPP;
 
 		return vhost_scsi_set_endpoint(vs, &backend);
 	case VHOST_SCSI_CLEAR_ENDPOINT:
 		if (copy_from_user(&backend, argp, sizeof backend))
 			return -EFAULT;
+		if (backend.reserved != 0)
+			return -EOPNOTSUPP;
 
 		return vhost_scsi_clear_endpoint(vs, &backend);
 	case VHOST_SCSI_GET_ABI_VERSION:

drivers/vhost/tcm_vhost.h

@@ -93,6 +93,7 @@ struct vhost_scsi_target {
 	int abi_version;
 	char vhost_wwpn[TRANSPORT_IQN_LEN];
 	unsigned short vhost_tpgt;
+	unsigned short reserved;
 };
 
 /* VHOST_SCSI specific defines */