From 05489a7637c10232e759ce3885e860a4f8d2d1be Mon Sep 17 00:00:00 2001
From: Keiichi Watanabe <keiichiw@chromium.org>
Date: Wed, 8 Apr 2020 03:55:37 +0900
Subject: [PATCH] crosvm: Fix clippy::correctness error

Fix a style problem categorized into `clippy::correctness`, which causes
an error by default.

BUG=chromium:908640
TEST=cargo clippy --all-features --all-targets -- -D clippy:correctness

Change-Id: I85f54c9b031a1628127041e85678c88f1c72d4df
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2145535
Tested-by: Keiichi Watanabe <keiichiw@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
---
 io_jail/src/lib.rs | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/io_jail/src/lib.rs b/io_jail/src/lib.rs
index a927cdbe59..7a123073fb 100644
--- a/io_jail/src/lib.rs
+++ b/io_jail/src/lib.rs
@@ -68,6 +68,8 @@ pub enum Error {
     PreservingFd(i32),
     /// Program size is too large
     ProgramTooLarge,
+    /// Alignment of file should be divisible by the alignment of sock_filter.
+    WrongProgramAlignment,
     /// File size should be non-zero and a multiple of sock_filter
     WrongProgramSize,
 }
@@ -148,6 +150,10 @@ impl Display for Error {
             ProcFd(s) => write!(f, "an entry in /proc/self/fd is not an integer: {}", s),
             PreservingFd(e) => write!(f, "fork failed in minijail_preserve_fd with error {}", e),
             ProgramTooLarge => write!(f, "bpf program is too large (max 64K instructions)"),
+            WrongProgramAlignment => write!(
+                f,
+                "the alignment of bpf file was not a multiple of that of sock_filter"
+            ),
             WrongProgramSize => write!(f, "bpf file was empty or not a multiple of sock_filter"),
         }
     }
@@ -287,6 +293,13 @@ impl Minijail {
         if count > (!0 as u16) as usize {
             return Err(Error::ProgramTooLarge);
         }
+        if buffer.as_ptr() as usize % std::mem::align_of::<sock_filter>() != 0 {
+            return Err(Error::WrongProgramAlignment);
+        }
+
+        // Safe cast because we checked that the buffer address is divisible by the alignment of
+        // sock_filter.
+        #[allow(clippy::cast_ptr_alignment)]
         let header = sock_fprog {
             len: count as c_ushort,
             filter: buffer.as_ptr() as *mut sock_filter,