lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Nov 2022 09:29:35 +0100 From: Alexander Potapenko <glider@...gle.com> To: glider@...gle.com Cc: linux-kernel@...r.kernel.org, akpm@...ux-foundation.org, tytso@....edu, adilger.kernel@...ger.ca, jaegeuk@...nel.org, chao@...nel.org, linux-fsdevel@...r.kernel.org, linux-ext4@...r.kernel.org, Eric Biggers <ebiggers@...nel.org>, syzbot+9767be679ef5016b6082@...kaller.appspotmail.com Subject: [PATCH] fs: ext4: initialize fsdata in pagecache_write() When aops->write_begin() does not initialize fsdata, KMSAN reports an error passing the latter to aops->write_end(). Fix this by unconditionally initializing fsdata. Also speculatively fix similar issues in affs, f2fs, hfs, hfsplus, as suggested by Eric Biggers. Cc: Eric Biggers <ebiggers@...nel.org> Fixes: c93d8f885809 ("ext4: add basic fs-verity support") Reported-by: syzbot+9767be679ef5016b6082@...kaller.appspotmail.com Signed-off-by: Alexander Potapenko <glider@...gle.com> --- fs/affs/file.c | 2 +- fs/ext4/verity.c | 2 +- fs/f2fs/verity.c | 2 +- fs/hfs/extent.c | 2 +- fs/hfsplus/extents.c | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/fs/affs/file.c b/fs/affs/file.c index cefa222f7881c..8daeed31e1af9 100644 --- a/fs/affs/file.c +++ b/fs/affs/file.c @@ -880,7 +880,7 @@ affs_truncate(struct inode *inode) if (inode->i_size > AFFS_I(inode)->mmu_private) { struct address_space *mapping = inode->i_mapping; struct page *page; - void *fsdata; + void *fsdata = NULL; loff_t isize = inode->i_size; int res; diff --git a/fs/ext4/verity.c b/fs/ext4/verity.c index 3c640bd7ecaeb..30e3b65798b50 100644 --- a/fs/ext4/verity.c +++ b/fs/ext4/verity.c @@ -79,7 +79,7 @@ static int pagecache_write(struct inode *inode, const void *buf, size_t count, size_t n = min_t(size_t, count, PAGE_SIZE - offset_in_page(pos)); struct page *page; - void *fsdata; + void *fsdata = NULL; int res; res = aops->write_begin(NULL, mapping, pos, n, &page, &fsdata); diff --git a/fs/f2fs/verity.c b/fs/f2fs/verity.c index c352fff88a5e6..3f4f3295f1c66 100644 --- a/fs/f2fs/verity.c +++ b/fs/f2fs/verity.c @@ -81,7 +81,7 @@ static int pagecache_write(struct inode *inode, const void *buf, size_t count, size_t n = min_t(size_t, count, PAGE_SIZE - offset_in_page(pos)); struct page *page; - void *fsdata; + void *fsdata = NULL; int res; res = aops->write_begin(NULL, mapping, pos, n, &page, &fsdata); diff --git a/fs/hfs/extent.c b/fs/hfs/extent.c index 3f7e9bef98743..6d1878b99b305 100644 --- a/fs/hfs/extent.c +++ b/fs/hfs/extent.c @@ -486,7 +486,7 @@ void hfs_file_truncate(struct inode *inode) inode->i_size); if (inode->i_size > HFS_I(inode)->phys_size) { struct address_space *mapping = inode->i_mapping; - void *fsdata; + void *fsdata = NULL; struct page *page; /* XXX: Can use generic_cont_expand? */ diff --git a/fs/hfsplus/extents.c b/fs/hfsplus/extents.c index 721f779b4ec3e..7a542f3dbe502 100644 --- a/fs/hfsplus/extents.c +++ b/fs/hfsplus/extents.c @@ -554,7 +554,7 @@ void hfsplus_file_truncate(struct inode *inode) if (inode->i_size > hip->phys_size) { struct address_space *mapping = inode->i_mapping; struct page *page; - void *fsdata; + void *fsdata = NULL; loff_t size = inode->i_size; res = hfsplus_write_begin(NULL, mapping, size, 0, -- 2.38.1.431.g37b22c650d-goog
Powered by blists - more mailing lists