| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 5 Nov 2021 16:27:19 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: kbuild@...ts.01.org, zhangyiru <zhangyiru3@...wei.com>
Cc: lkp@...el.com, kbuild-all@...ts.01.org,
linux-kernel@...r.kernel.org
Subject: fs/hugetlbfs/inode.c:1467 hugetlb_file_setup() error: potentially
dereferencing uninitialized 'ucounts'.
tree: https://github.com/0day-ci/linux/commits/UPDATE-20211101-211012/zhangyiru/mm-hugetlb-remove-mlock-ulimit-for-SHM_HUGETLB/20211009-094538
head: 52edddc18d9541ad72912b32edd74baacc94d504
commit: 52edddc18d9541ad72912b32edd74baacc94d504 mm,hugetlb: remove mlock ulimit for SHM_HUGETLB
config: i386-randconfig-m021-20211101 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
New smatch warnings:
fs/hugetlbfs/inode.c:1467 hugetlb_file_setup() error: potentially dereferencing uninitialized 'ucounts'.
Old smatch warnings:
fs/hugetlbfs/inode.c:1498 hugetlb_file_setup() error: potentially dereferencing uninitialized 'ucounts'.
vim +/ucounts +1467 fs/hugetlbfs/inode.c
af73e4d9506d3b Naoya Horiguchi 2013-05-07 1448 struct file *hugetlb_file_setup(const char *name, size_t size,
52edddc18d9541 zhangyiru 2021-11-01 1449 vm_flags_t acctflag, int creat_flags,
52edddc18d9541 zhangyiru 2021-11-01 1450 int page_size_log)
^1da177e4c3f41 Linus Torvalds 2005-04-16 1451 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1452 struct inode *inode;
e68375c850b0d5 Al Viro 2018-06-09 1453 struct vfsmount *mnt;
42d7395feb56f0 Andi Kleen 2012-12-11 1454 int hstate_idx;
e68375c850b0d5 Al Viro 2018-06-09 1455 struct file *file;
52edddc18d9541 zhangyiru 2021-11-01 1456 struct ucounts **ucounts;
^^^^^^^^^^
42d7395feb56f0 Andi Kleen 2012-12-11 1457
42d7395feb56f0 Andi Kleen 2012-12-11 1458 hstate_idx = get_hstate_idx(page_size_log);
42d7395feb56f0 Andi Kleen 2012-12-11 1459 if (hstate_idx < 0)
42d7395feb56f0 Andi Kleen 2012-12-11 1460 return ERR_PTR(-ENODEV);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1461
e68375c850b0d5 Al Viro 2018-06-09 1462 mnt = hugetlbfs_vfsmount[hstate_idx];
e68375c850b0d5 Al Viro 2018-06-09 1463 if (!mnt)
5bc98594d59672 Akinobu Mita 2007-05-06 1464 return ERR_PTR(-ENOENT);
5bc98594d59672 Akinobu Mita 2007-05-06 1465
ef1ff6b8c08954 From: Mel Gorman 2009-09-23 1466 if (creat_flags == HUGETLB_SHMFS_INODE && !can_do_hugetlb_shm()) {
d7c9e99aee48e6 Alexey Gladkov 2021-04-22 @1467 *ucounts = current_ucounts();
^^^^^^^^^
Uninitialized.
d7c9e99aee48e6 Alexey Gladkov 2021-04-22 1468 if (user_shm_lock(size, *ucounts)) {
9b857d26d08f00 Andrew Morton 2014-06-04 1469 pr_warn_once("%s (%d): Using mlock ulimits for SHM_HUGETLB is deprecated\n",
21a3c273f88c9c David Rientjes 2012-03-21 1470 current->comm, current->pid);
52edddc18d9541 zhangyiru 2021-11-01 1471 user_shm_unlock(size, *ucounts);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1472 return ERR_PTR(-EPERM);
2584e517320bd4 Ravikiran G Thirumalai 2009-03-31 1473 }
353d5c30c66658 Hugh Dickins 2009-08-24 1474 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1475
39b65252745745 Anatol Pomozov 2012-09-12 1476 file = ERR_PTR(-ENOSPC);
e68375c850b0d5 Al Viro 2018-06-09 1477 inode = hugetlbfs_get_inode(mnt->mnt_sb, NULL, S_IFREG | S_IRWXUGO, 0);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1478 if (!inode)
e68375c850b0d5 Al Viro 2018-06-09 1479 goto out;
e1832f2923ec92 Stephen Smalley 2015-08-06 1480 if (creat_flags == HUGETLB_SHMFS_INODE)
e1832f2923ec92 Stephen Smalley 2015-08-06 1481 inode->i_flags |= S_PRIVATE;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1482
^1da177e4c3f41 Linus Torvalds 2005-04-16 1483 inode->i_size = size;
6d6b77f163c7ea Miklos Szeredi 2011-10-28 1484 clear_nlink(inode);
ce8d2cdf3d2b73 Dave Hansen 2007-10-16 1485
33b8f84a4ee784 Mike Kravetz 2021-02-24 1486 if (!hugetlb_reserve_pages(inode, 0,
e68375c850b0d5 Al Viro 2018-06-09 1487 size >> huge_page_shift(hstate_inode(inode)), NULL,
e68375c850b0d5 Al Viro 2018-06-09 1488 acctflag))
e68375c850b0d5 Al Viro 2018-06-09 1489 file = ERR_PTR(-ENOMEM);
e68375c850b0d5 Al Viro 2018-06-09 1490 else
e68375c850b0d5 Al Viro 2018-06-09 1491 file = alloc_file_pseudo(inode, mnt, name, O_RDWR,
ce8d2cdf3d2b73 Dave Hansen 2007-10-16 1492 &hugetlbfs_file_operations);
e68375c850b0d5 Al Viro 2018-06-09 1493 if (!IS_ERR(file))
^1da177e4c3f41 Linus Torvalds 2005-04-16 1494 return file;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1495
b45b5bd65f668a David Gibson 2006-03-22 1496 iput(inode);
e68375c850b0d5 Al Viro 2018-06-09 1497 out:
d7c9e99aee48e6 Alexey Gladkov 2021-04-22 1498 if (*ucounts) {
d7c9e99aee48e6 Alexey Gladkov 2021-04-22 1499 user_shm_unlock(size, *ucounts);
d7c9e99aee48e6 Alexey Gladkov 2021-04-22 1500 *ucounts = NULL;
353d5c30c66658 Hugh Dickins 2009-08-24 1501 }
39b65252745745 Anatol Pomozov 2012-09-12 1502 return file;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1503 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
Powered by blists - more mailing lists