lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 25 Jan 2022 12:23:34 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     kbuild@...ts.01.org,
        Allison Henderson <allison.henderson@...cle.com>
Cc:     lkp@...el.com, kbuild-all@...ts.01.org,
        linux-kernel@...r.kernel.org
Subject: [kbuild] [allisonhenderson-xfs-work:delayed_attrs_v26_extended
 28/30] fs/xfs/xfs_ioctl.c:1753 xfs_ioc_get_parent_pointer() warn: maybe
 return -EFAULT instead of the bytes remaining?

tree:   https://github.com/allisonhenderson/xfs_work.git  delayed_attrs_v26_extended
head:   19459f5cfa422b0a6a9cd3898892e43ecb49f8f3
commit: 38f492d29e0c25066170d87572b7ade7bf2af72b [28/30] xfs: Add parent pointer ioctl
config: nios2-randconfig-m031-20220124 (https://download.01.org/0day-ci/archive/20220125/202201250715.EbP8D1XT-lkp@intel.com/config )
compiler: nios2-linux-gcc (GCC) 11.2.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>

New smatch warnings:
fs/xfs/xfs_ioctl.c:1753 xfs_ioc_get_parent_pointer() warn: maybe return -EFAULT instead of the bytes remaining?

Old smatch warnings:
arch/nios2/include/asm/thread_info.h:71 current_thread_info() error: uninitialized symbol 'sp'.

vim +1753 fs/xfs/xfs_ioctl.c

38f492d29e0c25 Allison Henderson 2021-07-23  1686  STATIC int
38f492d29e0c25 Allison Henderson 2021-07-23  1687  xfs_ioc_get_parent_pointer(
38f492d29e0c25 Allison Henderson 2021-07-23  1688  	struct file			*filp,
38f492d29e0c25 Allison Henderson 2021-07-23  1689  	void				__user *arg)
38f492d29e0c25 Allison Henderson 2021-07-23  1690  {
38f492d29e0c25 Allison Henderson 2021-07-23  1691  	struct xfs_pptr_info		*ppi = NULL;
38f492d29e0c25 Allison Henderson 2021-07-23  1692  	int				error = 0;
38f492d29e0c25 Allison Henderson 2021-07-23  1693  	struct xfs_inode		*ip = XFS_I(file_inode(filp));
38f492d29e0c25 Allison Henderson 2021-07-23  1694  	struct xfs_mount		*mp = ip->i_mount;
38f492d29e0c25 Allison Henderson 2021-07-23  1695  
38f492d29e0c25 Allison Henderson 2021-07-23  1696  	if (!capable(CAP_SYS_ADMIN))
38f492d29e0c25 Allison Henderson 2021-07-23  1697  		return -EPERM;
38f492d29e0c25 Allison Henderson 2021-07-23  1698  
38f492d29e0c25 Allison Henderson 2021-07-23  1699  	/* Allocate an xfs_pptr_info to put the user data */
38f492d29e0c25 Allison Henderson 2021-07-23  1700  	ppi = kmem_alloc(sizeof(struct xfs_pptr_info), 0);
38f492d29e0c25 Allison Henderson 2021-07-23  1701  	if (!ppi)
38f492d29e0c25 Allison Henderson 2021-07-23  1702  		return -ENOMEM;
38f492d29e0c25 Allison Henderson 2021-07-23  1703  
38f492d29e0c25 Allison Henderson 2021-07-23  1704  	/* Copy the data from the user */
38f492d29e0c25 Allison Henderson 2021-07-23  1705  	error = copy_from_user(ppi, arg, sizeof(struct xfs_pptr_info));
38f492d29e0c25 Allison Henderson 2021-07-23  1706  	if (error)
38f492d29e0c25 Allison Henderson 2021-07-23  1707  		goto out;
38f492d29e0c25 Allison Henderson 2021-07-23  1708  
38f492d29e0c25 Allison Henderson 2021-07-23  1709  	/* Check size of buffer requested by user */
38f492d29e0c25 Allison Henderson 2021-07-23  1710  	if (XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size) > XFS_XATTR_LIST_MAX) {
38f492d29e0c25 Allison Henderson 2021-07-23  1711  		error = -ENOMEM;
38f492d29e0c25 Allison Henderson 2021-07-23  1712  		goto out;
38f492d29e0c25 Allison Henderson 2021-07-23  1713  	}
38f492d29e0c25 Allison Henderson 2021-07-23  1714  
38f492d29e0c25 Allison Henderson 2021-07-23  1715  	/*
38f492d29e0c25 Allison Henderson 2021-07-23  1716  	 * Now that we know how big the trailing buffer is, expand
38f492d29e0c25 Allison Henderson 2021-07-23  1717  	 * our kernel xfs_pptr_info to be the same size
38f492d29e0c25 Allison Henderson 2021-07-23  1718  	 */
38f492d29e0c25 Allison Henderson 2021-07-23  1719  	ppi = krealloc(ppi, XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size),
38f492d29e0c25 Allison Henderson 2021-07-23  1720  		       GFP_NOFS | __GFP_NOFAIL);
38f492d29e0c25 Allison Henderson 2021-07-23  1721  	if (!ppi)
38f492d29e0c25 Allison Henderson 2021-07-23  1722  		return -ENOMEM;
38f492d29e0c25 Allison Henderson 2021-07-23  1723  
38f492d29e0c25 Allison Henderson 2021-07-23  1724  	if (ppi->pi_flags != 0 && ppi->pi_flags != XFS_PPTR_IFLAG_HANDLE) {
38f492d29e0c25 Allison Henderson 2021-07-23  1725  		error = -EINVAL;
38f492d29e0c25 Allison Henderson 2021-07-23  1726  		goto out;
38f492d29e0c25 Allison Henderson 2021-07-23  1727  	}
38f492d29e0c25 Allison Henderson 2021-07-23  1728  
38f492d29e0c25 Allison Henderson 2021-07-23  1729  	if (ppi->pi_flags == XFS_PPTR_IFLAG_HANDLE) {
38f492d29e0c25 Allison Henderson 2021-07-23  1730  		error = xfs_iget(mp, NULL, ppi->pi_handle.ha_fid.fid_ino,
38f492d29e0c25 Allison Henderson 2021-07-23  1731  				0, 0, &ip);
38f492d29e0c25 Allison Henderson 2021-07-23  1732  		if (error)
38f492d29e0c25 Allison Henderson 2021-07-23  1733  			goto out;
38f492d29e0c25 Allison Henderson 2021-07-23  1734  	}
38f492d29e0c25 Allison Henderson 2021-07-23  1735  
38f492d29e0c25 Allison Henderson 2021-07-23  1736  	if (ip->i_ino == mp->m_sb.sb_rootino)
38f492d29e0c25 Allison Henderson 2021-07-23  1737  		ppi->pi_flags |= XFS_PPTR_OFLAG_ROOT;
38f492d29e0c25 Allison Henderson 2021-07-23  1738  
38f492d29e0c25 Allison Henderson 2021-07-23  1739  	/* Get the parent pointers */
38f492d29e0c25 Allison Henderson 2021-07-23  1740  	error = xfs_attr_get_parent_pointer(ip, ppi);
38f492d29e0c25 Allison Henderson 2021-07-23  1741  
38f492d29e0c25 Allison Henderson 2021-07-23  1742  	if (error)
38f492d29e0c25 Allison Henderson 2021-07-23  1743  		goto out;
38f492d29e0c25 Allison Henderson 2021-07-23  1744  
38f492d29e0c25 Allison Henderson 2021-07-23  1745  	/* Copy the parent pointers back to the user */
38f492d29e0c25 Allison Henderson 2021-07-23  1746  	error = copy_to_user(arg, ppi,
38f492d29e0c25 Allison Henderson 2021-07-23  1747  			XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size));
38f492d29e0c25 Allison Henderson 2021-07-23  1748  	if (error)
38f492d29e0c25 Allison Henderson 2021-07-23  1749  		goto out;

This should be

	if (copy_to_user(arg, ppi, XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size))) {
		err = -EFAULT;
		goto out;
	}

38f492d29e0c25 Allison Henderson 2021-07-23  1750  
38f492d29e0c25 Allison Henderson 2021-07-23  1751  out:
38f492d29e0c25 Allison Henderson 2021-07-23  1752  	kmem_free(ppi);
38f492d29e0c25 Allison Henderson 2021-07-23 @1753  	return error;
38f492d29e0c25 Allison Henderson 2021-07-23  1754  }

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org 
_______________________________________________
kbuild mailing list -- kbuild@...ts.01.org
To unsubscribe send an email to kbuild-leave@...ts.01.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ