| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Feb 2022 11:38:08 -0800
From: Nick Desaulniers <ndesaulniers@...gle.com>
To: Nathan Chancellor <nathan@...nel.org>
Cc: Jens Axboe <axboe@...nel.dk>,
Pavel Begunkov <asml.silence@...il.com>,
Usama Arif <usama.arif@...edance.com>,
io-uring@...r.kernel.org, linux-kernel@...r.kernel.org,
llvm@...ts.linux.dev
Subject: Re: [PATCH] io_uring: Fix use of uninitialized ret in io_eventfd_register()
On Mon, Feb 7, 2022 at 11:36 AM Nathan Chancellor <nathan@...nel.org> wrote:
>
> On Mon, Feb 07, 2022 at 11:32:03AM -0800, Nick Desaulniers wrote:
> > On Mon, Feb 7, 2022 at 8:24 AM Nathan Chancellor <nathan@...nel.org> wrote:
> > >
> > > Clang warns:
> > >
> > > fs/io_uring.c:9396:9: warning: variable 'ret' is uninitialized when used here [-Wuninitialized]
> > > return ret;
> > > ^~~
> > > fs/io_uring.c:9373:13: note: initialize the variable 'ret' to silence this warning
> > > int fd, ret;
> > > ^
> > > = 0
> > > 1 warning generated.
> > >
> > > Just return 0 directly and reduce the scope of ret to the if statement,
> > > as that is the only place that it is used, which is how the function was
> > > before the fixes commit.
> > >
> > > Fixes: 1a75fac9a0f9 ("io_uring: avoid ring quiesce while registering/unregistering eventfd")
> >
> > Did SHA's change? In linux-next, I see:
> > commit b77e315a9644 ("io_uring: avoid ring quiesce while
> > registering/unregistering eventfd")
> > otherwise LGTM
>
> Yes, this is against Jens' latest for-5.18/io_uring branch, which was
> rebased after next-20220207 was released.
>
> https://git.kernel.dk/cgit/linux-block/log/?h=for-5.18/io_uring
Thanks for the explanation.
Reviewed-by: Nick Desaulniers <ndesaulniers@...gle.com>
>
> Cheers,
> Nathan
>
> > > Link: https://github.com/ClangBuiltLinux/linux/issues/1579
> > > Signed-off-by: Nathan Chancellor <nathan@...nel.org>
> > > ---
> > > fs/io_uring.c | 6 +++---
> > > 1 file changed, 3 insertions(+), 3 deletions(-)
> > >
> > > diff --git a/fs/io_uring.c b/fs/io_uring.c
> > > index 5479f0607430..7ef04bb66da1 100644
> > > --- a/fs/io_uring.c
> > > +++ b/fs/io_uring.c
> > > @@ -9370,7 +9370,7 @@ static int io_eventfd_register(struct io_ring_ctx *ctx, void __user *arg,
> > > {
> > > struct io_ev_fd *ev_fd;
> > > __s32 __user *fds = arg;
> > > - int fd, ret;
> > > + int fd;
> > >
> > > ev_fd = rcu_dereference_protected(ctx->io_ev_fd,
> > > lockdep_is_held(&ctx->uring_lock));
> > > @@ -9386,14 +9386,14 @@ static int io_eventfd_register(struct io_ring_ctx *ctx, void __user *arg,
> > >
> > > ev_fd->cq_ev_fd = eventfd_ctx_fdget(fd);
> > > if (IS_ERR(ev_fd->cq_ev_fd)) {
> > > - ret = PTR_ERR(ev_fd->cq_ev_fd);
> > > + int ret = PTR_ERR(ev_fd->cq_ev_fd);
> > > kfree(ev_fd);
> > > return ret;
> > > }
> > > ev_fd->eventfd_async = eventfd_async;
> > >
> > > rcu_assign_pointer(ctx->io_ev_fd, ev_fd);
> > > - return ret;
> > > + return 0;
> > > }
> > >
> > > static void io_eventfd_put(struct rcu_head *rcu)
> > >
> > > base-commit: 88a0394bc27de2dd8a8715970f289c5627052532
> > > --
> > > 2.35.1
> > >
> > >
> >
> >
> > --
> > Thanks,
> > ~Nick Desaulniers
>
--
Thanks,
~Nick Desaulniers
Powered by blists - more mailing lists