lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKwvOd=428ceq=GmjbkPu0fXx6b-T6J56HTy-DPdKKvaHwuSsA@mail.gmail.com>
Date:   Mon, 7 Feb 2022 11:38:08 -0800
From:   Nick Desaulniers <ndesaulniers@...gle.com>
To:     Nathan Chancellor <nathan@...nel.org>
Cc:     Jens Axboe <axboe@...nel.dk>,
        Pavel Begunkov <asml.silence@...il.com>,
        Usama Arif <usama.arif@...edance.com>,
        io-uring@...r.kernel.org, linux-kernel@...r.kernel.org,
        llvm@...ts.linux.dev
Subject: Re: [PATCH] io_uring: Fix use of uninitialized ret in io_eventfd_register()

On Mon, Feb 7, 2022 at 11:36 AM Nathan Chancellor <nathan@...nel.org> wrote:
>
> On Mon, Feb 07, 2022 at 11:32:03AM -0800, Nick Desaulniers wrote:
> > On Mon, Feb 7, 2022 at 8:24 AM Nathan Chancellor <nathan@...nel.org> wrote:
> > >
> > > Clang warns:
> > >
> > >   fs/io_uring.c:9396:9: warning: variable 'ret' is uninitialized when used here [-Wuninitialized]
> > >           return ret;
> > >                  ^~~
> > >   fs/io_uring.c:9373:13: note: initialize the variable 'ret' to silence this warning
> > >           int fd, ret;
> > >                      ^
> > >                       = 0
> > >   1 warning generated.
> > >
> > > Just return 0 directly and reduce the scope of ret to the if statement,
> > > as that is the only place that it is used, which is how the function was
> > > before the fixes commit.
> > >
> > > Fixes: 1a75fac9a0f9 ("io_uring: avoid ring quiesce while registering/unregistering eventfd")
> >
> > Did SHA's change? In linux-next, I see:
> > commit b77e315a9644 ("io_uring: avoid ring quiesce while
> > registering/unregistering eventfd")
> > otherwise LGTM
>
> Yes, this is against Jens' latest for-5.18/io_uring branch, which was
> rebased after next-20220207 was released.
>
> https://git.kernel.dk/cgit/linux-block/log/?h=for-5.18/io_uring

Thanks for the explanation.
Reviewed-by: Nick Desaulniers <ndesaulniers@...gle.com>

>
> Cheers,
> Nathan
>
> > > Link: https://github.com/ClangBuiltLinux/linux/issues/1579
> > > Signed-off-by: Nathan Chancellor <nathan@...nel.org>
> > > ---
> > >  fs/io_uring.c | 6 +++---
> > >  1 file changed, 3 insertions(+), 3 deletions(-)
> > >
> > > diff --git a/fs/io_uring.c b/fs/io_uring.c
> > > index 5479f0607430..7ef04bb66da1 100644
> > > --- a/fs/io_uring.c
> > > +++ b/fs/io_uring.c
> > > @@ -9370,7 +9370,7 @@ static int io_eventfd_register(struct io_ring_ctx *ctx, void __user *arg,
> > >  {
> > >         struct io_ev_fd *ev_fd;
> > >         __s32 __user *fds = arg;
> > > -       int fd, ret;
> > > +       int fd;
> > >
> > >         ev_fd = rcu_dereference_protected(ctx->io_ev_fd,
> > >                                         lockdep_is_held(&ctx->uring_lock));
> > > @@ -9386,14 +9386,14 @@ static int io_eventfd_register(struct io_ring_ctx *ctx, void __user *arg,
> > >
> > >         ev_fd->cq_ev_fd = eventfd_ctx_fdget(fd);
> > >         if (IS_ERR(ev_fd->cq_ev_fd)) {
> > > -               ret = PTR_ERR(ev_fd->cq_ev_fd);
> > > +               int ret = PTR_ERR(ev_fd->cq_ev_fd);
> > >                 kfree(ev_fd);
> > >                 return ret;
> > >         }
> > >         ev_fd->eventfd_async = eventfd_async;
> > >
> > >         rcu_assign_pointer(ctx->io_ev_fd, ev_fd);
> > > -       return ret;
> > > +       return 0;
> > >  }
> > >
> > >  static void io_eventfd_put(struct rcu_head *rcu)
> > >
> > > base-commit: 88a0394bc27de2dd8a8715970f289c5627052532
> > > --
> > > 2.35.1
> > >
> > >
> >
> >
> > --
> > Thanks,
> > ~Nick Desaulniers
>


-- 
Thanks,
~Nick Desaulniers

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ