lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Yh9eAYwI3+sBIIo7@alley>
Date:   Wed, 2 Mar 2022 13:07:29 +0100
From:   Petr Mladek <pmladek@...e.com>
To:     Andrew Morton <akpm@...ux-foundation.org>
Cc:     kernel test robot <lkp@...el.com>,
        Maninder Singh <maninder1.s@...sung.com>,
        kbuild-all@...ts.01.org, linux-kernel@...r.kernel.org,
        Johannes Weiner <hannes@...xchg.org>,
        Vaneet Narang <v.narang@...sung.com>,
        Linux Memory Management List <linux-mm@...ck.org>,
        Sergey Senozhatsky <senozhatsky@...omium.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        John Ogness <john.ogness@...utronix.de>
Subject: Re: [hnaz-mm:master 272/379] lib/vsprintf.c:991:13: warning:
 variable 'modbuildid' set but not used

On Tue 2022-03-01 10:24:48, Andrew Morton wrote:
> On Tue, 1 Mar 2022 20:11:04 +0800 kernel test robot <lkp@...el.com> wrote:
> 
> > tree:   https://github.com/hnaz/linux-mm master
> > head:   a46912c14343fd3269cc133494988af90b377d9f
> > commit: b314f622e664eb263ea03ef7f4580e37146f123f [272/379] kallsyms: enhance %pS/s/b printing when KALLSYSMS is disabled
> > config: arm-eseries_pxa_defconfig (https://download.01.org/0day-ci/archive/20220301/202203012040.uFWGm3My-lkp@intel.com/config)
> > compiler: arm-linux-gnueabi-gcc (GCC) 11.2.0
> > reproduce (this is a W=1 build):
> >         wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
> >         chmod +x ~/bin/make.cross
> >         # https://github.com/hnaz/linux-mm/commit/b314f622e664eb263ea03ef7f4580e37146f123f
> >         git remote add hnaz-mm https://github.com/hnaz/linux-mm
> >         git fetch --no-tags hnaz-mm master
> >         git checkout b314f622e664eb263ea03ef7f4580e37146f123f
> >         # save the config file to linux build tree
> >         mkdir build_dir
> >         COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross O=build_dir ARCH=arm SHELL=/bin/bash
> > 
> > If you fix the issue, kindly add following tag as appropriate
> > Reported-by: kernel test robot <lkp@...el.com>
> > 
> > All warnings (new ones prefixed by >>):
> > 
> >    lib/vsprintf.c: In function 'sprint_module_info':
> > >> lib/vsprintf.c:991:13: warning: variable 'modbuildid' set but not used [-Wunused-but-set-variable]
> >      991 |         int modbuildid = 0;
> >          |             ^~~~~~~~~~
> 
> Do we care about this?  [-Wunused-but-set-variable isn't normally set. 
> Under what circumstances does it get set in your setup?
> 
> I did this:
> 
> --- a/lib/vsprintf.c~kallsyms-enhance-%ps-s-b-printing-when-kallsysms-is-disabled-fix
> +++ a/lib/vsprintf.c
> @@ -988,7 +988,7 @@ static int sprint_module_info(char *buf,
>  	unsigned long base;
>  	int ret = 0;
>  	const char *modname;
> -	int modbuildid = 0;
> +	int modbuildid __maybe_unused = 0;
>  	int len;
>  #if IS_ENABLED(CONFIG_STACKTRACE_BUILD_ID)
>  	const unsigned char *buildid = NULL;

Looks good. I would fix this. I am not sure but I guess that there
are people that try to fix W=1 warnings.

That said, I would prefer to disable the patch "kallsyms: enhance
%pS/s/b printing when KALLSYSMS is disabled" for now. There are
two problems with it:

   + It discloses the base address of loaded modules. I am not sure
     if it is acceptable from the security point of view.

   + It duplicates a lot of code from kallsyms.c. I would like to
     avoid it.

I have pointed out both problems at
https://lore.kernel.org/r/YhzywNowPiQm3IN4@alley
I have to admit that they are hidden between less important comments.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ