lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202205121128.R82udPf8-lkp@intel.com>
Date:   Thu, 12 May 2022 13:12:47 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     kbuild@...ts.01.org,
        Allison Henderson <allison.henderson@...cle.com>
Cc:     lkp@...el.com, kbuild-all@...ts.01.org,
        linux-kernel@...r.kernel.org
Subject: [allisonhenderson-xfs-work:larp_cleanupv4_pptrs 35/35]
 fs/xfs/xfs_ioctl.c:1756 xfs_ioc_get_parent_pointer() warn: maybe return
 -EFAULT instead of the bytes remaining?

tree:   https://github.com/allisonhenderson/xfs_work.git larp_cleanupv4_pptrs
head:   3d7771d8177638d5d115404cbee0b9a77cf0bb4c
commit: 3d7771d8177638d5d115404cbee0b9a77cf0bb4c [35/35] xfs: Add parent pointer ioctl
config: i386-randconfig-m031-20220509 (https://download.01.org/0day-ci/archive/20220512/202205121128.R82udPf8-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.2.0-20) 11.2.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>

smatch warnings:
fs/xfs/xfs_ioctl.c:1756 xfs_ioc_get_parent_pointer() warn: maybe return -EFAULT instead of the bytes remaining?

vim +1756 fs/xfs/xfs_ioctl.c

3d7771d8177638 Allison Henderson 2022-05-10  1689  STATIC int
3d7771d8177638 Allison Henderson 2022-05-10  1690  xfs_ioc_get_parent_pointer(
3d7771d8177638 Allison Henderson 2022-05-10  1691  	struct file			*filp,
3d7771d8177638 Allison Henderson 2022-05-10  1692  	void				__user *arg)
3d7771d8177638 Allison Henderson 2022-05-10  1693  {
3d7771d8177638 Allison Henderson 2022-05-10  1694  	struct xfs_pptr_info		*ppi = NULL;

I would just declare ppi on the stack to void the krealloc().  It's
not a huge struct.

3d7771d8177638 Allison Henderson 2022-05-10  1695  	int				error = 0;
3d7771d8177638 Allison Henderson 2022-05-10  1696  	struct xfs_inode		*ip = XFS_I(file_inode(filp));
3d7771d8177638 Allison Henderson 2022-05-10  1697  	struct xfs_mount		*mp = ip->i_mount;
3d7771d8177638 Allison Henderson 2022-05-10  1698  
3d7771d8177638 Allison Henderson 2022-05-10  1699  	if (!capable(CAP_SYS_ADMIN))
3d7771d8177638 Allison Henderson 2022-05-10  1700  		return -EPERM;
3d7771d8177638 Allison Henderson 2022-05-10  1701  
3d7771d8177638 Allison Henderson 2022-05-10  1702  	/* Allocate an xfs_pptr_info to put the user data */
3d7771d8177638 Allison Henderson 2022-05-10  1703  	ppi = kmem_alloc(sizeof(struct xfs_pptr_info), 0);
3d7771d8177638 Allison Henderson 2022-05-10  1704  	if (!ppi)
3d7771d8177638 Allison Henderson 2022-05-10  1705  		return -ENOMEM;
3d7771d8177638 Allison Henderson 2022-05-10  1706  
3d7771d8177638 Allison Henderson 2022-05-10  1707  	/* Copy the data from the user */
3d7771d8177638 Allison Henderson 2022-05-10  1708  	error = copy_from_user(ppi, arg, sizeof(struct xfs_pptr_info));
3d7771d8177638 Allison Henderson 2022-05-10  1709  	if (error)
3d7771d8177638 Allison Henderson 2022-05-10  1710  		goto out;

copy_from_user() returns the number of bytes remaining but we want to
return -EFAULT to the user.

	if (copy_from_user(ppi, arg, sizeof(struct xfs_pptr_info))) {
		error = -EFAULT;
		goto out;
	}

3d7771d8177638 Allison Henderson 2022-05-10  1711  
3d7771d8177638 Allison Henderson 2022-05-10  1712  	/* Check size of buffer requested by user */
3d7771d8177638 Allison Henderson 2022-05-10  1713  	if (XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size) > XFS_XATTR_LIST_MAX) {
3d7771d8177638 Allison Henderson 2022-05-10  1714  		error = -ENOMEM;
3d7771d8177638 Allison Henderson 2022-05-10  1715  		goto out;
3d7771d8177638 Allison Henderson 2022-05-10  1716  	}
3d7771d8177638 Allison Henderson 2022-05-10  1717  
3d7771d8177638 Allison Henderson 2022-05-10  1718  	/*
3d7771d8177638 Allison Henderson 2022-05-10  1719  	 * Now that we know how big the trailing buffer is, expand
3d7771d8177638 Allison Henderson 2022-05-10  1720  	 * our kernel xfs_pptr_info to be the same size
3d7771d8177638 Allison Henderson 2022-05-10  1721  	 */
3d7771d8177638 Allison Henderson 2022-05-10  1722  	ppi = krealloc(ppi, XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size),
3d7771d8177638 Allison Henderson 2022-05-10  1723  		       GFP_NOFS | __GFP_NOFAIL);
3d7771d8177638 Allison Henderson 2022-05-10  1724  	if (!ppi)
3d7771d8177638 Allison Henderson 2022-05-10  1725  		return -ENOMEM;
3d7771d8177638 Allison Henderson 2022-05-10  1726  
3d7771d8177638 Allison Henderson 2022-05-10  1727  	if (ppi->pi_flags != 0 && ppi->pi_flags != XFS_PPTR_IFLAG_HANDLE) {
3d7771d8177638 Allison Henderson 2022-05-10  1728  		error = -EINVAL;
3d7771d8177638 Allison Henderson 2022-05-10  1729  		goto out;
3d7771d8177638 Allison Henderson 2022-05-10  1730  	}
3d7771d8177638 Allison Henderson 2022-05-10  1731  
3d7771d8177638 Allison Henderson 2022-05-10  1732  	if (ppi->pi_flags == XFS_PPTR_IFLAG_HANDLE) {
3d7771d8177638 Allison Henderson 2022-05-10  1733  		error = xfs_iget(mp, NULL, ppi->pi_handle.ha_fid.fid_ino,
3d7771d8177638 Allison Henderson 2022-05-10  1734  				0, 0, &ip);
3d7771d8177638 Allison Henderson 2022-05-10  1735  		if (error)
3d7771d8177638 Allison Henderson 2022-05-10  1736  			goto out;
3d7771d8177638 Allison Henderson 2022-05-10  1737  	}
3d7771d8177638 Allison Henderson 2022-05-10  1738  
3d7771d8177638 Allison Henderson 2022-05-10  1739  	if (ip->i_ino == mp->m_sb.sb_rootino)
3d7771d8177638 Allison Henderson 2022-05-10  1740  		ppi->pi_flags |= XFS_PPTR_OFLAG_ROOT;
3d7771d8177638 Allison Henderson 2022-05-10  1741  
3d7771d8177638 Allison Henderson 2022-05-10  1742  	/* Get the parent pointers */
3d7771d8177638 Allison Henderson 2022-05-10  1743  	error = xfs_attr_get_parent_pointer(ip, ppi);
3d7771d8177638 Allison Henderson 2022-05-10  1744  
3d7771d8177638 Allison Henderson 2022-05-10  1745  	if (error)
3d7771d8177638 Allison Henderson 2022-05-10  1746  		goto out;
3d7771d8177638 Allison Henderson 2022-05-10  1747  
3d7771d8177638 Allison Henderson 2022-05-10  1748  	/* Copy the parent pointers back to the user */
3d7771d8177638 Allison Henderson 2022-05-10  1749  	error = copy_to_user(arg, ppi,
3d7771d8177638 Allison Henderson 2022-05-10  1750  			XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size));

	if (copy_to_user(arg, ppi, XFS_PPTR_INFO_SIZEOF(ppi->pi_ptrs_size))) {
		error = -EFAULT;
		goto out;
	}

3d7771d8177638 Allison Henderson 2022-05-10  1751  	if (error)
3d7771d8177638 Allison Henderson 2022-05-10  1752  		goto out;
3d7771d8177638 Allison Henderson 2022-05-10  1753  
3d7771d8177638 Allison Henderson 2022-05-10  1754  out:
3d7771d8177638 Allison Henderson 2022-05-10  1755  	kmem_free(ppi);
3d7771d8177638 Allison Henderson 2022-05-10 @1756  	return error;
3d7771d8177638 Allison Henderson 2022-05-10  1757  }

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ