lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 21 Sep 2022 09:35:35 +0800
From:   Xianting Tian <xianting.tian@...ux.alibaba.com>
To:     Palmer Dabbelt <palmer@...osinc.com>
Cc:     dan.carpenter@...cle.com, kbuild@...ts.01.org, lkp@...el.com,
        kbuild-all@...ts.01.org, linux-kernel@...r.kernel.org,
        guoren@...nel.org
Subject: Re: arch/riscv/kernel/traps.c:48 die() warn: variable dereferenced
 before check 'regs' (see line 46)


在 2022/9/21 上午4:06, Palmer Dabbelt 写道:
> On Thu, 11 Aug 2022 03:42:28 PDT (-0700), 
> xianting.tian@...ux.alibaba.com wrote:
>>
>> 在 2022/8/11 下午6:33, Dan Carpenter 写道:
>>> tree: 
>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 
>>> master
>>> head:   f41445645ab5d172e6090d00c332c335d8dba337
>>> commit: 3f1901110a89b0e2e13adb2ac8d1a7102879ea98 RISC-V: Add fast 
>>> call path of crash_kexec()
>>> config: riscv-randconfig-m031-20220810 
>>> (https://download.01.org/0day-ci/archive/20220811/202208110538.uaLOQmBs-lkp@intel.com/config)
>>> compiler: riscv64-linux-gcc (GCC) 12.1.0
>>>
>>> If you fix the issue, kindly add following tag where applicable
>>> Reported-by: kernel test robot <lkp@...el.com>
>>> Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
>>>
>>> smatch warnings:
>>> arch/riscv/kernel/traps.c:48 die() warn: variable dereferenced 
>>> before check 'regs' (see line 46)
>>>
>>> vim +/regs +48 arch/riscv/kernel/traps.c
>>>
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  31  void die(struct 
>>> pt_regs *regs, const char *str)
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  32  {
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  33      static int 
>>> die_counter;
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  34      int ret;
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  35
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  36 oops_enter();
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  37
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  38 
>>> spin_lock_irq(&die_lock);
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  39 console_verbose();
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  40 bust_spinlocks(1);
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  41
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  42 pr_emerg("%s 
>>> [#%d]\n", str, ++die_counter);
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  43 print_modules();
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  44 show_regs(regs);
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  45
>>> a4c3733d32a72f Christoph Hellwig 2019-10-28 @46      ret = 
>>> notify_die(DIE_OOPS, str, regs, 0, regs->cause, SIGSEGV);
>>> ^^^^^^^^^^^
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  47
>>> 3f1901110a89b0 Xianting Tian     2022-06-06 @48      if (regs && 
>>> kexec_should_crash(current))
>>> ^^^^
>>>
>>> Delete this NULL check.
>> thanks,  I will send another fixup patch to fix the issue, is it OK?
>
> You're always welcome to send fixes, but I didn't see anything so I 
> just sent along 
> https://lore.kernel.org/r/20220920200037.6727-1-palmer@rivosinc.com/
Thanks Palmer for the fix :)
>
>>>
>>> 3f1901110a89b0 Xianting Tian     2022-06-06  49 crash_kexec(regs);
>>> 3f1901110a89b0 Xianting Tian     2022-06-06  50
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  51 bust_spinlocks(0);
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  52 add_taint(TAINT_DIE, 
>>> LOCKDEP_NOW_UNRELIABLE);
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  53 
>>> spin_unlock_irq(&die_lock);
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  54 oops_exit();
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  55
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  56      if 
>>> (in_interrupt())
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  57 panic("Fatal 
>>> exception in interrupt");
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  58      if (panic_on_oops)
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  59 panic("Fatal 
>>> exception");
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  60      if (ret != 
>>> NOTIFY_STOP)
>>> 0e25498f8cd43c Eric W. Biederman 2021-06-28  61 
>>> make_task_dead(SIGSEGV);
>>> 76d2a0493a17d4 Palmer Dabbelt    2017-07-10  62  }
>>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ