| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Nov 2022 16:34:43 +0300
From: Dan Carpenter <error27@...il.com>
To: oe-kbuild@...ts.linux.dev, Denis Arefev <arefev@...mel.ru>,
Alexander Viro <viro@...iv.linux.org.uk>
Cc: lkp@...el.com, oe-kbuild-all@...ts.linux.dev,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
trufanov@...mel.ru, vfh@...mel.ru
Subject: Re: [PATCH] namespace: Added pointer check in copy_mnt_ns()
Hi Denis,
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Denis-Arefev/namespace-Added-pointer-check-in-copy_mnt_ns/20221116-171424
patch link: https://lore.kernel.org/r/20221116091255.84576-1-arefev%40swemel.ru
patch subject: [PATCH] namespace: Added pointer check in copy_mnt_ns()
config: x86_64-randconfig-m001
compiler: gcc-11 (Debian 11.3.0-8) 11.3.0
If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@...el.com>
| Reported-by: Dan Carpenter <error27@...il.com>
New smatch warnings:
fs/namespace.c:3518 copy_mnt_ns() error: we previously assumed 'p' could be null (see line 3518)
Old smatch warnings:
fs/namespace.c:4059 mount_setattr_prepare() error: uninitialized symbol 'err'.
vim +/p +3518 fs/namespace.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 3494 /*
^1da177e4c3f41 Linus Torvalds 2005-04-16 3495 * Second pass: switch the tsk->fs->* elements and mark new vfsmounts
^1da177e4c3f41 Linus Torvalds 2005-04-16 3496 * as belonging to new namespace. We have already acquired a private
^1da177e4c3f41 Linus Torvalds 2005-04-16 3497 * fs_struct, so tsk->fs->lock is not needed.
^1da177e4c3f41 Linus Torvalds 2005-04-16 3498 */
909b0a88ef2dc8 Al Viro 2011-11-25 3499 p = old;
cb338d06e9716c Al Viro 2011-11-24 3500 q = new;
^1da177e4c3f41 Linus Torvalds 2005-04-16 3501 while (p) {
143c8c91cee7ef Al Viro 2011-11-25 3502 q->mnt_ns = new_ns;
d29216842a85c7 Eric W. Biederman 2016-09-28 3503 new_ns->mounts++;
9559f68915024e Al Viro 2013-09-28 3504 if (new_fs) {
9559f68915024e Al Viro 2013-09-28 3505 if (&p->mnt == new_fs->root.mnt) {
9559f68915024e Al Viro 2013-09-28 3506 new_fs->root.mnt = mntget(&q->mnt);
315fc83e56c699 Al Viro 2011-11-24 3507 rootmnt = &p->mnt;
315fc83e56c699 Al Viro 2011-11-24 3508 }
9559f68915024e Al Viro 2013-09-28 3509 if (&p->mnt == new_fs->pwd.mnt) {
9559f68915024e Al Viro 2013-09-28 3510 new_fs->pwd.mnt = mntget(&q->mnt);
315fc83e56c699 Al Viro 2011-11-24 3511 pwdmnt = &p->mnt;
^1da177e4c3f41 Linus Torvalds 2005-04-16 3512 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 3513 }
909b0a88ef2dc8 Al Viro 2011-11-25 3514 p = next_mnt(p, old);
909b0a88ef2dc8 Al Viro 2011-11-25 3515 q = next_mnt(q, new);
ff6985ba29d455 Denis Arefev 2022-11-16 3516 if (!q || !p)
4ce5d2b1a8fde8 Eric W. Biederman 2013-03-30 3517 break;
ff6985ba29d455 Denis Arefev 2022-11-16 @3518 while (!p && (p->mnt.mnt_root != q->mnt.mnt_root))
^
The ! needs to be removed.
4ce5d2b1a8fde8 Eric W. Biederman 2013-03-30 3519 p = next_mnt(p, old);
^1da177e4c3f41 Linus Torvalds 2005-04-16 3520 }
328e6d9014636a Al Viro 2013-03-16 3521 namespace_unlock();
^1da177e4c3f41 Linus Torvalds 2005-04-16 3522
^1da177e4c3f41 Linus Torvalds 2005-04-16 3523 if (rootmnt)
f03c65993b98ee Al Viro 2011-01-14 3524 mntput(rootmnt);
^1da177e4c3f41 Linus Torvalds 2005-04-16 3525 if (pwdmnt)
f03c65993b98ee Al Viro 2011-01-14 3526 mntput(pwdmnt);
^1da177e4c3f41 Linus Torvalds 2005-04-16 3527
741a2951306061 JANAK DESAI 2006-02-07 3528 return new_ns;
^1da177e4c3f41 Linus Torvalds 2005-04-16 3529 }
--
0-DAY CI Kernel Test Service
https://01.org/lkp
Powered by blists - more mailing lists