lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 10 Jan 2023 20:36:00 +0530
From:   Harshit Mogalapalli <harshit.m.mogalapalli@...cle.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-kernel@...r.kernel.org, stable@...r.kernel.org
Cc:     kernel test robot <lkp@...el.com>,
        Pavel Begunkov <asml.silence@...il.com>,
        Jens Axboe <axboe@...nel.dk>,
        Dan Carpenter <error27@...il.com>,
        Darren Kenny <darren.kenny@...cle.com>
Subject: Re: [PATCH 5.15 514/530] io_uring/rw: fix errored retry return values


Hi Greg,

On 24/10/22 5:04 pm, Greg Kroah-Hartman wrote:
> From: Pavel Begunkov <asml.silence@...il.com>
> 
> [ upstream commit 62bb0647b14646fa6c9aa25ecdf67ad18f13523c ]
> 

This commit 62bb0647b14646fa6c9aa25ecdf67ad18f13523 also changes second 
argument from unsigned to long.

> Kernel test robot reports that we test negativity of an unsigned in
> io_fixup_rw_res() after a recent change, which masks error codes and
> messes up the return value in case I/O is re-retried and failed with
> an error.
> 
> Fixes: 4d9cb92ca41dd ("io_uring/rw: fix short rw error handling")
> Reported-by: kernel test robot <lkp@...el.com>
> Signed-off-by: Pavel Begunkov <asml.silence@...il.com>
> Link: https://lore.kernel.org/r/9754a0970af1861e7865f9014f735c70dc60bf79.1663071587.git.asml.silence@gmail.com
> Signed-off-by: Jens Axboe <axboe@...nel.dk>
> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> ---
>   fs/io_uring.c |    2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> --- a/fs/io_uring.c
> +++ b/fs/io_uring.c
> @@ -2701,7 +2701,7 @@ static bool __io_complete_rw_common(stru
>   	return false;
>   }
>   
> -static inline unsigned io_fixup_rw_res(struct io_kiocb *req, unsigned res)
> +static inline int io_fixup_rw_res(struct io_kiocb *req, unsigned res)
>   {

I think the res should be of type 'long'.
I noticed this when I ran smatch on 5.10.y io_uring backport from 5.15.y 
patch.

Smatch warning: io_fixup_rw_res() warn: unsigned 'res' is never less 
than zero.

static inline int io_fixup_rw_res(struct io_kiocb *req, unsigned res)
{
         struct io_async_rw *io = req->async_data;

         /* add previously done IO, if any */
         if (io && io->bytes_done > 0) {
                 if (res < 0) //// unsigned comparison with zero.
                         res = io->bytes_done;
                 else
                         res += io->bytes_done;
         }
         return res;
}

We don't have upstream commit to backport in this case. Should we fix 
this with no-upstream reference commit?

Thanks,
Harshit


>   	struct io_async_rw *io = req->async_data;
>   
> 
> 
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ