lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Y72CE2SkKR4CHW9G@kroah.com>
Date:   Tue, 10 Jan 2023 16:19:47 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Harshit Mogalapalli <harshit.m.mogalapalli@...cle.com>
Cc:     linux-kernel@...r.kernel.org, stable@...r.kernel.org,
        kernel test robot <lkp@...el.com>,
        Pavel Begunkov <asml.silence@...il.com>,
        Jens Axboe <axboe@...nel.dk>,
        Dan Carpenter <error27@...il.com>,
        Darren Kenny <darren.kenny@...cle.com>
Subject: Re: [PATCH 5.15 514/530] io_uring/rw: fix errored retry return values

On Tue, Jan 10, 2023 at 08:36:00PM +0530, Harshit Mogalapalli wrote:
> 
> Hi Greg,
> 
> On 24/10/22 5:04 pm, Greg Kroah-Hartman wrote:
> > From: Pavel Begunkov <asml.silence@...il.com>
> > 
> > [ upstream commit 62bb0647b14646fa6c9aa25ecdf67ad18f13523c ]
> > 
> 
> This commit 62bb0647b14646fa6c9aa25ecdf67ad18f13523 also changes second
> argument from unsigned to long.
> 
> > Kernel test robot reports that we test negativity of an unsigned in
> > io_fixup_rw_res() after a recent change, which masks error codes and
> > messes up the return value in case I/O is re-retried and failed with
> > an error.
> > 
> > Fixes: 4d9cb92ca41dd ("io_uring/rw: fix short rw error handling")
> > Reported-by: kernel test robot <lkp@...el.com>
> > Signed-off-by: Pavel Begunkov <asml.silence@...il.com>
> > Link: https://lore.kernel.org/r/9754a0970af1861e7865f9014f735c70dc60bf79.1663071587.git.asml.silence@gmail.com
> > Signed-off-by: Jens Axboe <axboe@...nel.dk>
> > Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> > ---
> >   fs/io_uring.c |    2 +-
> >   1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > --- a/fs/io_uring.c
> > +++ b/fs/io_uring.c
> > @@ -2701,7 +2701,7 @@ static bool __io_complete_rw_common(stru
> >   	return false;
> >   }
> > -static inline unsigned io_fixup_rw_res(struct io_kiocb *req, unsigned res)
> > +static inline int io_fixup_rw_res(struct io_kiocb *req, unsigned res)
> >   {
> 
> I think the res should be of type 'long'.
> I noticed this when I ran smatch on 5.10.y io_uring backport from 5.15.y
> patch.
> 
> Smatch warning: io_fixup_rw_res() warn: unsigned 'res' is never less than
> zero.
> 
> static inline int io_fixup_rw_res(struct io_kiocb *req, unsigned res)
> {
>         struct io_async_rw *io = req->async_data;
> 
>         /* add previously done IO, if any */
>         if (io && io->bytes_done > 0) {
>                 if (res < 0) //// unsigned comparison with zero.
>                         res = io->bytes_done;
>                 else
>                         res += io->bytes_done;
>         }
>         return res;
> }
> 
> We don't have upstream commit to backport in this case. Should we fix this
> with no-upstream reference commit?

Just reference the commit that this fixes properly and that should be
fine, thanks for the review and catching this!

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ