| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250220-bpf-uninit-v1-1-af07a5a57e5b@ethancedwards.com>
Date: Thu, 20 Feb 2025 00:50:53 -0500
From: Ethan Carter Edwards <ethan@...ancedwards.com>
To: Andrii Nakryiko <andrii@...nel.org>
Cc: Martin KaFai Lau <martin.lau@...ux.dev>,
Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>,
Eduard Zingerman <eddyz87@...il.com>, Song Liu <song@...nel.org>,
Yonghong Song <yonghong.song@...ux.dev>,
John Fastabend <john.fastabend@...il.com>, KP Singh <kpsingh@...nel.org>,
Stanislav Fomichev <sdf@...ichev.me>, Hao Luo <haoluo@...gle.com>,
Jiri Olsa <jolsa@...nel.org>, bpf@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org,
Ethan Carter Edwards <ethan@...ancedwards.com>
Subject: [PATCH] btf: move kern_type_id to goto cand_cache_unlock
In most code paths variable move_kern_type_id remains uninitialized upon
return. By moving it to the goto, it is initialized in these code paths.
As well as others. Caught by Coverity.
Closes: https://scan5.scan.coverity.com/#/project-view/63874/10063?selectedIssue=1595567
Fixes: e2b3c4ff5d183d ("bpf: add __arg_trusted global func arg tag")
Signed-off-by: Ethan Carter Edwards <ethan@...ancedwards.com>
---
kernel/bpf/btf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
index 9de6acddd479b4f5e32a5e6ba43cf369de4cee29..8c82ced7da299ad1ad769024fe097898c269013b 100644
--- a/kernel/bpf/btf.c
+++ b/kernel/bpf/btf.c
@@ -7496,9 +7496,9 @@ static int btf_get_ptr_to_btf_id(struct bpf_verifier_log *log, int arg_idx,
err = -EOPNOTSUPP;
goto cand_cache_unlock;
}
- kern_type_id = cc->cands[0].id;
cand_cache_unlock:
+ kern_type_id = cc->cands[0].id;
mutex_unlock(&cand_cache_mutex);
if (err)
return err;
---
base-commit: 87a132e73910e8689902aed7f2fc229d6908383b
change-id: 20250220-bpf-uninit-3323a4426da9
Best regards,
--
Ethan Carter Edwards <ethan@...ancedwards.com>
Powered by blists - more mailing lists