* net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
@ 2021-08-24 19:56 ` kernel test robot
0 siblings, 0 replies; 5+ messages in thread
From: kernel test robot @ 2021-08-24 19:56 UTC (permalink / raw)
To: Jonathon Reinhart; +Cc: clang-built-linux, kbuild-all, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 16504 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 6e764bcd1cf72a2846c0e53d3975a09b242c04c9
commit: 31c4d2f160eb7b17cbead24dc6efed06505a3fee net: Ensure net namespace isolation of sysctls
date: 4 months ago
config: arm-randconfig-c002-20210824 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d26000e4cc2bc65e207a84fa26cb6e374d60aa12)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=31c4d2f160eb7b17cbead24dc6efed06505a3fee
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 31c4d2f160eb7b17cbead24dc6efed06505a3fee
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
drivers/of/property.c:902:19: warning: Access to field 'full_name' results in a dereference of a null pointer [clang-analyzer-core.NullDereference]
return kbasename(to_of_node(fwnode)->full_name);
^
include/linux/of.h:161:2: note: expanded from macro 'to_of_node'
({ \
^
drivers/of/property.c:902:19: note: '?' condition is false
return kbasename(to_of_node(fwnode)->full_name);
^
include/linux/of.h:164:3: note: expanded from macro 'to_of_node'
is_of_node(__to_of_node_fwnode) ? \
^
drivers/of/property.c:902:19: note: Access to field 'full_name' results in a dereference of a null pointer
return kbasename(to_of_node(fwnode)->full_name);
^
include/linux/of.h:161:2: note: expanded from macro 'to_of_node'
({ \
^
drivers/of/property.c:908:7: warning: Access to field 'parent' results in a dereference of a null pointer [clang-analyzer-core.NullDereference]
if (!to_of_node(fwnode)->parent)
^
include/linux/of.h:161:2: note: expanded from macro 'to_of_node'
({ \
^
drivers/of/property.c:908:7: note: '?' condition is false
if (!to_of_node(fwnode)->parent)
^
include/linux/of.h:164:3: note: expanded from macro 'to_of_node'
is_of_node(__to_of_node_fwnode) ? \
^
drivers/of/property.c:908:7: note: Access to field 'parent' results in a dereference of a null pointer
if (!to_of_node(fwnode)->parent)
^
include/linux/of.h:161:2: note: expanded from macro 'to_of_node'
({ \
^
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
drivers/base/power/main.c:469:3: warning: Value stored to 'usecs' is never read [clang-analyzer-deadcode.DeadStores]
usecs = 1;
^ ~
drivers/base/power/main.c:469:3: note: Value stored to 'usecs' is never read
usecs = 1;
^ ~
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
>> net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
where = "module";
^ ~~~~~~~~
net/sysctl_net.c:146:4: note: Value stored to 'where' is never read
where = "module";
^ ~~~~~~~~
net/sysctl_net.c:148:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
where = "kernel";
^ ~~~~~~~~
net/sysctl_net.c:148:4: note: Value stored to 'where' is never read
where = "kernel";
^ ~~~~~~~~
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
net/core/net-sysfs.c:1719:2: warning: Value stored to 'txq' is never read [clang-analyzer-deadcode.DeadStores]
txq = real_tx;
^ ~~~~~~~
net/core/net-sysfs.c:1719:2: note: Value stored to 'txq' is never read
txq = real_tx;
^ ~~~~~~~
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
net/bluetooth/msft.c:372:2: warning: Value stored to 'rp' is never read [clang-analyzer-deadcode.DeadStores]
rp = (struct msft_rp_le_cancel_monitor_advertisement *)skb->data;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/bluetooth/msft.c:372:2: note: Value stored to 'rp' is never read
rp = (struct msft_rp_le_cancel_monitor_advertisement *)skb->data;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/bluetooth/msft.c:422:2: warning: Value stored to 'rp' is never read [clang-analyzer-deadcode.DeadStores]
rp = (struct msft_rp_le_set_advertisement_filter_enable *)skb->data;
vim +/where +146 net/sysctl_net.c
117
118 /* Verify that sysctls for non-init netns are safe by either:
119 * 1) being read-only, or
120 * 2) having a data pointer which points outside of the global kernel/module
121 * data segment, and rather into the heap where a per-net object was
122 * allocated.
123 */
124 static void ensure_safe_net_sysctl(struct net *net, const char *path,
125 struct ctl_table *table)
126 {
127 struct ctl_table *ent;
128
129 pr_debug("Registering net sysctl (net %p): %s\n", net, path);
130 for (ent = table; ent->procname; ent++) {
131 unsigned long addr;
132 const char *where;
133
134 pr_debug(" procname=%s mode=%o proc_handler=%ps data=%p\n",
135 ent->procname, ent->mode, ent->proc_handler, ent->data);
136
137 /* If it's not writable inside the netns, then it can't hurt. */
138 if ((ent->mode & 0222) == 0) {
139 pr_debug(" Not writable by anyone\n");
140 continue;
141 }
142
143 /* Where does data point? */
144 addr = (unsigned long)ent->data;
145 if (is_module_address(addr))
> 146 where = "module";
147 else if (core_kernel_data(addr))
148 where = "kernel";
149 else
150 continue;
151
152 /* If it is writable and points to kernel/module global
153 * data, then it's probably a netns leak.
154 */
155 WARN(1, "sysctl %s/%s: data points to %s global data: %ps\n",
156 path, ent->procname, where, ent->data);
157
158 /* Make it "safe" by dropping writable perms */
159 ent->mode &= ~0222;
160 }
161 }
162
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 30536 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
@ 2021-08-24 19:56 ` kernel test robot
0 siblings, 0 replies; 5+ messages in thread
From: kernel test robot @ 2021-08-24 19:56 UTC (permalink / raw)
To: kbuild-all
[-- Attachment #1: Type: text/plain, Size: 16783 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 6e764bcd1cf72a2846c0e53d3975a09b242c04c9
commit: 31c4d2f160eb7b17cbead24dc6efed06505a3fee net: Ensure net namespace isolation of sysctls
date: 4 months ago
config: arm-randconfig-c002-20210824 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d26000e4cc2bc65e207a84fa26cb6e374d60aa12)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=31c4d2f160eb7b17cbead24dc6efed06505a3fee
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 31c4d2f160eb7b17cbead24dc6efed06505a3fee
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
drivers/of/property.c:902:19: warning: Access to field 'full_name' results in a dereference of a null pointer [clang-analyzer-core.NullDereference]
return kbasename(to_of_node(fwnode)->full_name);
^
include/linux/of.h:161:2: note: expanded from macro 'to_of_node'
({ \
^
drivers/of/property.c:902:19: note: '?' condition is false
return kbasename(to_of_node(fwnode)->full_name);
^
include/linux/of.h:164:3: note: expanded from macro 'to_of_node'
is_of_node(__to_of_node_fwnode) ? \
^
drivers/of/property.c:902:19: note: Access to field 'full_name' results in a dereference of a null pointer
return kbasename(to_of_node(fwnode)->full_name);
^
include/linux/of.h:161:2: note: expanded from macro 'to_of_node'
({ \
^
drivers/of/property.c:908:7: warning: Access to field 'parent' results in a dereference of a null pointer [clang-analyzer-core.NullDereference]
if (!to_of_node(fwnode)->parent)
^
include/linux/of.h:161:2: note: expanded from macro 'to_of_node'
({ \
^
drivers/of/property.c:908:7: note: '?' condition is false
if (!to_of_node(fwnode)->parent)
^
include/linux/of.h:164:3: note: expanded from macro 'to_of_node'
is_of_node(__to_of_node_fwnode) ? \
^
drivers/of/property.c:908:7: note: Access to field 'parent' results in a dereference of a null pointer
if (!to_of_node(fwnode)->parent)
^
include/linux/of.h:161:2: note: expanded from macro 'to_of_node'
({ \
^
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
drivers/base/power/main.c:469:3: warning: Value stored to 'usecs' is never read [clang-analyzer-deadcode.DeadStores]
usecs = 1;
^ ~
drivers/base/power/main.c:469:3: note: Value stored to 'usecs' is never read
usecs = 1;
^ ~
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
>> net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
where = "module";
^ ~~~~~~~~
net/sysctl_net.c:146:4: note: Value stored to 'where' is never read
where = "module";
^ ~~~~~~~~
net/sysctl_net.c:148:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
where = "kernel";
^ ~~~~~~~~
net/sysctl_net.c:148:4: note: Value stored to 'where' is never read
where = "kernel";
^ ~~~~~~~~
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
net/core/net-sysfs.c:1719:2: warning: Value stored to 'txq' is never read [clang-analyzer-deadcode.DeadStores]
txq = real_tx;
^ ~~~~~~~
net/core/net-sysfs.c:1719:2: note: Value stored to 'txq' is never read
txq = real_tx;
^ ~~~~~~~
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
net/bluetooth/msft.c:372:2: warning: Value stored to 'rp' is never read [clang-analyzer-deadcode.DeadStores]
rp = (struct msft_rp_le_cancel_monitor_advertisement *)skb->data;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/bluetooth/msft.c:372:2: note: Value stored to 'rp' is never read
rp = (struct msft_rp_le_cancel_monitor_advertisement *)skb->data;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/bluetooth/msft.c:422:2: warning: Value stored to 'rp' is never read [clang-analyzer-deadcode.DeadStores]
rp = (struct msft_rp_le_set_advertisement_filter_enable *)skb->data;
vim +/where +146 net/sysctl_net.c
117
118 /* Verify that sysctls for non-init netns are safe by either:
119 * 1) being read-only, or
120 * 2) having a data pointer which points outside of the global kernel/module
121 * data segment, and rather into the heap where a per-net object was
122 * allocated.
123 */
124 static void ensure_safe_net_sysctl(struct net *net, const char *path,
125 struct ctl_table *table)
126 {
127 struct ctl_table *ent;
128
129 pr_debug("Registering net sysctl (net %p): %s\n", net, path);
130 for (ent = table; ent->procname; ent++) {
131 unsigned long addr;
132 const char *where;
133
134 pr_debug(" procname=%s mode=%o proc_handler=%ps data=%p\n",
135 ent->procname, ent->mode, ent->proc_handler, ent->data);
136
137 /* If it's not writable inside the netns, then it can't hurt. */
138 if ((ent->mode & 0222) == 0) {
139 pr_debug(" Not writable by anyone\n");
140 continue;
141 }
142
143 /* Where does data point? */
144 addr = (unsigned long)ent->data;
145 if (is_module_address(addr))
> 146 where = "module";
147 else if (core_kernel_data(addr))
148 where = "kernel";
149 else
150 continue;
151
152 /* If it is writable and points to kernel/module global
153 * data, then it's probably a netns leak.
154 */
155 WARN(1, "sysctl %s/%s: data points to %s global data: %ps\n",
156 path, ent->procname, where, ent->data);
157
158 /* Make it "safe" by dropping writable perms */
159 ent->mode &= ~0222;
160 }
161 }
162
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 30536 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
@ 2022-01-08 15:50 kernel test robot
0 siblings, 0 replies; 5+ messages in thread
From: kernel test robot @ 2022-01-08 15:50 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 18028 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Jonathon Reinhart <jonathon.reinhart@gmail.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: d1587f7bfe9a0f97a75d42ac1489aeda551106bc
commit: 31c4d2f160eb7b17cbead24dc6efed06505a3fee net: Ensure net namespace isolation of sysctls
date: 9 months ago
:::::: branch date: 16 hours ago
:::::: commit date: 9 months ago
config: riscv-randconfig-c006-20211207 (https://download.01.org/0day-ci/archive/20220108/202201082339.qplFN6G1-lkp(a)intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project 097a1cb1d5ebb3a0ec4bcaed8ba3ff6a8e33c00a)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install riscv cross compiling tool for clang build
# apt-get install binutils-riscv64-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=31c4d2f160eb7b17cbead24dc6efed06505a3fee
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 31c4d2f160eb7b17cbead24dc6efed06505a3fee
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
for (pos = list_first_entry(head, typeof(*pos), member); \
^
include/linux/list.h:522:2: note: expanded from macro 'list_first_entry'
list_entry((ptr)->next, type, member)
^
include/linux/list.h:511:2: note: expanded from macro 'list_entry'
container_of(ptr, type, member)
^
note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
include/linux/compiler_types.h:320:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:308:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:300:3: note: expanded from macro '__compiletime_assert'
if (!(condition)) \
^
kernel/events/core.c:10082:2: note: Loop condition is false. Exiting loop
list_for_each_entry(filter, &ifh->list, entry) {
^
include/linux/list.h:628:13: note: expanded from macro 'list_for_each_entry'
for (pos = list_first_entry(head, typeof(*pos), member); \
^
include/linux/list.h:522:2: note: expanded from macro 'list_first_entry'
list_entry((ptr)->next, type, member)
^
include/linux/list.h:511:2: note: expanded from macro 'list_entry'
container_of(ptr, type, member)
^
note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
include/linux/compiler_types.h:320:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:308:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:298:2: note: expanded from macro '__compiletime_assert'
do { \
^
kernel/events/core.c:10082:2: note: Loop condition is true. Entering loop body
list_for_each_entry(filter, &ifh->list, entry) {
^
include/linux/list.h:628:2: note: expanded from macro 'list_for_each_entry'
for (pos = list_first_entry(head, typeof(*pos), member); \
^
kernel/events/core.c:10083:7: note: Assuming field 'dentry' is non-null
if (filter->path.dentry) {
^~~~~~~~~~~~~~~~~~~
kernel/events/core.c:10083:3: note: Taking true branch
if (filter->path.dentry) {
^
kernel/events/core.c:10091:35: note: Passing null pointer value via 2nd parameter 'mm'
perf_addr_filter_apply(filter, mm, &event->addr_filter_ranges[count]);
^~
kernel/events/core.c:10091:4: note: Calling 'perf_addr_filter_apply'
perf_addr_filter_apply(filter, mm, &event->addr_filter_ranges[count]);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/events/core.c:10044:13: note: Dereference of null pointer
for (vma = mm->mmap; vma; vma = vma->vm_next) {
^~~~~~~~
kernel/events/core.c:11837:2: warning: Value stored to 'err' is never read [clang-analyzer-deadcode.DeadStores]
err = 0;
^ ~
kernel/events/core.c:11837:2: note: Value stored to 'err' is never read
err = 0;
^ ~
Suppressed 8 warnings (6 in non-user code, 2 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
>> net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
where = "module";
^ ~~~~~~~~
net/sysctl_net.c:146:4: note: Value stored to 'where' is never read
where = "module";
^ ~~~~~~~~
net/sysctl_net.c:148:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
where = "kernel";
^ ~~~~~~~~
net/sysctl_net.c:148:4: note: Value stored to 'where' is never read
where = "kernel";
^ ~~~~~~~~
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
drivers/input/serio/apbps2.c:114:3: warning: Value stored to 'tmp' is never read [clang-analyzer-deadcode.DeadStores]
tmp = ioread32be(&priv->regs->data);
^
drivers/input/serio/apbps2.c:114:3: note: Value stored to 'tmp' is never read
Suppressed 4 warnings (3 in non-user code, 1 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
drivers/input/mouse/cyapa_gen5.c:1856:16: warning: The result of the left shift is undefined because the left operand is negative [clang-analyzer-core.UndefinedBinaryOperatorResult]
value |= -1 << num_bits;
^
drivers/input/mouse/cyapa_gen5.c:2318:6: note: Assuming the condition is false
if (!cyapa_is_pip_app_mode(cyapa))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/input/mouse/cyapa_gen5.c:2318:2: note: Taking false branch
if (!cyapa_is_pip_app_mode(cyapa))
^
drivers/input/mouse/cyapa_gen5.c:2323:6: note: 'error' is 0
if (error)
^~~~~
drivers/input/mouse/cyapa_gen5.c:2323:2: note: Taking false branch
if (error)
^
drivers/input/mouse/cyapa_gen5.c:2328:10: note: Calling 'cyapa_gen5_read_mutual_idac_data'
error = cyapa_gen5_read_mutual_idac_data(cyapa,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/input/mouse/cyapa_gen5.c:2133:10: note: Calling 'cyapa_gen5_read_idac_data'
error = cyapa_gen5_read_idac_data(cyapa,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/input/mouse/cyapa_gen5.c:1952:6: note: 'cmd_code' is equal to PIP_RETRIEVE_DATA_STRUCTURE
if (cmd_code != PIP_RETRIEVE_DATA_STRUCTURE ||
^~~~~~~~
drivers/input/mouse/cyapa_gen5.c:1952:6: note: Left side of '||' is false
drivers/input/mouse/cyapa_gen5.c:1953:4: note: 'idac_data_type' is equal to GEN5_RETRIEVE_MUTUAL_PWC_DATA
(idac_data_type != GEN5_RETRIEVE_MUTUAL_PWC_DATA &&
^~~~~~~~~~~~~~
drivers/input/mouse/cyapa_gen5.c:1953:52: note: Left side of '&&' is false
(idac_data_type != GEN5_RETRIEVE_MUTUAL_PWC_DATA &&
^
drivers/input/mouse/cyapa_gen5.c:1955:4: note: 'data_size' is non-null
!data_size || !idac_max || !idac_min || !idac_ave)
^~~~~~~~~
drivers/input/mouse/cyapa_gen5.c:1952:6: note: Left side of '||' is false
if (cmd_code != PIP_RETRIEVE_DATA_STRUCTURE ||
^
drivers/input/mouse/cyapa_gen5.c:1955:18: note: 'idac_max' is non-null
!data_size || !idac_max || !idac_min || !idac_ave)
^~~~~~~~
drivers/input/mouse/cyapa_gen5.c:1952:6: note: Left side of '||' is false
if (cmd_code != PIP_RETRIEVE_DATA_STRUCTURE ||
^
drivers/input/mouse/cyapa_gen5.c:1955:31: note: 'idac_min' is non-null
!data_size || !idac_max || !idac_min || !idac_ave)
^~~~~~~~
drivers/input/mouse/cyapa_gen5.c:1952:6: note: Left side of '||' is false
if (cmd_code != PIP_RETRIEVE_DATA_STRUCTURE ||
^
drivers/input/mouse/cyapa_gen5.c:1955:44: note: 'idac_ave' is non-null
!data_size || !idac_max || !idac_min || !idac_ave)
^~~~~~~~
drivers/input/mouse/cyapa_gen5.c:1952:2: note: Taking false branch
if (cmd_code != PIP_RETRIEVE_DATA_STRUCTURE ||
^
drivers/input/mouse/cyapa_gen5.c:1962:2: note: Taking true branch
if (*data_size == 0) {
^
drivers/input/mouse/cyapa_gen5.c:1974:7: note: 'idac_data_type' is equal to GEN5_RETRIEVE_MUTUAL_PWC_DATA
if (idac_data_type == GEN5_RETRIEVE_MUTUAL_PWC_DATA) {
^~~~~~~~~~~~~~
drivers/input/mouse/cyapa_gen5.c:1974:3: note: Taking true branch
if (idac_data_type == GEN5_RETRIEVE_MUTUAL_PWC_DATA) {
^
drivers/input/mouse/cyapa_gen5.c:1975:8: note: Assuming field 'aligned_electrodes_rx' is not equal to 0
if (cyapa->aligned_electrodes_rx == 0) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/input/mouse/cyapa_gen5.c:1975:4: note: Taking false branch
if (cyapa->aligned_electrodes_rx == 0) {
^
drivers/input/mouse/cyapa_gen5.c:2016:19: note: Assuming '__UNIQUE_ID___x219' is >= '__UNIQUE_ID___y220'
read_elements = min(read_elements, max_element_cnt - count);
^
vim +/where +146 net/sysctl_net.c
95bdfccb2bf4ea Eric W. Biederman 2007-11-30 117
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 118 /* Verify that sysctls for non-init netns are safe by either:
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 119 * 1) being read-only, or
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 120 * 2) having a data pointer which points outside of the global kernel/module
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 121 * data segment, and rather into the heap where a per-net object was
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 122 * allocated.
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 123 */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 124 static void ensure_safe_net_sysctl(struct net *net, const char *path,
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 125 struct ctl_table *table)
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 126 {
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 127 struct ctl_table *ent;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 128
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 129 pr_debug("Registering net sysctl (net %p): %s\n", net, path);
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 130 for (ent = table; ent->procname; ent++) {
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 131 unsigned long addr;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 132 const char *where;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 133
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 134 pr_debug(" procname=%s mode=%o proc_handler=%ps data=%p\n",
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 135 ent->procname, ent->mode, ent->proc_handler, ent->data);
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 136
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 137 /* If it's not writable inside the netns, then it can't hurt. */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 138 if ((ent->mode & 0222) == 0) {
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 139 pr_debug(" Not writable by anyone\n");
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 140 continue;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 141 }
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 142
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 143 /* Where does data point? */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 144 addr = (unsigned long)ent->data;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 145 if (is_module_address(addr))
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 @146 where = "module";
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 147 else if (core_kernel_data(addr))
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 148 where = "kernel";
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 149 else
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 150 continue;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 151
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 152 /* If it is writable and points to kernel/module global
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 153 * data, then it's probably a netns leak.
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 154 */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 155 WARN(1, "sysctl %s/%s: data points to %s global data: %ps\n",
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 156 path, ent->procname, where, ent->data);
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 157
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 158 /* Make it "safe" by dropping writable perms */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 159 ent->mode &= ~0222;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 160 }
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 161 }
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 162
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 5+ messages in thread
* net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
@ 2022-01-02 4:23 kernel test robot
0 siblings, 0 replies; 5+ messages in thread
From: kernel test robot @ 2022-01-02 4:23 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 18776 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Jonathon Reinhart <jonathon.reinhart@gmail.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 278218f6778bc7d6f8b67199446c56cec7ebb841
commit: 31c4d2f160eb7b17cbead24dc6efed06505a3fee net: Ensure net namespace isolation of sysctls
date: 9 months ago
:::::: branch date: 10 hours ago
:::::: commit date: 9 months ago
config: riscv-randconfig-c006-20211207 (https://download.01.org/0day-ci/archive/20220102/202201021220.hWaGDDmh-lkp(a)intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project 097a1cb1d5ebb3a0ec4bcaed8ba3ff6a8e33c00a)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install riscv cross compiling tool for clang build
# apt-get install binutils-riscv64-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=31c4d2f160eb7b17cbead24dc6efed06505a3fee
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 31c4d2f160eb7b17cbead24dc6efed06505a3fee
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
drivers/char/ipmi/ipmi_si_intf.c:766:2: note: Taking true branch
if (si_sm_result == SI_SM_TRANSACTION_COMPLETE) {
^
drivers/char/ipmi/ipmi_si_intf.c:769:3: note: Calling 'handle_transaction_done'
handle_transaction_done(smi_info);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:541:2: note: Control jumps to 'case SI_GETTING_EVENTS:' at line 600
switch (smi_info->si_state) {
^
drivers/char/ipmi/ipmi_si_intf.c:603:4: note: Access to field 'rsp_size' results in a dereference of a null pointer (loaded from field 'curr_msg')
= smi_info->handlers->get_result(
^
drivers/char/ipmi/ipmi_si_intf.c:641:4: warning: Access to field 'rsp_size' results in a dereference of a null pointer (loaded from field 'curr_msg') [clang-analyzer-core.NullDereference]
= smi_info->handlers->get_result(
^
drivers/char/ipmi/ipmi_si_intf.c:2167:6: note: Assuming field 'dev_group_added' is false
if (smi_info->dev_group_added) {
^~~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:2167:2: note: Taking false branch
if (smi_info->dev_group_added) {
^
drivers/char/ipmi/ipmi_si_intf.c:2171:6: note: Assuming field 'dev' is null
if (smi_info->io.dev)
^~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:2171:2: note: Taking false branch
if (smi_info->io.dev)
^
drivers/char/ipmi/ipmi_si_intf.c:2179:6: note: Assuming field 'irq_cleanup' is null
if (smi_info->io.irq_cleanup) {
^~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:2179:2: note: Taking false branch
if (smi_info->io.irq_cleanup) {
^
drivers/char/ipmi/ipmi_si_intf.c:2183:2: note: Calling 'stop_timer_and_thread'
stop_timer_and_thread(smi_info);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:1843:6: note: Assuming field 'thread' is equal to NULL
if (smi_info->thread != NULL) {
^~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:1843:2: note: Taking false branch
if (smi_info->thread != NULL) {
^
drivers/char/ipmi/ipmi_si_intf.c:1849:2: note: Value assigned to field 'curr_msg'
del_timer_sync(&smi_info->si_timer);
^
include/linux/timer.h:190:29: note: expanded from macro 'del_timer_sync'
# define del_timer_sync(t) del_timer(t)
^~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:2183:2: note: Returning from 'stop_timer_and_thread'
stop_timer_and_thread(smi_info);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:2197:9: note: Assuming field 'curr_msg' is null
while (smi_info->curr_msg || (smi_info->si_state != SI_NORMAL)) {
^~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:2197:9: note: Left side of '||' is false
drivers/char/ipmi/ipmi_si_intf.c:2197:32: note: Assuming field 'si_state' is not equal to SI_NORMAL
while (smi_info->curr_msg || (smi_info->si_state != SI_NORMAL)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:2197:2: note: Loop condition is true. Entering loop body
while (smi_info->curr_msg || (smi_info->si_state != SI_NORMAL)) {
^
drivers/char/ipmi/ipmi_si_intf.c:2198:3: note: Calling 'poll'
poll(smi_info);
^~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:1040:6: note: Assuming 'run_to_completion' is true
if (!run_to_completion)
^~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:1040:2: note: Taking false branch
if (!run_to_completion)
^
drivers/char/ipmi/ipmi_si_intf.c:1042:2: note: Calling 'smi_event_handler'
smi_event_handler(smi_info, 10);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:763:9: note: Assuming 'si_sm_result' is not equal to SI_SM_CALL_WITHOUT_DELAY
while (si_sm_result == SI_SM_CALL_WITHOUT_DELAY)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:763:2: note: Loop condition is false. Execution continues on line 766
while (si_sm_result == SI_SM_CALL_WITHOUT_DELAY)
^
drivers/char/ipmi/ipmi_si_intf.c:766:6: note: Assuming 'si_sm_result' is equal to SI_SM_TRANSACTION_COMPLETE
if (si_sm_result == SI_SM_TRANSACTION_COMPLETE) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:766:2: note: Taking true branch
if (si_sm_result == SI_SM_TRANSACTION_COMPLETE) {
^
drivers/char/ipmi/ipmi_si_intf.c:769:3: note: Calling 'handle_transaction_done'
handle_transaction_done(smi_info);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/char/ipmi/ipmi_si_intf.c:541:2: note: Control jumps to 'case SI_GETTING_MESSAGES:' at line 638
switch (smi_info->si_state) {
^
drivers/char/ipmi/ipmi_si_intf.c:641:4: note: Access to field 'rsp_size' results in a dereference of a null pointer (loaded from field 'curr_msg')
= smi_info->handlers->get_result(
^
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
>> net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
where = "module";
^ ~~~~~~~~
net/sysctl_net.c:146:4: note: Value stored to 'where' is never read
where = "module";
^ ~~~~~~~~
net/sysctl_net.c:148:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
where = "kernel";
^ ~~~~~~~~
net/sysctl_net.c:148:4: note: Value stored to 'where' is never read
where = "kernel";
^ ~~~~~~~~
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
drivers/md/md-faulty.c:247:7: warning: Although the value stored to 'n' is used in the enclosing expression, the value is never actually read from 'n' [clang-analyzer-deadcode.DeadStores]
if ((n=atomic_read(&conf->counters[WriteAll])) != 0)
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/md/md-faulty.c:247:7: note: Although the value stored to 'n' is used in the enclosing expression, the value is never actually read from 'n'
if ((n=atomic_read(&conf->counters[WriteAll])) != 0)
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
fs/xfs/xfs_pnfs.c:39:3: warning: Value stored to 'error' is never read [clang-analyzer-deadcode.DeadStores]
error = break_layout(inode, true);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
fs/xfs/xfs_pnfs.c:39:3: note: Value stored to 'error' is never read
error = break_layout(inode, true);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
3 warnings generated.
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
vim +/where +146 net/sysctl_net.c
95bdfccb2bf4ea Eric W. Biederman 2007-11-30 117
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 118 /* Verify that sysctls for non-init netns are safe by either:
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 119 * 1) being read-only, or
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 120 * 2) having a data pointer which points outside of the global kernel/module
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 121 * data segment, and rather into the heap where a per-net object was
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 122 * allocated.
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 123 */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 124 static void ensure_safe_net_sysctl(struct net *net, const char *path,
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 125 struct ctl_table *table)
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 126 {
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 127 struct ctl_table *ent;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 128
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 129 pr_debug("Registering net sysctl (net %p): %s\n", net, path);
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 130 for (ent = table; ent->procname; ent++) {
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 131 unsigned long addr;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 132 const char *where;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 133
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 134 pr_debug(" procname=%s mode=%o proc_handler=%ps data=%p\n",
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 135 ent->procname, ent->mode, ent->proc_handler, ent->data);
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 136
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 137 /* If it's not writable inside the netns, then it can't hurt. */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 138 if ((ent->mode & 0222) == 0) {
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 139 pr_debug(" Not writable by anyone\n");
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 140 continue;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 141 }
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 142
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 143 /* Where does data point? */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 144 addr = (unsigned long)ent->data;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 145 if (is_module_address(addr))
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 @146 where = "module";
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 147 else if (core_kernel_data(addr))
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 148 where = "kernel";
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 149 else
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 150 continue;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 151
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 152 /* If it is writable and points to kernel/module global
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 153 * data, then it's probably a netns leak.
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 154 */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 155 WARN(1, "sysctl %s/%s: data points to %s global data: %ps\n",
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 156 path, ent->procname, where, ent->data);
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 157
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 158 /* Make it "safe" by dropping writable perms */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 159 ent->mode &= ~0222;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 160 }
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 161 }
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 162
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 5+ messages in thread
* net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
@ 2021-09-19 13:35 kernel test robot
0 siblings, 0 replies; 5+ messages in thread
From: kernel test robot @ 2021-09-19 13:35 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 18985 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Jonathon Reinhart <jonathon.reinhart@gmail.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: d4d016caa4b85b9aa98d7ec8c84e928621a614bc
commit: 31c4d2f160eb7b17cbead24dc6efed06505a3fee net: Ensure net namespace isolation of sysctls
date: 5 months ago
:::::: branch date: 16 hours ago
:::::: commit date: 5 months ago
config: riscv-randconfig-c006-20210919 (attached as .config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project c8b3d7d6d6de37af68b2f379d0e37304f78e115f)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install riscv cross compiling tool for clang build
# apt-get install binutils-riscv64-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=31c4d2f160eb7b17cbead24dc6efed06505a3fee
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 31c4d2f160eb7b17cbead24dc6efed06505a3fee
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
include/linux/rcupdate.h:374:48: note: expanded from macro '__rcu_dereference_check'
typeof(*p) *________p1 = (typeof(*p) *__force)READ_ONCE(p); \
^
note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
include/linux/compiler_types.h:320:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:308:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:298:2: note: expanded from macro '__compiletime_assert'
do { \
^
net/sched/sch_fq_codel.c:89:11: note: Left side of '&&' is false
filter = rcu_dereference_bh(q->filter_list);
^
include/linux/rcupdate.h:579:31: note: expanded from macro 'rcu_dereference_bh'
#define rcu_dereference_bh(p) rcu_dereference_bh_check(p, 0)
^
include/linux/rcupdate.h:523:2: note: expanded from macro 'rcu_dereference_bh_check'
__rcu_dereference_check((p), (c) || rcu_read_lock_bh_held(), __rcu)
^
include/linux/rcupdate.h:375:2: note: expanded from macro '__rcu_dereference_check'
RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_check() usage"); \
^
include/linux/rcupdate.h:345:48: note: expanded from macro 'RCU_LOCKDEP_WARN'
#define RCU_LOCKDEP_WARN(c, s) do { } while (0 && (c))
^
net/sched/sch_fq_codel.c:89:11: note: Loop condition is false. Exiting loop
filter = rcu_dereference_bh(q->filter_list);
^
include/linux/rcupdate.h:579:31: note: expanded from macro 'rcu_dereference_bh'
#define rcu_dereference_bh(p) rcu_dereference_bh_check(p, 0)
^
include/linux/rcupdate.h:523:2: note: expanded from macro 'rcu_dereference_bh_check'
__rcu_dereference_check((p), (c) || rcu_read_lock_bh_held(), __rcu)
^
include/linux/rcupdate.h:375:2: note: expanded from macro '__rcu_dereference_check'
RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_check() usage"); \
^
include/linux/rcupdate.h:345:32: note: expanded from macro 'RCU_LOCKDEP_WARN'
#define RCU_LOCKDEP_WARN(c, s) do { } while (0 && (c))
^
net/sched/sch_fq_codel.c:90:6: note: Assuming 'filter' is null
if (!filter)
^~~~~~~
net/sched/sch_fq_codel.c:90:2: note: Taking true branch
if (!filter)
^
net/sched/sch_fq_codel.c:91:3: note: Returning without writing to '*qerr'
return fq_codel_hash(q, skb) + 1;
^
net/sched/sch_fq_codel.c:194:8: note: Returning from 'fq_codel_classify'
idx = fq_codel_classify(skb, sch, &ret);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/sched/sch_fq_codel.c:195:6: note: Assuming 'idx' is equal to 0
if (idx == 0) {
^~~~~~~~
net/sched/sch_fq_codel.c:195:2: note: Taking true branch
if (idx == 0) {
^
net/sched/sch_fq_codel.c:196:11: note: The left operand of '&' is a garbage value
if (ret & __NET_XMIT_BYPASS)
~~~ ^
Suppressed 11 warnings (4 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
>> net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
where = "module";
^ ~~~~~~~~
net/sysctl_net.c:146:4: note: Value stored to 'where' is never read
where = "module";
^ ~~~~~~~~
net/sysctl_net.c:148:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores]
where = "kernel";
^ ~~~~~~~~
net/sysctl_net.c:148:4: note: Value stored to 'where' is never read
where = "kernel";
^ ~~~~~~~~
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
Suppressed 9 warnings (2 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
11 warnings generated.
net/core/net-sysfs.c:1719:2: warning: Value stored to 'txq' is never read [clang-analyzer-deadcode.DeadStores]
txq = real_tx;
^ ~~~~~~~
net/core/net-sysfs.c:1719:2: note: Value stored to 'txq' is never read
txq = real_tx;
^ ~~~~~~~
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
net/core/bpf_sk_storage.c:755:4: warning: Value stored to 'b' is never read [clang-analyzer-deadcode.DeadStores]
b = &smap->buckets[bucket_id++];
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/core/bpf_sk_storage.c:755:4: note: Value stored to 'b' is never read
b = &smap->buckets[bucket_id++];
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
Suppressed 11 warnings (4 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
Suppressed 10 warnings (3 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
Suppressed 9 warnings (2 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
sound/core/memalloc.c:212:20: warning: The result of the left shift is undefined due to shifting by '64', which is greater or equal to the width of type 'unsigned long' [clang-analyzer-core.UndefinedBinaryOperatorResult]
size = PAGE_SIZE << get_order(size);
^ ~~~~~~~~~~~~~~~
sound/core/memalloc.c:206:2: note: Loop condition is true. Entering loop body
while ((err = snd_dma_alloc_pages(type, device, size, dmab)) < 0) {
^
sound/core/memalloc.c:207:3: note: Taking false branch
if (err != -ENOMEM)
^
sound/core/memalloc.c:209:7: note: Assuming the condition is false
if (size <= PAGE_SIZE)
^~~~~~~~~~~~~~~~~
sound/core/memalloc.c:209:3: note: Taking false branch
if (size <= PAGE_SIZE)
^
sound/core/memalloc.c:212:23: note: Calling 'get_order'
size = PAGE_SIZE << get_order(size);
^~~~~~~~~~~~~~~
include/asm-generic/getorder.h:31:2: note: Taking false branch
if (__builtin_constant_p(size)) {
vim +/where +146 net/sysctl_net.c
95bdfccb2bf4ea Eric W. Biederman 2007-11-30 117
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 118 /* Verify that sysctls for non-init netns are safe by either:
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 119 * 1) being read-only, or
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 120 * 2) having a data pointer which points outside of the global kernel/module
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 121 * data segment, and rather into the heap where a per-net object was
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 122 * allocated.
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 123 */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 124 static void ensure_safe_net_sysctl(struct net *net, const char *path,
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 125 struct ctl_table *table)
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 126 {
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 127 struct ctl_table *ent;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 128
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 129 pr_debug("Registering net sysctl (net %p): %s\n", net, path);
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 130 for (ent = table; ent->procname; ent++) {
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 131 unsigned long addr;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 132 const char *where;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 133
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 134 pr_debug(" procname=%s mode=%o proc_handler=%ps data=%p\n",
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 135 ent->procname, ent->mode, ent->proc_handler, ent->data);
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 136
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 137 /* If it's not writable inside the netns, then it can't hurt. */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 138 if ((ent->mode & 0222) == 0) {
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 139 pr_debug(" Not writable by anyone\n");
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 140 continue;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 141 }
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 142
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 143 /* Where does data point? */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 144 addr = (unsigned long)ent->data;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 145 if (is_module_address(addr))
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 @146 where = "module";
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 147 else if (core_kernel_data(addr))
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 148 where = "kernel";
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 149 else
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 150 continue;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 151
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 152 /* If it is writable and points to kernel/module global
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 153 * data, then it's probably a netns leak.
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 154 */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 155 WARN(1, "sysctl %s/%s: data points to %s global data: %ps\n",
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 156 path, ent->procname, where, ent->data);
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 157
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 158 /* Make it "safe" by dropping writable perms */
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 159 ent->mode &= ~0222;
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 160 }
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 161 }
31c4d2f160eb7b Jonathon Reinhart 2021-04-12 162
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 29180 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-01-08 15:50 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-24 19:56 net/sysctl_net.c:146:4: warning: Value stored to 'where' is never read [clang-analyzer-deadcode.DeadStores] kernel test robot
2021-08-24 19:56 ` kernel test robot
2021-09-19 13:35 kernel test robot
2022-01-02 4:23 kernel test robot
2022-01-08 15:50 kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.