* [PATCH] staging: vchiq: silence an uninitialized variable warning
@ 2020-09-30 9:02 Dan Carpenter
2020-09-30 10:22 ` Arnd Bergmann
0 siblings, 1 reply; 4+ messages in thread
From: Dan Carpenter @ 2020-09-30 9:02 UTC (permalink / raw)
To: Nicolas Saenz Julienne
Cc: devel, Arnd Bergmann, Greg Kroah-Hartman, Marcelo Diop-Gonzalez,
kernel-janitors, bcm-kernel-feedback-list, linux-rpi-kernel,
Jamal Shareef, linux-arm-kernel
Smatch complains that "userdata" can be passed to vchiq_bulk_transfer()
without being initialized. Smatch is correct, however, in that
situation the "userdata" is not used so it doesn't cause a problem.
Passing an uninitialized variable will trigger a UBSan warning at
runtime so this warning is worth silencing by setting "userdata" to
NULL.
Fixes: a4367cd2b231 ("staging: vchiq: convert compat bulk transfer")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
---
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
index 590415561b73..71b962777da5 100644
--- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
+++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
@@ -952,7 +952,7 @@ static int vchiq_irq_queue_bulk_tx_rx(struct vchiq_instance *instance,
{
struct vchiq_service *service;
struct bulk_waiter_node *waiter = NULL;
- void *userdata;
+ void *userdata = NULL;
int status = 0;
int ret;
--
2.28.0
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] staging: vchiq: silence an uninitialized variable warning
2020-09-30 9:02 [PATCH] staging: vchiq: silence an uninitialized variable warning Dan Carpenter
@ 2020-09-30 10:22 ` Arnd Bergmann
2020-09-30 12:27 ` Dan Carpenter
2020-09-30 12:30 ` [PATCH v2] staging: vchiq: Fix an uninitialized variable Dan Carpenter
0 siblings, 2 replies; 4+ messages in thread
From: Arnd Bergmann @ 2020-09-30 10:22 UTC (permalink / raw)
To: Dan Carpenter
Cc: Linux ARM, driverdevel, Greg Kroah-Hartman,
Marcelo Diop-Gonzalez, kernel-janitors, bcm-kernel-feedback-list,
moderated list:BROADCOM BCM2835 ARM ARCHITECTURE, Jamal Shareef,
Nicolas Saenz Julienne
On Wed, Sep 30, 2020 at 11:02 AM Dan Carpenter <dan.carpenter@oracle.com> wrote:
>
> Smatch complains that "userdata" can be passed to vchiq_bulk_transfer()
> without being initialized. Smatch is correct, however, in that
> situation the "userdata" is not used so it doesn't cause a problem.
> Passing an uninitialized variable will trigger a UBSan warning at
> runtime so this warning is worth silencing by setting "userdata" to
> NULL.
>
> Fixes: a4367cd2b231 ("staging: vchiq: convert compat bulk transfer")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
The change looks fine, but I wonder if it's actually worse and the
uninitialized pointer can end up getting copied back to user space
in the completion.
In either case, thanks for the fix!
Acked-by: Arnd Bergmann <arnd@arndb.de>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] staging: vchiq: silence an uninitialized variable warning
2020-09-30 10:22 ` Arnd Bergmann
@ 2020-09-30 12:27 ` Dan Carpenter
2020-09-30 12:30 ` [PATCH v2] staging: vchiq: Fix an uninitialized variable Dan Carpenter
1 sibling, 0 replies; 4+ messages in thread
From: Dan Carpenter @ 2020-09-30 12:27 UTC (permalink / raw)
To: Arnd Bergmann
Cc: driverdevel, Greg Kroah-Hartman, Marcelo Diop-Gonzalez,
kernel-janitors, Nicolas Saenz Julienne,
bcm-kernel-feedback-list,
moderated list:BROADCOM BCM2835 ARM ARCHITECTURE, Jamal Shareef,
Linux ARM
On Wed, Sep 30, 2020 at 12:22:37PM +0200, Arnd Bergmann wrote:
> On Wed, Sep 30, 2020 at 11:02 AM Dan Carpenter <dan.carpenter@oracle.com> wrote:
> >
> > Smatch complains that "userdata" can be passed to vchiq_bulk_transfer()
> > without being initialized. Smatch is correct, however, in that
> > situation the "userdata" is not used so it doesn't cause a problem.
> > Passing an uninitialized variable will trigger a UBSan warning at
> > runtime so this warning is worth silencing by setting "userdata" to
> > NULL.
> >
> > Fixes: a4367cd2b231 ("staging: vchiq: convert compat bulk transfer")
> > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> The change looks fine, but I wonder if it's actually worse and the
> uninitialized pointer can end up getting copied back to user space
> in the completion.
Ah... Wow. You're right. I think I really need to resend this with a
more accurate commit message.
regards,
dan carpenter
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH v2] staging: vchiq: Fix an uninitialized variable
2020-09-30 10:22 ` Arnd Bergmann
2020-09-30 12:27 ` Dan Carpenter
@ 2020-09-30 12:30 ` Dan Carpenter
1 sibling, 0 replies; 4+ messages in thread
From: Dan Carpenter @ 2020-09-30 12:30 UTC (permalink / raw)
To: Nicolas Saenz Julienne
Cc: devel, Arnd Bergmann, Greg Kroah-Hartman, Marcelo Diop-Gonzalez,
kernel-janitors, bcm-kernel-feedback-list, linux-rpi-kernel,
Jamal Shareef, linux-arm-kernel
Smatch complains that "userdata" can be passed to vchiq_bulk_transfer()
without being initialized. This leads to a potential information leak
later on.
Fixes: a4367cd2b231 ("staging: vchiq: convert compat bulk transfer")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
---
v2: update commit message.
drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
index 590415561b73..71b962777da5 100644
--- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
+++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
@@ -952,7 +952,7 @@ static int vchiq_irq_queue_bulk_tx_rx(struct vchiq_instance *instance,
{
struct vchiq_service *service;
struct bulk_waiter_node *waiter = NULL;
- void *userdata;
+ void *userdata = NULL;
int status = 0;
int ret;
--
2.28.0
_______________________________________________
devel mailing list
devel@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
^ permalink raw reply related [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-09-30 12:34 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-30 9:02 [PATCH] staging: vchiq: silence an uninitialized variable warning Dan Carpenter
2020-09-30 10:22 ` Arnd Bergmann
2020-09-30 12:27 ` Dan Carpenter
2020-09-30 12:30 ` [PATCH v2] staging: vchiq: Fix an uninitialized variable Dan Carpenter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).