drivers/vdpa/vdpa_user/vduse_dev.c:1364 vduse_ioctl() error: __copy_from_user() '&__gu_val' too small (4 vs 8)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: kernel test robot <lkp@intel.com>
To: kbuild@lists.01.org
Subject: drivers/vdpa/vdpa_user/vduse_dev.c:1364 vduse_ioctl() error: __copy_from_user() '&__gu_val' too small (4 vs 8)
Date: Sun, 23 Jan 2022 09:36:03 +0800	[thread overview]
Message-ID: <202201230950.HCGyhLE7-lkp@intel.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 5897 bytes --]

CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Xie Yongji <xieyongji@bytedance.com>
CC: "Michael S. Tsirkin" <mst@redhat.com>

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head:   1c52283265a462a100ae63ddf58b4e5884acde86
commit: c8a6153b6c59d95c0e091f053f6f180952ade91e vduse: Introduce VDUSE - vDPA Device in Userspace
date:   5 months ago
:::::: branch date: 16 hours ago
:::::: commit date: 5 months ago
config: microblaze-randconfig-m031-20220122 (https://download.01.org/0day-ci/archive/20220123/202201230950.HCGyhLE7-lkp(a)intel.com/config)
compiler: microblaze-linux-gcc (GCC) 11.2.0

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>

New smatch warnings:
drivers/vdpa/vdpa_user/vduse_dev.c:1364 vduse_ioctl() error: __copy_from_user() '&__gu_val' too small (4 vs 8)

Old smatch warnings:
arch/microblaze/include/asm/thread_info.h:91 current_thread_info() error: uninitialized symbol 'sp'.
drivers/vdpa/vdpa_user/vduse_dev.c:1602 vduse_init() warn: missing error code 'ret'

vim +1364 drivers/vdpa/vdpa_user/vduse_dev.c

c8a6153b6c59d9 Xie Yongji 2021-08-31  1347  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1348  static long vduse_ioctl(struct file *file, unsigned int cmd,
c8a6153b6c59d9 Xie Yongji 2021-08-31  1349  			unsigned long arg)
c8a6153b6c59d9 Xie Yongji 2021-08-31  1350  {
c8a6153b6c59d9 Xie Yongji 2021-08-31  1351  	int ret;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1352  	void __user *argp = (void __user *)arg;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1353  	struct vduse_control *control = file->private_data;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1354  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1355  	mutex_lock(&vduse_lock);
c8a6153b6c59d9 Xie Yongji 2021-08-31  1356  	switch (cmd) {
c8a6153b6c59d9 Xie Yongji 2021-08-31  1357  	case VDUSE_GET_API_VERSION:
c8a6153b6c59d9 Xie Yongji 2021-08-31  1358  		ret = put_user(control->api_version, (u64 __user *)argp);
c8a6153b6c59d9 Xie Yongji 2021-08-31  1359  		break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1360  	case VDUSE_SET_API_VERSION: {
c8a6153b6c59d9 Xie Yongji 2021-08-31  1361  		u64 api_version;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1362  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1363  		ret = -EFAULT;
c8a6153b6c59d9 Xie Yongji 2021-08-31 @1364  		if (get_user(api_version, (u64 __user *)argp))
c8a6153b6c59d9 Xie Yongji 2021-08-31  1365  			break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1366  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1367  		ret = -EINVAL;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1368  		if (api_version > VDUSE_API_VERSION)
c8a6153b6c59d9 Xie Yongji 2021-08-31  1369  			break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1370  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1371  		ret = 0;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1372  		control->api_version = api_version;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1373  		break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1374  	}
c8a6153b6c59d9 Xie Yongji 2021-08-31  1375  	case VDUSE_CREATE_DEV: {
c8a6153b6c59d9 Xie Yongji 2021-08-31  1376  		struct vduse_dev_config config;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1377  		unsigned long size = offsetof(struct vduse_dev_config, config);
c8a6153b6c59d9 Xie Yongji 2021-08-31  1378  		void *buf;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1379  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1380  		ret = -EFAULT;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1381  		if (copy_from_user(&config, argp, size))
c8a6153b6c59d9 Xie Yongji 2021-08-31  1382  			break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1383  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1384  		ret = -EINVAL;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1385  		if (vduse_validate_config(&config) == false)
c8a6153b6c59d9 Xie Yongji 2021-08-31  1386  			break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1387  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1388  		buf = vmemdup_user(argp + size, config.config_size);
c8a6153b6c59d9 Xie Yongji 2021-08-31  1389  		if (IS_ERR(buf)) {
c8a6153b6c59d9 Xie Yongji 2021-08-31  1390  			ret = PTR_ERR(buf);
c8a6153b6c59d9 Xie Yongji 2021-08-31  1391  			break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1392  		}
c8a6153b6c59d9 Xie Yongji 2021-08-31  1393  		config.name[VDUSE_NAME_MAX - 1] = '\0';
c8a6153b6c59d9 Xie Yongji 2021-08-31  1394  		ret = vduse_create_dev(&config, buf, control->api_version);
c8a6153b6c59d9 Xie Yongji 2021-08-31  1395  		break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1396  	}
c8a6153b6c59d9 Xie Yongji 2021-08-31  1397  	case VDUSE_DESTROY_DEV: {
c8a6153b6c59d9 Xie Yongji 2021-08-31  1398  		char name[VDUSE_NAME_MAX];
c8a6153b6c59d9 Xie Yongji 2021-08-31  1399  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1400  		ret = -EFAULT;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1401  		if (copy_from_user(name, argp, VDUSE_NAME_MAX))
c8a6153b6c59d9 Xie Yongji 2021-08-31  1402  			break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1403  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1404  		name[VDUSE_NAME_MAX - 1] = '\0';
c8a6153b6c59d9 Xie Yongji 2021-08-31  1405  		ret = vduse_destroy_dev(name);
c8a6153b6c59d9 Xie Yongji 2021-08-31  1406  		break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1407  	}
c8a6153b6c59d9 Xie Yongji 2021-08-31  1408  	default:
c8a6153b6c59d9 Xie Yongji 2021-08-31  1409  		ret = -EINVAL;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1410  		break;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1411  	}
c8a6153b6c59d9 Xie Yongji 2021-08-31  1412  	mutex_unlock(&vduse_lock);
c8a6153b6c59d9 Xie Yongji 2021-08-31  1413  
c8a6153b6c59d9 Xie Yongji 2021-08-31  1414  	return ret;
c8a6153b6c59d9 Xie Yongji 2021-08-31  1415  }
c8a6153b6c59d9 Xie Yongji 2021-08-31  1416  

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org

next             reply	other threads:[~2022-01-23  1:36 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-23  1:36 kernel test robot [this message]
  -- strict thread matches above, loose matches on Subject: below --
2022-02-13  5:14 drivers/vdpa/vdpa_user/vduse_dev.c:1364 vduse_ioctl() error: __copy_from_user() '&__gu_val' too small (4 vs 8) kernel test robot
2021-11-11 20:29 kernel test robot
2021-11-06  4:05 kernel test robot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202201230950.HCGyhLE7-lkp@intel.com \
    --to=lkp@intel.com \
    --cc=kbuild@lists.01.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.