From: kernel test robot <lkp@intel.com>
To: oe-kbuild@lists.linux.dev
Cc: lkp@intel.com, Dan Carpenter <error27@gmail.com>
Subject: [linux-next:master 3689/8126] fs/xattr.c:692 __do_sys_setxattrat() warn: comparison of a potentially tagged address (__do_sys_setxattrat, 5, usize)
Date: Sun, 1 Sep 2024 09:27:02 +0800 [thread overview]
Message-ID: <202409010924.1NBtrsYA-lkp@intel.com> (raw)
BCC: lkp@intel.com
CC: oe-kbuild-all@lists.linux.dev
CC: Linux Memory Management List <linux-mm@kvack.org>
TO: "Christian Göttsche" <cgzones@googlemail.com>
CC: Christian Brauner <brauner@kernel.org>
CC: Arnd Bergmann <arnd@arndb.de>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
head: 985bf40edf4343dcb04c33f58b40b4a85c1776d4
commit: 6a7fb6ebe3718ca5f56468b163ff82c65bdf7b7f [3689/8126] fs/xattr: add *at family syscalls
:::::: branch date: 2 days ago
:::::: commit date: 3 weeks ago
config: arm64-randconfig-r071-20240901 (https://download.01.org/0day-ci/archive/20240901/202409010924.1NBtrsYA-lkp@intel.com/config)
compiler: aarch64-linux-gcc (GCC) 14.1.0
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Reported-by: Dan Carpenter <error27@gmail.com>
| Closes: https://lore.kernel.org/r/202409010924.1NBtrsYA-lkp@intel.com/
smatch warnings:
fs/xattr.c:692 __do_sys_setxattrat() warn: comparison of a potentially tagged address (__do_sys_setxattrat, 5, usize)
fs/xattr.c:692 __do_sys_setxattrat() warn: comparison of a potentially tagged address (__do_sys_setxattrat, 5, usize)
fs/xattr.c:849 __do_sys_getxattrat() warn: comparison of a potentially tagged address (__do_sys_getxattrat, 5, usize)
fs/xattr.c:849 __do_sys_getxattrat() warn: comparison of a potentially tagged address (__do_sys_getxattrat, 5, usize)
vim +692 fs/xattr.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 679
6a7fb6ebe3718c Christian Göttsche 2024-04-26 680 SYSCALL_DEFINE6(setxattrat, int, dfd, const char __user *, pathname, unsigned int, at_flags,
6a7fb6ebe3718c Christian Göttsche 2024-04-26 681 const char __user *, name, const struct xattr_args __user *, uargs,
6a7fb6ebe3718c Christian Göttsche 2024-04-26 682 size_t, usize)
6a7fb6ebe3718c Christian Göttsche 2024-04-26 683 {
6a7fb6ebe3718c Christian Göttsche 2024-04-26 684 struct xattr_args args = {};
6a7fb6ebe3718c Christian Göttsche 2024-04-26 685 int error;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 686
6a7fb6ebe3718c Christian Göttsche 2024-04-26 687 BUILD_BUG_ON(sizeof(struct xattr_args) < XATTR_ARGS_SIZE_VER0);
6a7fb6ebe3718c Christian Göttsche 2024-04-26 688 BUILD_BUG_ON(sizeof(struct xattr_args) != XATTR_ARGS_SIZE_LATEST);
6a7fb6ebe3718c Christian Göttsche 2024-04-26 689
6a7fb6ebe3718c Christian Göttsche 2024-04-26 690 if (unlikely(usize < XATTR_ARGS_SIZE_VER0))
6a7fb6ebe3718c Christian Göttsche 2024-04-26 691 return -EINVAL;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 @692 if (usize > PAGE_SIZE)
6a7fb6ebe3718c Christian Göttsche 2024-04-26 693 return -E2BIG;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 694
6a7fb6ebe3718c Christian Göttsche 2024-04-26 695 error = copy_struct_from_user(&args, sizeof(args), uargs, usize);
6a7fb6ebe3718c Christian Göttsche 2024-04-26 696 if (error)
6a7fb6ebe3718c Christian Göttsche 2024-04-26 697 return error;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 698
6a7fb6ebe3718c Christian Göttsche 2024-04-26 699 return path_setxattrat(dfd, pathname, at_flags, name,
6a7fb6ebe3718c Christian Göttsche 2024-04-26 700 u64_to_user_ptr(args.value), args.size,
6a7fb6ebe3718c Christian Göttsche 2024-04-26 701 args.flags);
6a7fb6ebe3718c Christian Göttsche 2024-04-26 702 }
6a7fb6ebe3718c Christian Göttsche 2024-04-26 703
8cc431165d8fbd Eric Biggers 2014-10-12 704 SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
64fd1de3d82165 Heiko Carstens 2009-01-14 705 const char __user *, name, const void __user *, value,
64fd1de3d82165 Heiko Carstens 2009-01-14 706 size_t, size, int, flags)
^1da177e4c3f41 Linus Torvalds 2005-04-16 707 {
6a7fb6ebe3718c Christian Göttsche 2024-04-26 708 return path_setxattrat(AT_FDCWD, pathname, 0, name, value, size, flags);
18f335aff86913 Dave Hansen 2008-02-15 709 }
8cc431165d8fbd Eric Biggers 2014-10-12 710
8cc431165d8fbd Eric Biggers 2014-10-12 711 SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
8cc431165d8fbd Eric Biggers 2014-10-12 712 const char __user *, name, const void __user *, value,
8cc431165d8fbd Eric Biggers 2014-10-12 713 size_t, size, int, flags)
8cc431165d8fbd Eric Biggers 2014-10-12 714 {
6a7fb6ebe3718c Christian Göttsche 2024-04-26 715 return path_setxattrat(AT_FDCWD, pathname, AT_SYMLINK_NOFOLLOW, name,
6a7fb6ebe3718c Christian Göttsche 2024-04-26 716 value, size, flags);
^1da177e4c3f41 Linus Torvalds 2005-04-16 717 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 718
64fd1de3d82165 Heiko Carstens 2009-01-14 719 SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
64fd1de3d82165 Heiko Carstens 2009-01-14 720 const void __user *,value, size_t, size, int, flags)
^1da177e4c3f41 Linus Torvalds 2005-04-16 721 {
c3a5e3e872f368 David Howells 2024-07-23 722 struct xattr_name kname;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 723 struct kernel_xattr_ctx ctx = {
c3a5e3e872f368 David Howells 2024-07-23 724 .cvalue = value,
c3a5e3e872f368 David Howells 2024-07-23 725 .kvalue = NULL,
c3a5e3e872f368 David Howells 2024-07-23 726 .size = size,
c3a5e3e872f368 David Howells 2024-07-23 727 .kname = &kname,
c3a5e3e872f368 David Howells 2024-07-23 728 .flags = flags,
c3a5e3e872f368 David Howells 2024-07-23 729 };
c3a5e3e872f368 David Howells 2024-07-23 730 int error;
^1da177e4c3f41 Linus Torvalds 2005-04-16 731
c3a5e3e872f368 David Howells 2024-07-23 732 CLASS(fd, f)(fd);
2903ff019b346a Al Viro 2012-08-28 733 if (!f.file)
c3a5e3e872f368 David Howells 2024-07-23 734 return -EBADF;
c3a5e3e872f368 David Howells 2024-07-23 735
9f45f5bf302daa Al Viro 2014-10-31 736 audit_file(f.file);
c3a5e3e872f368 David Howells 2024-07-23 737 error = setxattr_copy(name, &ctx);
c3a5e3e872f368 David Howells 2024-07-23 738 if (error)
c3a5e3e872f368 David Howells 2024-07-23 739 return error;
c3a5e3e872f368 David Howells 2024-07-23 740
6742cee0435323 Miklos Szeredi 2018-07-18 741 error = mnt_want_write_file(f.file);
18f335aff86913 Dave Hansen 2008-02-15 742 if (!error) {
c3a5e3e872f368 David Howells 2024-07-23 743 error = do_setxattr(file_mnt_idmap(f.file),
c3a5e3e872f368 David Howells 2024-07-23 744 f.file->f_path.dentry, &ctx);
6742cee0435323 Miklos Szeredi 2018-07-18 745 mnt_drop_write_file(f.file);
18f335aff86913 Dave Hansen 2008-02-15 746 }
c3a5e3e872f368 David Howells 2024-07-23 747 kvfree(ctx.kvalue);
^1da177e4c3f41 Linus Torvalds 2005-04-16 748 return error;
^1da177e4c3f41 Linus Torvalds 2005-04-16 749 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 750
^1da177e4c3f41 Linus Torvalds 2005-04-16 751 /*
^1da177e4c3f41 Linus Torvalds 2005-04-16 752 * Extended attribute GET operations
^1da177e4c3f41 Linus Torvalds 2005-04-16 753 */
c975cad9315700 Stefan Roesch 2022-04-24 754 ssize_t
5a6f52d20ce3cd Christian Brauner 2022-10-28 755 do_getxattr(struct mnt_idmap *idmap, struct dentry *d,
53566cca34de34 Christian Göttsche 2024-04-26 756 struct kernel_xattr_ctx *ctx)
^1da177e4c3f41 Linus Torvalds 2005-04-16 757 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 758 ssize_t error;
c975cad9315700 Stefan Roesch 2022-04-24 759 char *kname = ctx->kname->name;
^1da177e4c3f41 Linus Torvalds 2005-04-16 760
c975cad9315700 Stefan Roesch 2022-04-24 761 if (ctx->size) {
c975cad9315700 Stefan Roesch 2022-04-24 762 if (ctx->size > XATTR_SIZE_MAX)
c975cad9315700 Stefan Roesch 2022-04-24 763 ctx->size = XATTR_SIZE_MAX;
c975cad9315700 Stefan Roesch 2022-04-24 764 ctx->kvalue = kvzalloc(ctx->size, GFP_KERNEL);
c975cad9315700 Stefan Roesch 2022-04-24 765 if (!ctx->kvalue)
^1da177e4c3f41 Linus Torvalds 2005-04-16 766 return -ENOMEM;
779302e67835fe Sasha Levin 2012-07-30 767 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 768
318e66856ddec0 Christian Brauner 2022-09-22 769 if (is_posix_acl_xattr(ctx->kname->name))
5a6f52d20ce3cd Christian Brauner 2022-10-28 770 error = do_get_acl(idmap, d, kname, ctx->kvalue, ctx->size);
318e66856ddec0 Christian Brauner 2022-09-22 771 else
4609e1f18e19c3 Christian Brauner 2023-01-13 772 error = vfs_getxattr(idmap, d, kname, ctx->kvalue, ctx->size);
^1da177e4c3f41 Linus Torvalds 2005-04-16 773 if (error > 0) {
c975cad9315700 Stefan Roesch 2022-04-24 774 if (ctx->size && copy_to_user(ctx->value, ctx->kvalue, error))
^1da177e4c3f41 Linus Torvalds 2005-04-16 775 error = -EFAULT;
c975cad9315700 Stefan Roesch 2022-04-24 776 } else if (error == -ERANGE && ctx->size >= XATTR_SIZE_MAX) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 777 /* The file system tried to returned a value bigger
^1da177e4c3f41 Linus Torvalds 2005-04-16 778 than XATTR_SIZE_MAX bytes. Not possible. */
^1da177e4c3f41 Linus Torvalds 2005-04-16 779 error = -E2BIG;
^1da177e4c3f41 Linus Torvalds 2005-04-16 780 }
0b2a6f231dcbc7 Richard Weinberger 2016-01-02 781
c975cad9315700 Stefan Roesch 2022-04-24 782 return error;
c975cad9315700 Stefan Roesch 2022-04-24 783 }
0b2a6f231dcbc7 Richard Weinberger 2016-01-02 784
c975cad9315700 Stefan Roesch 2022-04-24 785 static ssize_t
5a6f52d20ce3cd Christian Brauner 2022-10-28 786 getxattr(struct mnt_idmap *idmap, struct dentry *d,
c975cad9315700 Stefan Roesch 2022-04-24 787 const char __user *name, void __user *value, size_t size)
c975cad9315700 Stefan Roesch 2022-04-24 788 {
c975cad9315700 Stefan Roesch 2022-04-24 789 ssize_t error;
c975cad9315700 Stefan Roesch 2022-04-24 790 struct xattr_name kname;
53566cca34de34 Christian Göttsche 2024-04-26 791 struct kernel_xattr_ctx ctx = {
c975cad9315700 Stefan Roesch 2022-04-24 792 .value = value,
c975cad9315700 Stefan Roesch 2022-04-24 793 .kvalue = NULL,
c975cad9315700 Stefan Roesch 2022-04-24 794 .size = size,
c975cad9315700 Stefan Roesch 2022-04-24 795 .kname = &kname,
c975cad9315700 Stefan Roesch 2022-04-24 796 .flags = 0,
c975cad9315700 Stefan Roesch 2022-04-24 797 };
c975cad9315700 Stefan Roesch 2022-04-24 798
c975cad9315700 Stefan Roesch 2022-04-24 799 error = strncpy_from_user(kname.name, name, sizeof(kname.name));
c975cad9315700 Stefan Roesch 2022-04-24 800 if (error == 0 || error == sizeof(kname.name))
c975cad9315700 Stefan Roesch 2022-04-24 801 error = -ERANGE;
c975cad9315700 Stefan Roesch 2022-04-24 802 if (error < 0)
c975cad9315700 Stefan Roesch 2022-04-24 803 return error;
c975cad9315700 Stefan Roesch 2022-04-24 804
5a6f52d20ce3cd Christian Brauner 2022-10-28 805 error = do_getxattr(idmap, d, &ctx);
c975cad9315700 Stefan Roesch 2022-04-24 806
c975cad9315700 Stefan Roesch 2022-04-24 807 kvfree(ctx.kvalue);
^1da177e4c3f41 Linus Torvalds 2005-04-16 808 return error;
^1da177e4c3f41 Linus Torvalds 2005-04-16 809 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 810
6a7fb6ebe3718c Christian Göttsche 2024-04-26 811 static ssize_t path_getxattrat(int dfd, const char __user *pathname,
6a7fb6ebe3718c Christian Göttsche 2024-04-26 812 unsigned int at_flags, const char __user *name,
6a7fb6ebe3718c Christian Göttsche 2024-04-26 813 void __user *value, size_t size)
^1da177e4c3f41 Linus Torvalds 2005-04-16 814 {
2d8f30380ab8c7 Al Viro 2008-07-22 815 struct path path;
^1da177e4c3f41 Linus Torvalds 2005-04-16 816 ssize_t error;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 817 int lookup_flags;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 818
6a7fb6ebe3718c Christian Göttsche 2024-04-26 819 if ((at_flags & ~(AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)) != 0)
6a7fb6ebe3718c Christian Göttsche 2024-04-26 820 return -EINVAL;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 821
6a7fb6ebe3718c Christian Göttsche 2024-04-26 822 lookup_flags = (at_flags & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 823 if (at_flags & AT_EMPTY_PATH)
6a7fb6ebe3718c Christian Göttsche 2024-04-26 824 lookup_flags |= LOOKUP_EMPTY;
60e66b48ca2081 Jeff Layton 2012-12-11 825 retry:
6a7fb6ebe3718c Christian Göttsche 2024-04-26 826 error = user_path_at(dfd, pathname, lookup_flags, &path);
^1da177e4c3f41 Linus Torvalds 2005-04-16 827 if (error)
^1da177e4c3f41 Linus Torvalds 2005-04-16 828 return error;
5a6f52d20ce3cd Christian Brauner 2022-10-28 829 error = getxattr(mnt_idmap(path.mnt), path.dentry, name, value, size);
2d8f30380ab8c7 Al Viro 2008-07-22 830 path_put(&path);
60e66b48ca2081 Jeff Layton 2012-12-11 831 if (retry_estale(error, lookup_flags)) {
60e66b48ca2081 Jeff Layton 2012-12-11 832 lookup_flags |= LOOKUP_REVAL;
60e66b48ca2081 Jeff Layton 2012-12-11 833 goto retry;
60e66b48ca2081 Jeff Layton 2012-12-11 834 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 835 return error;
^1da177e4c3f41 Linus Torvalds 2005-04-16 836 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 837
6a7fb6ebe3718c Christian Göttsche 2024-04-26 838 SYSCALL_DEFINE6(getxattrat, int, dfd, const char __user *, pathname, unsigned int, at_flags,
6a7fb6ebe3718c Christian Göttsche 2024-04-26 839 const char __user *, name, struct xattr_args __user *, uargs, size_t, usize)
6a7fb6ebe3718c Christian Göttsche 2024-04-26 840 {
6a7fb6ebe3718c Christian Göttsche 2024-04-26 841 struct xattr_args args = {};
6a7fb6ebe3718c Christian Göttsche 2024-04-26 842 int error;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 843
6a7fb6ebe3718c Christian Göttsche 2024-04-26 844 BUILD_BUG_ON(sizeof(struct xattr_args) < XATTR_ARGS_SIZE_VER0);
6a7fb6ebe3718c Christian Göttsche 2024-04-26 845 BUILD_BUG_ON(sizeof(struct xattr_args) != XATTR_ARGS_SIZE_LATEST);
6a7fb6ebe3718c Christian Göttsche 2024-04-26 846
6a7fb6ebe3718c Christian Göttsche 2024-04-26 847 if (unlikely(usize < XATTR_ARGS_SIZE_VER0))
6a7fb6ebe3718c Christian Göttsche 2024-04-26 848 return -EINVAL;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 @849 if (usize > PAGE_SIZE)
6a7fb6ebe3718c Christian Göttsche 2024-04-26 850 return -E2BIG;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 851
6a7fb6ebe3718c Christian Göttsche 2024-04-26 852 error = copy_struct_from_user(&args, sizeof(args), uargs, usize);
6a7fb6ebe3718c Christian Göttsche 2024-04-26 853 if (error)
6a7fb6ebe3718c Christian Göttsche 2024-04-26 854 return error;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 855
6a7fb6ebe3718c Christian Göttsche 2024-04-26 856 if (args.flags != 0)
6a7fb6ebe3718c Christian Göttsche 2024-04-26 857 return -EINVAL;
6a7fb6ebe3718c Christian Göttsche 2024-04-26 858
6a7fb6ebe3718c Christian Göttsche 2024-04-26 859 return path_getxattrat(dfd, pathname, at_flags, name,
6a7fb6ebe3718c Christian Göttsche 2024-04-26 860 u64_to_user_ptr(args.value), args.size);
6a7fb6ebe3718c Christian Göttsche 2024-04-26 861 }
6a7fb6ebe3718c Christian Göttsche 2024-04-26 862
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
reply other threads:[~2024-09-01 1:27 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202409010924.1NBtrsYA-lkp@intel.com \
--to=lkp@intel.com \
--cc=error27@gmail.com \
--cc=oe-kbuild@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.