* re: fsdax: output address in dax_iomap_pfn() and rename it
@ 2022-06-06 14:10 Colin King (gmail)
0 siblings, 0 replies; only message in thread
From: Colin King (gmail) @ 2022-06-06 14:10 UTC (permalink / raw)
To: Shiyang Ruan
Cc: Alexander Viro, Dan Williams, Matthew Wilcox, Jan Kara,
linux-fsdevel, nvdimm, linux-kernel@vger.kernel.org
Hi,
Static analysis with clang scan-build found a potential issue with the
following commit in linux-next today:
commit 1447ac26a96463a05ad9f5cfba7eef43d52913ef
Author: Shiyang Ruan <ruansy.fnst@fujitsu.com>
Date: Fri Jun 3 13:37:32 2022 +0800
fsdax: output address in dax_iomap_pfn() and rename it
The analysis is as follows:
static int dax_iomap_direct_access(const struct iomap *iomap, loff_t pos,
size_t size, void **kaddr, pfn_t *pfnp)
{
pgoff_t pgoff = dax_iomap_pgoff(iomap, pos);
int id, rc;
long length;
id = dax_read_lock();
length = dax_direct_access(iomap->dax_dev, pgoff, PHYS_PFN(size),
DAX_ACCESS, kaddr, pfnp);
if (length < 0) {
rc = length;
goto out;
}
if (!pfnp)
goto out_check_addr;
The above check jumps to out_check_addr, if kaddr is null then rc is not
set and a garbage uninitialized value for rc is returned on the out path.
rc = -EINVAL;
if (PFN_PHYS(length) < size)
goto out;
if (pfn_t_to_pfn(*pfnp) & (PHYS_PFN(size)-1))
goto out;
/* For larger pages we need devmap */
if (length > 1 && !pfn_t_devmap(*pfnp))
goto out;
rc = 0;
out_check_addr:
if (!kaddr)
goto out;
if (!*kaddr)
rc = -EFAULT;
out:
dax_read_unlock(id);
return rc;
}
Colin
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-06-06 14:10 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-06-06 14:10 fsdax: output address in dax_iomap_pfn() and rename it Colin King (gmail)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).