The Linux Kernel Mailing List
 help / color / mirror / Atom feed
* [PATCH] tools/nolibc: mark arg1 operand in __nolibc_syscall0() as write-only
@ 2026-07-03 17:30 Thomas Weißschuh
  2026-07-03 17:41 ` Willy Tarreau
  0 siblings, 1 reply; 3+ messages in thread
From: Thomas Weißschuh @ 2026-07-03 17:30 UTC (permalink / raw)
  To: Willy Tarreau; +Cc: linux-kernel, Thomas Weißschuh

__nolibc_syscall0() does not set the arg1 variable before passing it to
the asm block. This uninitialized variable read is undefined behavior.
Clang can miscompile this.

Mark the asm operand as write-only to fix this.

Fixes: 8e1930296f92 ("tools/nolibc: Add support for SPARC")
Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
---
 tools/include/nolibc/arch-sparc.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/include/nolibc/arch-sparc.h b/tools/include/nolibc/arch-sparc.h
index ddae9bc10dfe..23fab40accfa 100644
--- a/tools/include/nolibc/arch-sparc.h
+++ b/tools/include/nolibc/arch-sparc.h
@@ -45,7 +45,7 @@
 									      \
 	__asm__ volatile (                                                    \
 		_NOLIBC_SYSCALL                                               \
-		: "+r"(_arg1)                                                 \
+		: "=r"(_arg1)                                                 \
 		: "r"(_num)                                                   \
 		: "memory", "cc"                                              \
 	);                                                                    \

---
base-commit: d92642aeb2b9b0c670194d5768c3a6b227002d0d
change-id: 20260703-nolibc-sparc-asm-3544ec0f1edc

Best regards,
--  
Thomas Weißschuh <linux@weissschuh.net>


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] tools/nolibc: mark arg1 operand in __nolibc_syscall0() as write-only
  2026-07-03 17:30 [PATCH] tools/nolibc: mark arg1 operand in __nolibc_syscall0() as write-only Thomas Weißschuh
@ 2026-07-03 17:41 ` Willy Tarreau
  2026-07-03 17:45   ` Willy Tarreau
  0 siblings, 1 reply; 3+ messages in thread
From: Willy Tarreau @ 2026-07-03 17:41 UTC (permalink / raw)
  To: Thomas Weißschuh; +Cc: linux-kernel, Daniel Palmer

Hi Thomas!

On Fri, Jul 03, 2026 at 07:30:16PM +0200, Thomas Weißschuh wrote:
> __nolibc_syscall0() does not set the arg1 variable before passing it to
> the asm block. This uninitialized variable read is undefined behavior.
> Clang can miscompile this.
 
Interesting. I don't know how we ended up like this, most likely just
due to reusing the same code blocks for the different variants. I'm
noting that m68k is affected as well then. I'm CCing Daniel for a
double-check.

> Mark the asm operand as write-only to fix this.
> 
> Fixes: 8e1930296f92 ("tools/nolibc: Add support for SPARC")
> Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
> ---
>  tools/include/nolibc/arch-sparc.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/tools/include/nolibc/arch-sparc.h b/tools/include/nolibc/arch-sparc.h
> index ddae9bc10dfe..23fab40accfa 100644
> --- a/tools/include/nolibc/arch-sparc.h
> +++ b/tools/include/nolibc/arch-sparc.h
> @@ -45,7 +45,7 @@
>  									      \
>  	__asm__ volatile (                                                    \
>  		_NOLIBC_SYSCALL                                               \
> -		: "+r"(_arg1)                                                 \
> +		: "=r"(_arg1)                                                 \
>  		: "r"(_num)                                                   \
>  		: "memory", "cc"                                              \
>  	);                                                                    \

Agreed, this totally makes sense.

Acked-by: Willy Tarreau <w@1wt.eu>

Thanks!
Willy

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] tools/nolibc: mark arg1 operand in __nolibc_syscall0() as write-only
  2026-07-03 17:41 ` Willy Tarreau
@ 2026-07-03 17:45   ` Willy Tarreau
  0 siblings, 0 replies; 3+ messages in thread
From: Willy Tarreau @ 2026-07-03 17:45 UTC (permalink / raw)
  To: Thomas Weißschuh; +Cc: linux-kernel, Daniel Palmer

On Fri, Jul 03, 2026 at 07:41:58PM +0200, Willy Tarreau wrote:
> Hi Thomas!
> 
> On Fri, Jul 03, 2026 at 07:30:16PM +0200, Thomas Weißschuh wrote:
> > __nolibc_syscall0() does not set the arg1 variable before passing it to
> > the asm block. This uninitialized variable read is undefined behavior.
> > Clang can miscompile this.
>  
> Interesting. I don't know how we ended up like this, most likely just
> due to reusing the same code blocks for the different variants. I'm
> noting that m68k is affected as well then. I'm CCing Daniel for a
> double-check.

Hmmm no I'm wrong, sorry Daniel for the noise, on m68k _num is initialized
before being passed to the asm statement so "+r" is fine there.

Willy

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2026-07-03 17:45 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-07-03 17:30 [PATCH] tools/nolibc: mark arg1 operand in __nolibc_syscall0() as write-only Thomas Weißschuh
2026-07-03 17:41 ` Willy Tarreau
2026-07-03 17:45   ` Willy Tarreau

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox