Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp3723828ybc; Thu, 21 Nov 2019 12:42:32 -0800 (PST) X-Google-Smtp-Source: APXvYqwpjfkpQv/2AVPkKy4Ds65Rvn9ZqcDvJqKTgWWYM8XcsUMJZWkwmuBIaOuRdq3izy+qpFWh X-Received: by 2002:a17:906:c797:: with SMTP id cw23mr16080066ejb.19.1574368952296; Thu, 21 Nov 2019 12:42:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1574368952; cv=none; d=google.com; s=arc-20160816; b=QS+aKW6q6KGFwN1LmLo5J6t3A1NpNVV9jXxiYDnfgt3o7/Z8elmQq/2ZR7U8i5yiAL 30dH6Z5pUaOtpjSBBCcXQJaJ3KDCjGcl+fcv+g295hS7NBZMYk7OBLXlXGmIlgvx3G/6 JkmayA5WbSCCGOV6//UpLECracujopXDgeTU02njyR6cYF7pv/J1hKdN2oHJcRrmovx0 QPTCRpiCL1bWIWv7mflnwtu50pLMQlK3KPphHdyW5emBpP+5oTWAYYb+/vZiNeWkK14e AwKxxFX8CMx42hZRfIqEgci3xLCBCzePCimlRVa0oQkQJh+wL6zSNPRJhJYmFC191xX1 7ZFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=PWeV2HROb9vpmQaZWnqLtFKXd+iV5kq2HLdXfA7db2E=; b=ybJFJrHsGPiNDAR4kRtYCtmtkefWkiIvtudv6TDN6xEa7AFS3IBPF3/3Zkz8mg9DfF Y8Ip/dp3NGZat/13g/6gyrxio9n/4nZNfwz9CoK5zYI5U52uuN1TZs2lO31+kSAtzMKD Sxsftc+DXeru49hmvRUltLX+wOdtbMoYqXjGtN7mTTKj26pq6wiXlFBjh1qEtjRIorN+ dV+nlZrPSLkfhdqTTOWCw4D7hMJMnGsPS/ub4W9m42lEGI/F9cuyiXH9mpY4fVUSZV29 MQFhUBgPkEMiSzl2PEZMMGQZpuNd/UgCkFI5YC7zxrKk5YPaoVTRSY4/TFKp88VfQv65 UyTQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e19si2492970ejb.379.2019.11.21.12.42.07; Thu, 21 Nov 2019 12:42:32 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727165AbfKUUku (ORCPT + 99 others); Thu, 21 Nov 2019 15:40:50 -0500 Received: from mail2-relais-roc.national.inria.fr ([192.134.164.83]:57421 "EHLO mail2-relais-roc.national.inria.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726541AbfKUUku (ORCPT ); Thu, 21 Nov 2019 15:40:50 -0500 X-IronPort-AV: E=Sophos;i="5.69,227,1571695200"; d="scan'208";a="412935183" Received: from abo-228-123-68.mrs.modulonet.fr (HELO hadrien) ([85.68.123.228]) by mail2-relais-roc.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 21 Nov 2019 21:40:46 +0100 Date: Thu, 21 Nov 2019 21:40:45 +0100 (CET) From: Julia Lawall X-X-Sender: jll@hadrien To: Michal Kubecek cc: Dan Carpenter , jakub.kicinski@netronome.com, ast@kernel.org, natechancellor@gmail.com, jiang.xuexin@zte.com.cn, cocci , f.fainelli@gmail.com, daniel@iogearbox.net, john.fastabend@gmail.com, lirongqing@baidu.com, maxime.chevallier@bootlin.com, vivien.didelot@gmail.com, pablo@netfilter.org, wang.yi59@zte.com.cn, hawk@kernel.org, arnd@arndb.de, jiri@mellanox.com, xue.zhihong@zte.com.cn, zhanglin , Thomas Gleixner , bpf@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linyunsheng@huawei.com, Joe Perches , Andrew Morton , Linus Torvalds , davem@davemloft.net Subject: Re: [Cocci] [PATCH] net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() In-Reply-To: <20191121133817.GF29650@unicorn.suse.cz> Message-ID: References: <1572076456-12463-1-git-send-email-zhang.lin16@zte.com.cn> <20191121111917.GE29650@unicorn.suse.cz> <20191121120733.GF5604@kadam> <20191121133817.GF29650@unicorn.suse.cz> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 21 Nov 2019, Michal Kubecek wrote: > On Thu, Nov 21, 2019 at 03:07:33PM +0300, Dan Carpenter wrote: > > On Thu, Nov 21, 2019 at 12:19:17PM +0100, Michal Kubecek wrote: > > > On Thu, Nov 21, 2019 at 11:23:34AM +0100, Enrico Weigelt, metux IT consult wrote: > > > > On 26.10.19 21:40, Joe Perches wrote: > > > > > On Sat, 2019-10-26 at 15:54 +0800, zhanglin wrote: > > > > >> memset() the structure ethtool_wolinfo that has padded bytes > > > > >> but the padded bytes have not been zeroed out. > > > > > [] > > > > >> diff --git a/net/core/ethtool.c b/net/core/ethtool.c > > > > > [] > > > > >> @@ -1471,11 +1471,13 @@ static int ethtool_reset(struct net_device *dev, char __user *useraddr) > > > > >> > > > > >> static int ethtool_get_wol(struct net_device *dev, char __user *useraddr) > > > > >> { > > > > >> - struct ethtool_wolinfo wol = { .cmd = ETHTOOL_GWOL }; > > > > >> + struct ethtool_wolinfo wol; > > > > >> > > > > >> if (!dev->ethtool_ops->get_wol) > > > > >> return -EOPNOTSUPP; > > > > >> > > > > >> + memset(&wol, 0, sizeof(struct ethtool_wolinfo)); > > > > >> + wol.cmd = ETHTOOL_GWOL; > > > > >> dev->ethtool_ops->get_wol(dev, &wol); > > > > >> > > > > >> if (copy_to_user(useraddr, &wol, sizeof(wol))) > > > > > > > > > > It seems likely there are more of these. > > > > > > > > > > Is there any way for coccinelle to find them? > > > > > > > > Just curios: is static struct initialization (on stack) something that > > > > should be avoided ? I've been under the impression that static > > > > initialization allows thinner code and gives the compiler better chance > > > > for optimizations. > > > > > > Not in general. The (potential) problem here is that the structure has > > > padding and it is as a whole (i.e. including the padding) copied to > > > userspace. While I'm not aware of a compiler that wouldn't actually > > > initialize the whole data block including the padding in this case, the > > > C standard provides no guarantee about that so that to be sure we cannot > > > leak leftover kernel data to userspace, we need to explicitly initialize > > > the whole block. > > > > GCC will not always initialize the struct holes. This patch fixes a > > real bug that GCC on my system (v7.4) > > Just checked (again) to be sure. No matter if the function is inlined or > not, gcc 7.4.1 initializes the structure by one movl (of 0x5) and two > movq (of 0x0), i.e. initializes all sizeof(struct ethtool_wolinfo) = 20 > bytes including the padding. > > One could certainly construct examples where a real life compiler would > only initialize the fields. That's why I said "in this case". Looking again at the case that I mentioned, I see: # drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c:691: struct drm_amdgpu_info_device dev_info = {}; call __sanitizer_cov_trace_pc # leaq 840(%rsp), %rdi #, tmp1126 xorl %eax, %eax # tmp1127 movl $46, %ecx #, tmp1128 rep stosq So I guess the rep stosq is doing the memset. julia > > Michal Kubecek > > > _______________________________________________ > Cocci mailing list > Cocci@systeme.lip6.fr > https://systeme.lip6.fr/mailman/listinfo/cocci >