Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp2383165ybh; Mon, 9 Mar 2020 04:54:58 -0700 (PDT) X-Google-Smtp-Source: ADFU+vtCsBOrm22w+VbNtADIdQlah0l7u4/sOqMELsv7A97AiTGXwfsJpUtNQtyhv9sbByW7eCu8 X-Received: by 2002:a05:6808:6ca:: with SMTP id m10mr10867948oih.63.1583754897938; Mon, 09 Mar 2020 04:54:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1583754897; cv=none; d=google.com; s=arc-20160816; b=QYliZBtOloVNuhy484DPDAq8JxNKqBA84gmDC+w2d6a3wqsCux35sBbtPlbKLg+Eyc LGQTkHYWQlX9UwzTNTH2TEVmqprKRk+rQ0D/pUocNZEmoGmVtUgdlHO+1k7CF6MABBNW sPpJq0iolAtKn9AUyx3/byUQn5USGwd+Y6BhSFMK763nI1BBbjto06NqTWicSywercEx gqk6wA1Va0vY2K3BauLpmDFRQ7ABx6UbbNarD14dzle3AoCrIAt7ZeYw/h2/7TKiKxUj y7XJQDCFT43SucO2wHpxnzzHot0zGgHxhH1sLJgUkJPjKu/xTxXqs625CawclDn2i0wJ HzNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=A+8e1ZJvLxFvMv1z1RgLvbeZ9xImIdjD3uf9/zDP4HQ=; b=po/KnJrbEQacqs8ReE5NuLDhc0h3Nt9ENkgiV2e3NhuYCHJ/PHhEOkoiWXFcBKzwUg Kep4rHB62jxgxqPdGv6xhjpu7CIKZv6zqFk0G3KAj7I+pUgVnum9TmcnQfbwa9quwOwL 37I0jXG7WSQ4uyMuev2O4ULubXE+51YKtsqNe57KG9Bkc42l+JgcxpgB5QMRHP3ojFjP aUlFjxTejqAlET2jk+QPz5LchMtRLeG3Eoh7sOLNDHjjvioIr+Ai4BjjIVD5hVDDGs1I NBEqp3QiYWkojHXecuH6vOvSUfeQgubBMzEXMTVefatyI3D5XBgj7C3tCoY8WKsBC0Tf Xx1A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=oaL3YTt4; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v203si4003850oif.224.2020.03.09.04.54.45; Mon, 09 Mar 2020 04:54:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=oaL3YTt4; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726492AbgCILxm (ORCPT + 99 others); Mon, 9 Mar 2020 07:53:42 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:38353 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725796AbgCILxl (ORCPT ); Mon, 9 Mar 2020 07:53:41 -0400 Received: by mail-wm1-f65.google.com with SMTP id n2so2765232wmc.3 for ; Mon, 09 Mar 2020 04:53:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=A+8e1ZJvLxFvMv1z1RgLvbeZ9xImIdjD3uf9/zDP4HQ=; b=oaL3YTt4xI7Y5XHj5qLl3V2HPwybW5fnx9ISn59T54mho8oRaOdecnADmdEO/5MlED n/eiDObVT6osUEtWowhpIsOonWANHc0ZuaxiHl/Pbo42elEUr0uOiZe0EX7qVqnHlffo wvnX687QUdArrst4oIkJMG4TEnjlV/cvlpuoXf8VRw2ADfSo9VBAkPvfHNWOWDWQmL4P axyqJ4FWW3/UIjwHQEh6j4Qh90PQfmz7JOXBygX2tDuhWy7bDwISA5Spir104SpXybPG ZXC/seO2SuwdS9pTlPODArs+7mHWzXNE4aatJJN50QxS4as9RmUyho6hu0Auusuu8g+s KGpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=A+8e1ZJvLxFvMv1z1RgLvbeZ9xImIdjD3uf9/zDP4HQ=; b=d7ktdkFie6Tw8tuGtp1D4tEAQR/s1ZIC6WIL7Zfol2+S+cXsYnuwrnXakbWm16/0kX nNjCiPvySkIui2eutVaPCQqb0dueKV7NNdpmT92tMZ9l3rkErHzVDdUKHVx1aM9JCYNp 6vedf6SKGA8MRMamXSlqw5hMFcxeYbtlkCkZxmBdRaZxIy7biNlnaIfdfRNL7nm5oGsU fCk80ktklpplndN68P5XJ1faQmipBKvDT3DF7AYb88dyfatgz7jWdpXbWQPYkaTJkq7y PnSXk1/AmLJkL8Phx9B3ETI13ZrVFVG+4ff0jVzhM0VaC9UghPAm6WdLhdVcTslPtZay W/Zg== X-Gm-Message-State: ANhLgQ3E5b0kFnC3Aguj5WgJjjVn6CLTW08tLnnnQ7LtvQOzYVW4rY6L rt2V5nG7SNmPGcQLmHDPg/rkLxl7l3KCnbi5bZjObw== X-Received: by 2002:a1c:9a41:: with SMTP id c62mr85973wme.37.1583754819857; Mon, 09 Mar 2020 04:53:39 -0700 (PDT) MIME-Version: 1.0 References: <000000000000938a57059f7cafe4@google.com> <20200307235437.GW15444@sol.localdomain> <20200308032434.GX15444@sol.localdomain> In-Reply-To: <20200308032434.GX15444@sol.localdomain> From: Alexander Potapenko Date: Mon, 9 Mar 2020 12:53:28 +0100 Message-ID: Subject: Re: KMSAN: uninit-value in snapshot_compat_ioctl To: Eric Biggers Cc: syzbot , len.brown@intel.com, LKML , Linux PM , Pavel Machek , "Rafael J. Wysocki" , syzkaller-bugs Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > Looks like a KMSAN false positive? As far as I can tell, the memory is= being > > initialized by put_user() called under set_fs(KERNEL_DS). Why? put_user() doesn't write to kernel memory, instead it copies a value to the userspace. That's why KMSAN performs kmsan_check_memory() on it. It would actually be better if KMSAN printed an kernel-infoleak warning ins= tead. > Although, it also looks like the problematic code can just be removed, si= nce > always sizeof(compat_loff_t) =3D=3D sizeof(loff_t). I'll send a patch to= do that... Thanks! --=20 Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Stra=C3=9Fe, 33 80636 M=C3=BCnchen Gesch=C3=A4ftsf=C3=BChrer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg