On Wed, 2020-02-26 at 23:43 +0000, Colin King wrote:
> From: Colin Ian King <[email protected]>
>
> It is possible for mempool_alloc to return null when using
> the GFP_KERNEL flag, so return NULL and avoid a null pointer
> dereference on the following memset of the null pointer.
Umm, no. That would be a false positive by coverity.
If you look at the history of that function, you'll note that we
originally had those checks, but that Neil Brown removed them after
analysis of the mempool_alloc() function. He determined (correctly, I
believe) that any value that includes GFP_WAIT cannot fail to return a
valid pointer.
>
> Addresses-Coverity: ("Dereference null return")
> Fixes: 2b17d725f9be ("NFS: Clean up writeback code")
> Signed-off-by: Colin Ian King <[email protected]>
> ---
> fs/nfs/write.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/fs/nfs/write.c b/fs/nfs/write.c
> index c478b772cc49..7ca036660dd1 100644
> --- a/fs/nfs/write.c
> +++ b/fs/nfs/write.c
> @@ -106,6 +106,9 @@ static struct nfs_pgio_header
> *nfs_writehdr_alloc(void)
> {
> struct nfs_pgio_header *p = mempool_alloc(nfs_wdata_mempool,
> GFP_KERNEL);
>
> + if (!p)
> + return NULL;
> +
> memset(p, 0, sizeof(*p));
> p->rw_mode = FMODE_WRITE;
> return p;
--
Trond Myklebust
Linux NFS client maintainer, Hammerspace
[email protected]
On 26/02/2020 23:48, Trond Myklebust wrote:
> On Wed, 2020-02-26 at 23:43 +0000, Colin King wrote:
>> From: Colin Ian King <[email protected]>
>>
>> It is possible for mempool_alloc to return null when using
>> the GFP_KERNEL flag, so return NULL and avoid a null pointer
>> dereference on the following memset of the null pointer.
>
> Umm, no. That would be a false positive by coverity.
Ah, sorry for the noise then.
>
> If you look at the history of that function, you'll note that we
> originally had those checks, but that Neil Brown removed them after
> analysis of the mempool_alloc() function. He determined (correctly, I
> believe) that any value that includes GFP_WAIT cannot fail to return a
> valid pointer.
OK - that's very helpful to know. That allows me to mark a shed load of
false positives on mempool_alloc false positives.
Colin
>
>>
>> Addresses-Coverity: ("Dereference null return")
>> Fixes: 2b17d725f9be ("NFS: Clean up writeback code")
>> Signed-off-by: Colin Ian King <[email protected]>
>> ---
>> fs/nfs/write.c | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/fs/nfs/write.c b/fs/nfs/write.c
>> index c478b772cc49..7ca036660dd1 100644
>> --- a/fs/nfs/write.c
>> +++ b/fs/nfs/write.c
>> @@ -106,6 +106,9 @@ static struct nfs_pgio_header
>> *nfs_writehdr_alloc(void)
>> {
>> struct nfs_pgio_header *p = mempool_alloc(nfs_wdata_mempool,
>> GFP_KERNEL);
>>
>> + if (!p)
>> + return NULL;
>> +
>> memset(p, 0, sizeof(*p));
>> p->rw_mode = FMODE_WRITE;
>> return p;