From nobody Wed Feb 11 19:32:28 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7CD9AC7EE29 for ; Thu, 4 May 2023 14:40:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231200AbjEDOko (ORCPT ); Thu, 4 May 2023 10:40:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38614 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230516AbjEDOkk (ORCPT ); Thu, 4 May 2023 10:40:40 -0400 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1B1332D43; Thu, 4 May 2023 07:40:39 -0700 (PDT) Received: from pps.filterd (m0353722.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 344EdXHl030081; Thu, 4 May 2023 14:40:38 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=bGpmwO8CNHgB/VUTWxghbR2Zxwr3spTuGVNeeNtfl/A=; b=tMwtLaqotOHf4/JZB9Bb3l6PJjwLLvx9EluheiLEsPrzjwwlxxZw7wXGuiISxiOz8fOg KaaGsbYXIh5yB1qRitrL76C402tCwrfssmFYl0TWytq8vR5ay7ZgK4fD+pJi6QzxePhi EAjG70a7f8WnoHW2nlRE2YCcf3vES5kf9ZZ3TNPV5DzWVSO7UTzlkFyl9lGhqz8gryAK YAZFPhoBAfRCMSE5789+VwvQA1w3G7DbgWCKnVDvVrdCGi4B3JD6uu3HL4A5zsC3R057 vup0P5/F8MoFUdqps3PqEc6eVqhnlxSboOD1/DN54IJG9Jw3DztMj9Xe61+n6hjEuHLR 5w== Received: from ppma01fra.de.ibm.com (46.49.7a9f.ip4.static.sl-reverse.com [159.122.73.70]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3qcav0ypm2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 May 2023 14:40:37 +0000 Received: from pps.filterd (ppma01fra.de.ibm.com [127.0.0.1]) by ppma01fra.de.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 344Dc7Wt020202; Thu, 4 May 2023 14:40:35 GMT Received: from smtprelay03.fra02v.mail.ibm.com ([9.218.2.224]) by ppma01fra.de.ibm.com (PPS) with ESMTPS id 3q8tv6tdnx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 May 2023 14:40:35 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay03.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 344EeVrR4522542 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 4 May 2023 14:40:31 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id AA91C20040; Thu, 4 May 2023 14:40:31 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 076C920049; Thu, 4 May 2023 14:40:31 +0000 (GMT) Received: from heavy.boeblingen.de.ibm.com (unknown [9.171.60.220]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Thu, 4 May 2023 14:40:30 +0000 (GMT) From: Ilya Leoshkevich To: Al Viro , Andrew Morton Cc: linux-kernel@vger.kernel.org, Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Ilya Leoshkevich , stable@vger.kernel.org Subject: [PATCH 1/2] statfs: Enforce statfs[64] structure intialization Date: Thu, 4 May 2023 16:40:20 +0200 Message-Id: <20230504144021.808932-2-iii@linux.ibm.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230504144021.808932-1-iii@linux.ibm.com> References: <20230504144021.808932-1-iii@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: y2Wfn83BKyDPOVyPSKKOQOZZEaneWj8P X-Proofpoint-ORIG-GUID: y2Wfn83BKyDPOVyPSKKOQOZZEaneWj8P X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-05-04_10,2023-05-04_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 impostorscore=0 lowpriorityscore=0 adultscore=0 mlxlogscore=999 clxscore=1011 suspectscore=0 malwarescore=0 bulkscore=0 mlxscore=0 spamscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2303200000 definitions=main-2305040119 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" s390's struct statfs and struct statfs64 contain padding, which field-by-field copying does not set. Initialize the respective structs with zeros before filling them and copying them to userspace, like it's already done for the compat versions of these structs. Found by KMSAN. Acked-by: Heiko Carstens Cc: stable@vger.kernel.org # v4.14+ Signed-off-by: Ilya Leoshkevich Reviewed-by: Andrew Morton --- fs/statfs.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/statfs.c b/fs/statfs.c index 0ba34c135593..96d1c3edf289 100644 --- a/fs/statfs.c +++ b/fs/statfs.c @@ -130,6 +130,7 @@ static int do_statfs_native(struct kstatfs *st, struct = statfs __user *p) if (sizeof(buf) =3D=3D sizeof(*st)) memcpy(&buf, st, sizeof(*st)); else { + memset(&buf, 0, sizeof(buf)); if (sizeof buf.f_blocks =3D=3D 4) { if ((st->f_blocks | st->f_bfree | st->f_bavail | st->f_bsize | st->f_frsize) & @@ -158,7 +159,6 @@ static int do_statfs_native(struct kstatfs *st, struct = statfs __user *p) buf.f_namelen =3D st->f_namelen; buf.f_frsize =3D st->f_frsize; buf.f_flags =3D st->f_flags; - memset(buf.f_spare, 0, sizeof(buf.f_spare)); } if (copy_to_user(p, &buf, sizeof(buf))) return -EFAULT; @@ -171,6 +171,7 @@ static int do_statfs64(struct kstatfs *st, struct statf= s64 __user *p) if (sizeof(buf) =3D=3D sizeof(*st)) memcpy(&buf, st, sizeof(*st)); else { + memset(&buf, 0, sizeof(buf)); buf.f_type =3D st->f_type; buf.f_bsize =3D st->f_bsize; buf.f_blocks =3D st->f_blocks; @@ -182,7 +183,6 @@ static int do_statfs64(struct kstatfs *st, struct statf= s64 __user *p) buf.f_namelen =3D st->f_namelen; buf.f_frsize =3D st->f_frsize; buf.f_flags =3D st->f_flags; - memset(buf.f_spare, 0, sizeof(buf.f_spare)); } if (copy_to_user(p, &buf, sizeof(buf))) return -EFAULT; --=20 2.40.1 From nobody Wed Feb 11 19:32:28 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8CB0CC77B7C for ; Thu, 4 May 2023 14:40:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231226AbjEDOkv (ORCPT ); Thu, 4 May 2023 10:40:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38778 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230049AbjEDOkq (ORCPT ); Thu, 4 May 2023 10:40:46 -0400 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3D5F0358C for ; Thu, 4 May 2023 07:40:45 -0700 (PDT) Received: from pps.filterd (m0353727.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 344EZpRF015478; Thu, 4 May 2023 14:40:44 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=AJyZqaB1bab4U3tvgHgrP+C2mc3Jtlr5vUnHOB90K2c=; b=QETFLT08Dpc/TdYi8xIay84+LW4/xM+GOOg8UxJG91XjPTQzdQC1GaNNaMyu1mnmdPEa /DQZ27/aXEGLTk76RdoXz6umMykQdFfG68Lvsrjp4y9xM7qIkss+qhL9uT0B/8wpGflY Fs/hlsO3JeZKFPckAc62+Gmj8KhSxxR4IOS+k6z5R0WTei3AhrdLfWNje3W9BQ4EJAl3 YpXh90+eAJ7DaRhaTU17dCCHDZw6HlK7JuAxjqkyc9fBOZil3I0q89wtEoLLh/7vhGvZ 40skUyaLzn1iXYgXoSHk+IvHRCTS47qbfSB3rY4k9mR9W74PYcj/eu1CY1tQZ+gVJ46Z yw== Received: from ppma04ams.nl.ibm.com (63.31.33a9.ip4.static.sl-reverse.com [169.51.49.99]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3qceec8h7w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 May 2023 14:40:41 +0000 Received: from pps.filterd (ppma04ams.nl.ibm.com [127.0.0.1]) by ppma04ams.nl.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3440gM7L020923; Thu, 4 May 2023 14:40:38 GMT Received: from smtprelay06.fra02v.mail.ibm.com ([9.218.2.230]) by ppma04ams.nl.ibm.com (PPS) with ESMTPS id 3q8tv6tx2f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 May 2023 14:40:38 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay06.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 344EeYuh37094092 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 4 May 2023 14:40:35 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D4F3520043; Thu, 4 May 2023 14:40:34 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4AA6120040; Thu, 4 May 2023 14:40:34 +0000 (GMT) Received: from heavy.boeblingen.de.ibm.com (unknown [9.171.60.220]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Thu, 4 May 2023 14:40:34 +0000 (GMT) From: Ilya Leoshkevich To: Al Viro , Andrew Morton Cc: linux-kernel@vger.kernel.org, Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Ilya Leoshkevich Subject: [PATCH 2/2] s390/uapi: Cover statfs padding by growing f_spare Date: Thu, 4 May 2023 16:40:21 +0200 Message-Id: <20230504144021.808932-3-iii@linux.ibm.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230504144021.808932-1-iii@linux.ibm.com> References: <20230504144021.808932-1-iii@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: C9BKYqGboMPIY73_0YqYDN94ubRFVMPW X-Proofpoint-GUID: C9BKYqGboMPIY73_0YqYDN94ubRFVMPW X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-05-04_10,2023-05-04_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 impostorscore=0 adultscore=0 priorityscore=1501 mlxscore=0 phishscore=0 suspectscore=0 mlxlogscore=948 spamscore=0 lowpriorityscore=0 bulkscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2303200000 definitions=main-2305040119 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" pahole says: struct compat_statfs64 { ... u32 f_spare[4]; /* 68 16 */ /* size: 88, cachelines: 1, members: 12 */ /* padding: 4 */ struct statfs { ... unsigned int f_spare[4]; /* 68 16 */ /* size: 88, cachelines: 1, members: 12 */ /* padding: 4 */ struct statfs64 { ... unsigned int f_spare[4]; /* 68 16 */ /* size: 88, cachelines: 1, members: 12 */ /* padding: 4 */ One has to keep the existence of padding in mind when working with these structs. Grow f_spare arrays to 5 in order to simplify things. Acked-by: Heiko Carstens Signed-off-by: Ilya Leoshkevich --- arch/s390/include/asm/compat.h | 2 +- arch/s390/include/uapi/asm/statfs.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/s390/include/asm/compat.h b/arch/s390/include/asm/compat.h index a386070f1d56..3cb9d813f022 100644 --- a/arch/s390/include/asm/compat.h +++ b/arch/s390/include/asm/compat.h @@ -112,7 +112,7 @@ struct compat_statfs64 { u32 f_namelen; u32 f_frsize; u32 f_flags; - u32 f_spare[4]; + u32 f_spare[5]; }; =20 /* diff --git a/arch/s390/include/uapi/asm/statfs.h b/arch/s390/include/uapi/a= sm/statfs.h index 72604f7792c3..f85b50723dd3 100644 --- a/arch/s390/include/uapi/asm/statfs.h +++ b/arch/s390/include/uapi/asm/statfs.h @@ -30,7 +30,7 @@ struct statfs { unsigned int f_namelen; unsigned int f_frsize; unsigned int f_flags; - unsigned int f_spare[4]; + unsigned int f_spare[5]; }; =20 struct statfs64 { @@ -45,7 +45,7 @@ struct statfs64 { unsigned int f_namelen; unsigned int f_frsize; unsigned int f_flags; - unsigned int f_spare[4]; + unsigned int f_spare[5]; }; =20 #endif --=20 2.40.1