From nobody Fri Dec 19 12:52:27 2025 Received: from sender3-pp-f112.zoho.com (sender3-pp-f112.zoho.com [136.143.184.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E22AB2DAFA2; Wed, 5 Nov 2025 08:48:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=pass smtp.client-ip=136.143.184.112 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762332541; cv=pass; b=Daj28slTYCvAohSsAx6XBpae+MgHtAabptk6jHr6udG/n5kJKKuvUppxLJAzu/WYHLV41E5SNO+bF9Y7cFEiVBROVl5JtosnjVLnoPPm6UGg9qI1wCxE5QbTncn8Uu7r30CcGQ3CB/tUCqAfXjjOrBBYMFYnCkkMgdCQZ6JY4xY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762332541; c=relaxed/simple; bh=wbWnCuLLFunM/BcVHsHqiaYuD22oodG7ikx24LFExSA=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jvtT3XcJ7FwdKjBRrH8um+tn9WePoGP8m/fW/E+vicl66HHWMuBqSr8Y7d0KBFaE07rVbOPMbxwXjMq15Bx6fFX5b+4kUVUYMjVSGW1lPeAdsE4f5NHPLSvbCRKcin7tELGfwrMA9ZNJDNJIRogy9n3iOqWhlk8BO9NyzKJBYeA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux.beauty; spf=pass smtp.mailfrom=linux.beauty; dkim=pass (1024-bit key) header.d=linux.beauty header.i=me@linux.beauty header.b=LhiWe1iH; arc=pass smtp.client-ip=136.143.184.112 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux.beauty Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.beauty Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.beauty header.i=me@linux.beauty header.b="LhiWe1iH" ARC-Seal: i=1; a=rsa-sha256; t=1762332479; cv=none; d=zohomail.com; s=zohoarc; b=Bnp/x3Bnx2tfQ12gosAfIGyvlK/fp5ySj61E0ulg2gV6IAd+1nhocRYzr2lIFScNVvs4waUL48Iqirdsj1g3w9jSLJbDF0QxopRNAwE1pUFlH8CiVLWRA1gtHhQ6wRBcf2CLyKkTfEdvqtHjlZoZhByXtn9ck0ykXUB/bqR/hKM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1762332479; h=Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=u7P1xZCfbI58utps+NHX5kY2NHdA4BoKURJk9ZAJrv8=; b=VDOQLPyjWRZzh09riFmUDbx2wRGHv6rfYeUMeMbGob5h1TSTd4Jjmry+5VXM9vxyDSh7dyyiukDAWSOP1R65/wF7GxbDAKt0Musoj5+f4z0e2pdRMpcFpuer7sAIQx4CqZUho1ME7QM+4JxbrBgYA5glFZZRhpmmFpGCT2La9Gw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=linux.beauty; spf=pass smtp.mailfrom=me@linux.beauty; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1762332479; s=zmail; d=linux.beauty; i=me@linux.beauty; h=From:From:To:To:Subject:Subject:Date:Date:Message-ID:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Message-Id:Reply-To:Cc; bh=u7P1xZCfbI58utps+NHX5kY2NHdA4BoKURJk9ZAJrv8=; b=LhiWe1iHdlnG1+6rSiFkVBQMSQOS17/SqWEEufWnVdnjRWIsABDr/KkrQ0oc7Wpk JpdlrJOtaeFTo1SCG+jnhWD77OjOMDKblAqKD0H+HSC9A74gWfEpofKSJu4/JGyxa+c RYKsZE1rl5l6FKEFORdobrqS6pmooNjd4ij0WyEk= Received: by mx.zohomail.com with SMTPS id 1762332478016960.3898176076386; Wed, 5 Nov 2025 00:47:58 -0800 (PST) From: Li Chen To: Kees Cook , Nathan Chancellor , Nicolas Schier , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org Subject: [RFC PATCH 1/2] gcc-plugins: add cleanup_plugin for uninitialized cleanup detection Date: Wed, 5 Nov 2025 16:46:56 +0800 Message-ID: <20251105084733.3598704-6-me@linux.beauty> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251105084733.3598704-1-me@linux.beauty> References: <20251105084733.3598704-1-me@linux.beauty> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMailClient: External Content-Type: text/plain; charset="utf-8" From: Li Chen Add a GCC plugin to warn about uninitialized automatic variables with cleanup attributes. This helps catch this potential interdependency problem as documented in include/linux/cleanup.h. The plugin detects uninitialized cleanup variables and warns developers without blocking builds (warnings are not converted to errors by -Werror). Signed-off-by: Li Chen --- scripts/Makefile.gcc-plugins | 1 + scripts/gcc-plugins/Kconfig | 6 ++ scripts/gcc-plugins/cleanup_plugin.c | 106 +++++++++++++++++++++++++++ 3 files changed, 113 insertions(+) create mode 100644 scripts/gcc-plugins/cleanup_plugin.c diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins index b0e1423b09c21..b948261c142e6 100644 --- a/scripts/Makefile.gcc-plugins +++ b/scripts/Makefile.gcc-plugins @@ -1,5 +1,6 @@ # SPDX-License-Identifier: GPL-2.0 =20 +gcc-plugin-$(CONFIG_GCC_PLUGIN_CLEANUP_ATTRIBUTE_WARN) +=3D cleanup_plugin= .so gcc-plugin-$(CONFIG_GCC_PLUGIN_LATENT_ENTROPY) +=3D latent_entropy_plugin.= so gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_LATENT_ENTROPY) \ +=3D -DLATENT_ENTROPY_PLUGIN diff --git a/scripts/gcc-plugins/Kconfig b/scripts/gcc-plugins/Kconfig index 6b34ba19358d8..906d50eb5efa6 100644 --- a/scripts/gcc-plugins/Kconfig +++ b/scripts/gcc-plugins/Kconfig @@ -36,4 +36,10 @@ config GCC_PLUGIN_LATENT_ENTROPY * https://grsecurity.net/ * https://pax.grsecurity.net/ =20 +config GCC_PLUGIN_CLEANUP_ATTRIBUTE_WARN + def_bool y + help + Warn when local automatic variables annotated with + __attribute__((cleanup(...))) are declared without an initializer. + endif diff --git a/scripts/gcc-plugins/cleanup_plugin.c b/scripts/gcc-plugins/cle= anup_plugin.c new file mode 100644 index 0000000000000..d28f8969186de --- /dev/null +++ b/scripts/gcc-plugins/cleanup_plugin.c @@ -0,0 +1,106 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Warn about uninitialized automatic variables that use the + * __attribute__((cleanup(...))) attribute. + */ + +#include "gcc-common.h" + +__visible int plugin_is_GPL_compatible; + +static struct plugin_info cleanup_plugin_info =3D { + .version =3D PLUGIN_VERSION, + .help =3D "Warn when cleanup attribute variables lack initializers\n", +}; + +static bool has_cleanup_attribute(tree var) +{ + tree attrs; + + attrs =3D DECL_ATTRIBUTES(var); + if (!attrs) + return false; + + return lookup_attribute("cleanup", attrs) !=3D NULL_TREE; +} + +static bool is_candidate_decl(tree var) +{ + if (TREE_CODE(var) !=3D VAR_DECL) + return false; + + if (DECL_ARTIFICIAL(var)) + return false; + + if (TREE_STATIC(var) || DECL_EXTERNAL(var)) + return false; + + if (!has_cleanup_attribute(var)) + return false; + + return true; +} + +static bool has_declaration_initializer(tree var) +{ + if (DECL_INITIAL(var)) + return true; + +#ifdef DECL_INITIALIZED_P + if (DECL_INITIALIZED_P(var)) + return true; +#endif + + return false; +} + +static void warn_if_uninitialized(tree var) +{ + location_t loc; + bool saved_warning_as_error; + + if (has_declaration_initializer(var)) + return; + + loc =3D DECL_SOURCE_LOCATION(var); + if (loc =3D=3D UNKNOWN_LOCATION) + return; + + /* Temporarily disable treating warnings as errors for this specific warn= ing */ + saved_warning_as_error =3D global_dc->warning_as_error_requested_p(); + global_dc->set_warning_as_error_requested(false); + warning_at( + loc, 0, + "%qD declared with cleanup attribute is not initialized at declaration", + var); + /* Restore the original setting */ + global_dc->set_warning_as_error_requested(saved_warning_as_error); +} + +static void cleanup_finish_decl(void *gcc_data, void *user_data) +{ + tree var =3D (tree)gcc_data; + + (void)user_data; + + if (!is_candidate_decl(var)) + return; + + warn_if_uninitialized(var); +} + +__visible int plugin_init(struct plugin_name_args *plugin_info, + struct plugin_gcc_version *version) +{ + if (!plugin_default_version_check(version, &gcc_version)) { + error(G_("incompatible gcc/plugin versions")); + return 1; + } + + register_callback(plugin_info->base_name, PLUGIN_INFO, NULL, + &cleanup_plugin_info); + register_callback(plugin_info->base_name, PLUGIN_FINISH_DECL, + cleanup_finish_decl, NULL); + + return 0; +} --=20 2.51.0 From nobody Fri Dec 19 12:52:27 2025 Received: from sender3-pp-f112.zoho.com (sender3-pp-f112.zoho.com [136.143.184.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E5A0C2DC34D; Wed, 5 Nov 2025 08:48:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=pass smtp.client-ip=136.143.184.112 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762332502; cv=pass; b=VHFolp0oq6DQKiDOAJyozLBkLjwQo9GU0mmpOae3eNTxyIerThJ0zPmahoTyR3VaXSZSO2poyyNBdMQ5bJKG3+IdgO3Th89DIgWpJmlYxeUTKI9s3WHcDZZpCVmoeRl239ype1MyuHSu2ns0OwSbFiUc+bqEXNdAtHoadK1uB0E= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762332502; c=relaxed/simple; bh=R/TbI84eFp9kXjDw88iosgHhX0aGRc0fsZmAH+tj+3k=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=lE0g5dP5WEWOSE90O2Npo14/xh/vPjBK3F+WpGQ5WEfAgma3qDCdhPdtWjtbWmWNAz4F51PLUuoN9qPQu0ZFuF8v4njvXA3pH9vFc+MTN6zAIgIaDuR8XrXBMdk1/wxOqcsNVrtiMsgW1QWsFRdEQZSqJP/kOFkWtgP8y+dM9PY= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux.beauty; spf=pass smtp.mailfrom=linux.beauty; dkim=pass (1024-bit key) header.d=linux.beauty header.i=me@linux.beauty header.b=Ruapu6zF; arc=pass smtp.client-ip=136.143.184.112 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux.beauty Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.beauty Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.beauty header.i=me@linux.beauty header.b="Ruapu6zF" ARC-Seal: i=1; a=rsa-sha256; t=1762332467; cv=none; d=zohomail.com; s=zohoarc; b=kWoQo5BdJD42/7cG3lCsHWFhsVYctDvr4Ozz1EM15SbZzCaQRUVncp1qzA1/vV0yRIBi4smKylYpyn7TyM/NHSMFS53dMi01R9hjbmS383ooJSJv+4UQP8dloA2uOgmGFSwXWsLXGDFErOFfSwQUPjoH9A0P5DWXW/J0DEilVr8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1762332467; h=Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=bL264gMYmKx98ivmk0jTfYv5p7G6wPZT+qugzMLjMzI=; b=nQ4mheCmw/eXDEo5KJTk2FLYGAuCYfWODzPrQHLJSEDFtbopjy4FA9ANtYrxD1YEDT/3FVVrP7oshkFdge+XMoDVYAUlKU/0wN/DuZhUKQSxP0Q4aUGmgfJkZu4Bhhx5e+d8p00wtnSPYYbEosQcgbULQhxahejAk/we+y0x1rs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=linux.beauty; spf=pass smtp.mailfrom=me@linux.beauty; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1762332467; s=zmail; d=linux.beauty; i=me@linux.beauty; h=From:From:To:To:Subject:Subject:Date:Date:Message-ID:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Message-Id:Reply-To:Cc; bh=bL264gMYmKx98ivmk0jTfYv5p7G6wPZT+qugzMLjMzI=; b=Ruapu6zFTd23g4HL8YN9g0WCIbV+Dk0rEYn9G3O1pIYG0DH/mWAPFoozkbQ7hdv/ 61YQpgbzFDO6JtRrw1zjvPiAus1BQXZayy21tkbCxvfBQTasBYhvK1Bx2inIxRASj2K tni5NuE7MltSeH9APtON9MoWPOpfWaF2Wq4J6E/M= Received: by mx.zohomail.com with SMTPS id 1762332464994471.04425031461585; Wed, 5 Nov 2025 00:47:44 -0800 (PST) From: Li Chen To: Kees Cook , Nathan Chancellor , Nicolas Schier , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org, Dongsheng Yang , Zheng Gu , dm-devel@lists.linux.dev Subject: [PATCH 1/3] dm-pcache: allow built-in build and rename flush helper Date: Wed, 5 Nov 2025 16:46:52 +0800 Message-ID: <20251105084733.3598704-2-me@linux.beauty> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251105084733.3598704-1-me@linux.beauty> References: <20251105084733.3598704-1-me@linux.beauty> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMailClient: External Content-Type: text/plain; charset="utf-8" From: Li Chen CONFIG_BCACHE is tristate, so dm-pcache can also be built-in. Switch the Makefile to use obj-$(CONFIG_DM_PCACHE) so the target can be linked into vmlinux instead of always being a loadable module. Also rename cache_flush() to pcache_cache_flush() to avoid a global symbol clash with sunrpc/cache.c's cache_flush(). Signed-off-by: Li Chen --- drivers/md/dm-pcache/Makefile | 2 +- drivers/md/dm-pcache/cache.c | 2 +- drivers/md/dm-pcache/cache.h | 2 +- drivers/md/dm-pcache/cache_req.c | 6 +++--- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/md/dm-pcache/Makefile b/drivers/md/dm-pcache/Makefile index 86776e4acad24..cedfd38854f63 100644 --- a/drivers/md/dm-pcache/Makefile +++ b/drivers/md/dm-pcache/Makefile @@ -1,3 +1,3 @@ dm-pcache-y :=3D dm_pcache.o cache_dev.o segment.o backing_dev.o cache.o c= ache_gc.o cache_writeback.o cache_segment.o cache_key.o cache_req.o =20 -obj-m +=3D dm-pcache.o +obj-$(CONFIG_DM_PCACHE) +=3D dm-pcache.o diff --git a/drivers/md/dm-pcache/cache.c b/drivers/md/dm-pcache/cache.c index d8e92367d9470..d516d49042272 100644 --- a/drivers/md/dm-pcache/cache.c +++ b/drivers/md/dm-pcache/cache.c @@ -411,7 +411,7 @@ void pcache_cache_stop(struct dm_pcache *pcache) { struct pcache_cache *cache =3D &pcache->cache; =20 - cache_flush(cache); + pcache_cache_flush(cache); =20 cancel_delayed_work_sync(&cache->gc_work); flush_work(&cache->clean_work); diff --git a/drivers/md/dm-pcache/cache.h b/drivers/md/dm-pcache/cache.h index 1136d86958c8c..27613b56be54c 100644 --- a/drivers/md/dm-pcache/cache.h +++ b/drivers/md/dm-pcache/cache.h @@ -339,7 +339,7 @@ void cache_seg_put(struct pcache_cache_segment *cache_s= eg); void cache_seg_set_next_seg(struct pcache_cache_segment *cache_seg, u32 se= g_id); =20 /* cache request*/ -int cache_flush(struct pcache_cache *cache); +int pcache_cache_flush(struct pcache_cache *cache); void miss_read_end_work_fn(struct work_struct *work); int pcache_cache_handle_req(struct pcache_cache *cache, struct pcache_requ= est *pcache_req); =20 diff --git a/drivers/md/dm-pcache/cache_req.c b/drivers/md/dm-pcache/cache_= req.c index 27f94c1fa968c..7854a30e07b7f 100644 --- a/drivers/md/dm-pcache/cache_req.c +++ b/drivers/md/dm-pcache/cache_req.c @@ -790,7 +790,7 @@ static int cache_write(struct pcache_cache *cache, stru= ct pcache_request *pcache } =20 /** - * cache_flush - Flush all ksets to persist any pending cache data + * pcache_cache_flush - Flush all ksets to persist any pending cache data * @cache: Pointer to the cache structure * * This function iterates through all ksets associated with the provided `= cache` @@ -802,7 +802,7 @@ static int cache_write(struct pcache_cache *cache, stru= ct pcache_request *pcache * the respective error code, preventing the flush operation from proceedi= ng to * subsequent ksets. */ -int cache_flush(struct pcache_cache *cache) +int pcache_cache_flush(struct pcache_cache *cache) { struct pcache_cache_kset *kset; int ret; @@ -827,7 +827,7 @@ int pcache_cache_handle_req(struct pcache_cache *cache,= struct pcache_request *p struct bio *bio =3D pcache_req->bio; =20 if (unlikely(bio->bi_opf & REQ_PREFLUSH)) - return cache_flush(cache); + return pcache_cache_flush(cache); =20 if (bio_data_dir(bio) =3D=3D READ) return cache_read(cache, pcache_req); --=20 2.51.0 From nobody Fri Dec 19 12:52:27 2025 Received: from sender3-pp-f112.zoho.com (sender3-pp-f112.zoho.com [136.143.184.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6B08D2E6CB2; Wed, 5 Nov 2025 08:49:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=pass smtp.client-ip=136.143.184.112 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762332557; cv=pass; b=Hj9m3ABexzI6cT7nWam2EaqnzqsitxkzmrXuFPSmAIZSGMcg6qeT7Q0AsFHf27sijd/Djc7q+s1KifJhtkgMkT8F8Mmgsqh8zO3pPjcfAnEkDpxAVP/3Co5rdUaBpoGMs6RNbjEIv1c69MEU552KHrXbsnwzSCHBgXYqCWLno/8= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762332557; c=relaxed/simple; bh=yiGrjs75fyLTFiMwVzXEQJt4oKYvb0+AYFi5krlpasY=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=seYUqS90LmD+MYXVqUCWscMIpeBH2iMus31Eel/FZtYedqannO8zEPdEXNZn9ODP5YrCL06yNyOc91x5mA7Ub8+0qWWTJ/EUGYM2egzHCgebR4HQnHSdivPyLRXK1bn+HofozWK4Vy+BexecHvvKK9FEGJyl1PAk+jQzCWp1+g4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux.beauty; spf=pass smtp.mailfrom=linux.beauty; dkim=pass (1024-bit key) header.d=linux.beauty header.i=me@linux.beauty header.b=EN1zYRuK; arc=pass smtp.client-ip=136.143.184.112 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux.beauty Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.beauty Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.beauty header.i=me@linux.beauty header.b="EN1zYRuK" ARC-Seal: i=1; a=rsa-sha256; t=1762332483; cv=none; d=zohomail.com; s=zohoarc; b=FpVYjTSmvcPB7erhasSLPnYblzXgmY4BpZiIo7gpiI9XBn0a36q8lYc39Yu87BnoqNLxL7Ii5NIRjrHC8rsxw8BYE8mQUWr4rO238WX2t0DjQZDQlioEV8cSoiOc4XJdTCUj3Pt+4lGI6Kuf7BOd0JaV0+oGkgTyxxJelHEPsBI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1762332483; h=Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=wrRPwt6IkvJ4ZhCaQOdwli+v3sIwVOexH2dQi6/JPzE=; b=cHfeTCiXWawsFmPD76cyigoFKYtWWhah85Rdi/c056jL9l7ADyonBh/SKNXz2nmH+YwH8kXQAq1KEwM80XpIgkMx9H2NizvkiKeSdOn/hPV+7si3dogVnFd/uv/Mm5C4IcNtwJTIDKqidzRbAY/escF3y5VvYFSA6MLaNwi/gAY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=linux.beauty; spf=pass smtp.mailfrom=me@linux.beauty; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1762332483; s=zmail; d=linux.beauty; i=me@linux.beauty; h=From:From:To:To:Subject:Subject:Date:Date:Message-ID:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Message-Id:Reply-To:Cc; bh=wrRPwt6IkvJ4ZhCaQOdwli+v3sIwVOexH2dQi6/JPzE=; b=EN1zYRuKGT2Lzgq0JO+4fO0pyLx3vGvjJuDR6fyk6kaoz90EqvNmdmlRWaQ8Kru6 giDiL4hDKT3GXdEqoPW0lD5p0u7Kzq0eren8u0IqgATNpRpKD3GVimor1aYFW2VEvfT 3CGS5+xfCslc1ASVUBZmiyl4t7Xqg99Wkz2H057A= Received: by mx.zohomail.com with SMTPS id 1762332480777684.5516940794636; Wed, 5 Nov 2025 00:48:00 -0800 (PST) From: Li Chen To: Kees Cook , Nathan Chancellor , Nicolas Schier , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org Subject: [RFC PATCH 2/2] gcc-plugins: cleanup_plugin: detect NULL init Date: Wed, 5 Nov 2025 16:46:57 +0800 Message-ID: <20251105084733.3598704-7-me@linux.beauty> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251105084733.3598704-1-me@linux.beauty> References: <20251105084733.3598704-1-me@linux.beauty> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMailClient: External Content-Type: text/plain; charset="utf-8" From: Li Chen The cleanup_plugin should warn about both uninitialized cleanup variables and those initialized to NULL, as documented in include/linux/cleanup.h. The "__free(...) =3D NULL" pattern at function top poses interdependency problems. Also, plugin warnings should not be converted to errors by -Werror, as they are informational warnings meant to guide developers, not block builds. Signed-off-by: Li Chen --- scripts/gcc-plugins/Kconfig | 2 +- scripts/gcc-plugins/cleanup_plugin.c | 122 ++++++++++++++++++++++++--- 2 files changed, 111 insertions(+), 13 deletions(-) diff --git a/scripts/gcc-plugins/Kconfig b/scripts/gcc-plugins/Kconfig index 906d50eb5efa6..ae6f79c617149 100644 --- a/scripts/gcc-plugins/Kconfig +++ b/scripts/gcc-plugins/Kconfig @@ -40,6 +40,6 @@ config GCC_PLUGIN_CLEANUP_ATTRIBUTE_WARN def_bool y help Warn when local automatic variables annotated with - __attribute__((cleanup(...))) are declared without an initializer. + __attribute__((cleanup(...))) are declared without an constructor. =20 endif diff --git a/scripts/gcc-plugins/cleanup_plugin.c b/scripts/gcc-plugins/cle= anup_plugin.c index d28f8969186de..c0744bbb7ef15 100644 --- a/scripts/gcc-plugins/cleanup_plugin.c +++ b/scripts/gcc-plugins/cleanup_plugin.c @@ -1,7 +1,69 @@ // SPDX-License-Identifier: GPL-2.0 /* - * Warn about uninitialized automatic variables that use the - * __attribute__((cleanup(...))) attribute. + * Copyright 2025 by Li Chen + * + * This gcc plugin warns about problematic patterns when using variables + * with __attribute__((cleanup(...))). The cleanup attribute helpers + * (__free, DEFINE_FREE, etc.) are designed to automatically clean up + * resources when variables go out of scope, following LIFO ordering. + * However, certain patterns can lead to interdependency issues. + * + * The plugin detects two problematic patterns: + * + * 1. Uninitialized cleanup variables: + * Variables declared with cleanup attributes but not initialized can + * cause issues when cleanup functions are called on undefined values. + * + * Example: + * void func(void) + * { + * struct resource *res __free(cleanup); // Warning: not initializ= ed + * res =3D acquire_resource(); + * // ... + * } + * + * Should be: + * void func(void) + * { + * struct resource *res __free(cleanup) =3D acquire_resource(); + * // ... + * } + * + * 2. NULL-initialized cleanup variables: + * The "__free(...) =3D NULL" pattern at function top can cause + * interdependency problems, especially when combined with guards or + * multiple cleanup variables, as documented in include/linux/cleanup.h. + * + * Example: + * void func(void) + * { + * struct resource *res __free(cleanup) =3D NULL; // Warning: NULL= init + * guard(mutex)(&lock); + * res =3D acquire_resource(); + * // cleanup may run without lock held! + * } + * + * Should be: + * void func(void) + * { + * guard(mutex)(&lock); + * struct resource *res __free(cleanup) =3D acquire_resource(); + * // ... + * } + * + * The plugin provides clear warnings to help developers identify these + * patterns during compilation. Importantly, these warnings are not + * converted to errors by -Werror, allowing builds to continue while + * still alerting developers to potential issues. + * + * Options: + * - None currently supported + * + * Attribute: __attribute__((cleanup(...))) + * The cleanup gcc attribute can be used on automatic variables to + * specify a function to be called when the variable goes out of scope. + * This plugin validates that such variables are properly initialized + * at declaration time to avoid interdependency issues. */ =20 #include "gcc-common.h" @@ -41,38 +103,74 @@ static bool is_candidate_decl(tree var) return true; } =20 -static bool has_declaration_initializer(tree var) +static bool is_null_initializer(tree initial) { - if (DECL_INITIAL(var)) + if (!initial) + return false; + + /* Check if the initializer is NULL pointer constant */ + if (initial =3D=3D null_pointer_node) return true; =20 -#ifdef DECL_INITIALIZED_P - if (DECL_INITIALIZED_P(var)) + /* Check if it's an integer constant zero (which can be NULL) */ + if (TREE_CODE(initial) =3D=3D INTEGER_CST && integer_zerop(initial)) return true; -#endif =20 return false; } =20 +static bool has_valid_declaration_initializer(tree var) +{ + tree initial =3D DECL_INITIAL(var); + + /* No initializer at all */ + if (!initial) { +#ifdef DECL_INITIALIZED_P + if (DECL_INITIALIZED_P(var)) + return true; +#endif + return false; + } + + /* NULL initialization is considered invalid for cleanup variables */ + if (is_null_initializer(initial)) + return false; + + /* Any other non-NULL initializer is valid */ + return true; +} + static void warn_if_uninitialized(tree var) { location_t loc; bool saved_warning_as_error; + tree initial =3D DECL_INITIAL(var); + bool is_null_init =3D false; =20 - if (has_declaration_initializer(var)) + if (has_valid_declaration_initializer(var)) return; =20 loc =3D DECL_SOURCE_LOCATION(var); if (loc =3D=3D UNKNOWN_LOCATION) return; =20 + /* Check if it's a NULL initialization */ + is_null_init =3D initial && is_null_initializer(initial); + /* Temporarily disable treating warnings as errors for this specific warn= ing */ saved_warning_as_error =3D global_dc->warning_as_error_requested_p(); global_dc->set_warning_as_error_requested(false); - warning_at( - loc, 0, - "%qD declared with cleanup attribute is not initialized at declaration", - var); + if (is_null_init) { + warning_at( + loc, 0, + "%qD declared with cleanup attribute is initialized to NULL at declarat= ion", + var); + } else { + warning_at( + loc, 0, + "%qD declared with cleanup attribute is not initialized at declaration", + var); + } /* Restore the original setting */ global_dc->set_warning_as_error_requested(saved_warning_as_error); } --=20 2.51.0 From nobody Fri Dec 19 12:52:27 2025 Received: from sender3-pp-f112.zoho.com (sender3-pp-f112.zoho.com [136.143.184.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6CC542DF141; Wed, 5 Nov 2025 08:48:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=pass smtp.client-ip=136.143.184.112 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762332515; cv=pass; b=CHB5oyw/n0mNpf+qUJZU1zJsvV/rO8n7WhhaLW6L15GfvkFg9Dy72WT76tQc0SQtoP34CaGG2jL3zbzRfe1lNAMS7g2wGh/Kv7aa6ou7HgX1IAkPGVlTL58G9DDL9iU27s/tQrOPGEERyGhh0C+scR25dRJXWoZLbxn+Kwlxes4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762332515; c=relaxed/simple; bh=Pm4gfPGpEvl7urYYvAAc//M9O+0YLVRYbm6O0V4Wi5E=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=fraEDkoJPDOrawaCmKWyLjc+ALD/oyveHR0leKfgwCW6E+avIoOiK8AFsHWvJ0L3JyE/Fq0ThuOWlgVoPJDmjRrvnKiClZmDdThql/3LBFpwGK8tHOVxy1/cMMezH3wbB/hvpWXqX8RoEdQvsBiKJ9wsWyZcLrr/P/XBabNXrlo= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux.beauty; spf=pass smtp.mailfrom=linux.beauty; dkim=pass (1024-bit key) header.d=linux.beauty header.i=me@linux.beauty header.b=YOVJZ3dw; arc=pass smtp.client-ip=136.143.184.112 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux.beauty Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.beauty Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.beauty header.i=me@linux.beauty header.b="YOVJZ3dw" ARC-Seal: i=1; a=rsa-sha256; t=1762332471; cv=none; d=zohomail.com; s=zohoarc; b=GB/bfm/hhQEdLL32vdewOf2VFPFDHj8Q35Ir9rAtSa1vFPX+6sW8d7QjXD8I4OTCRA26VXzkffiL3A/6NSoMxy8MUW9t9CPYR6JUyw+70TRFUkHV7sPxIcQb7IUibXk+5xsVpJjFO+3BTkzdxnfUmiTUP7/jZjQrSzHiotdLAKM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1762332471; h=Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=LWxPD1jqIGf0eGjGt5kSF5OaU2M0+DsfoZfQTI0FPb0=; b=Vtk2qXzOYFR4KtQm2y8RInkcEwlSuDOU4rXuMG+cxrE1n+aGWbzs/FOl1kFx0C4R/0pH+e6xVoa3LZ3yGzkFgYNfbesECq98P1jEMegnOGIlRqlknZA0n9RieSA/ODESbL/PVIOyIFIbrglX83YvZkfou3umgN1jQIyXm8dkuNg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=linux.beauty; spf=pass smtp.mailfrom=me@linux.beauty; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1762332471; s=zmail; d=linux.beauty; i=me@linux.beauty; h=From:From:To:To:Subject:Subject:Date:Date:Message-ID:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Message-Id:Reply-To:Cc; bh=LWxPD1jqIGf0eGjGt5kSF5OaU2M0+DsfoZfQTI0FPb0=; b=YOVJZ3dw/wWxX207nFOt/1I8vi/e55aKjBu+NCHKIR6sg42TsI6MgU/whjrAzAE3 3N9Ko6vxtmJYNHw4UTcrEv50N6Z3hG7VPxrfztPFGeQdmwitt3dI4bioAys4wbmPXUq IECYEwjkWRYbbp0AyYVQoDpVmCpK6tOrAAYjfBNk= Received: by mx.zohomail.com with SMTPS id 1762332468517747.7914752177128; Wed, 5 Nov 2025 00:47:48 -0800 (PST) From: Li Chen To: Kees Cook , Nathan Chancellor , Nicolas Schier , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org, Dongsheng Yang , Zheng Gu , dm-devel@lists.linux.dev Subject: [PATCH 2/3] dm-pcache: reuse meta_addr in pcache_meta_find_latest Date: Wed, 5 Nov 2025 16:46:53 +0800 Message-ID: <20251105084733.3598704-3-me@linux.beauty> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251105084733.3598704-1-me@linux.beauty> References: <20251105084733.3598704-1-me@linux.beauty> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMailClient: External Content-Type: text/plain; charset="utf-8" From: Li Chen pcache_meta_find_latest() already computes the metadata address as meta_addr. Reuse that instead of recomputing. Signed-off-by: Li Chen --- drivers/md/dm-pcache/pcache_internal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/md/dm-pcache/pcache_internal.h b/drivers/md/dm-pcache/= pcache_internal.h index d427e534727ce..b7a3319d2bd3e 100644 --- a/drivers/md/dm-pcache/pcache_internal.h +++ b/drivers/md/dm-pcache/pcache_internal.h @@ -99,7 +99,7 @@ static inline void __must_check *pcache_meta_find_latest(= struct pcache_meta_head /* Update latest if a more recent sequence is found */ if (!latest || pcache_meta_seq_after(meta->seq, seq_latest)) { seq_latest =3D meta->seq; - latest =3D (void *)header + (i * meta_max_size); + latest =3D meta_addr; } } =20 --=20 2.51.0 From nobody Fri Dec 19 12:52:27 2025 Received: from sender3-pp-f112.zoho.com (sender3-pp-f112.zoho.com [136.143.184.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 154D12DBF4B; Wed, 5 Nov 2025 08:48:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=pass smtp.client-ip=136.143.184.112 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762332526; cv=pass; b=ChqKWbWFeJgQWVBExsVuDrKwsebVWjhIHn4Z+Ch6AjMit+YxiPCW7rwFYygH9vhsauYrBK+GaUmnWIs9quKzVpSYvpAZLXRefF8Ty1lnsC8kShv5hhN0wDFX5Tvf3sO0i7wfRUCIatDZY0FDDvyjrq73h+sHd4lL+/nJL4fHT/M= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1762332526; c=relaxed/simple; bh=Dy5mN+mUFblKRdym21OGi3qMkGEXzXCYj1i7hdWWqEI=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Dk2HTVrOFXH+Hll4uToGaeFieguVglS0pMdXiTaaJHmV0OptPi2jP5aJPSxNt5pKM3Eixo4zfoSFfkOnw/JGeM/ebaSAw6LJcnxc8CPY5NOZxUacyOiw1EXcoVEdc/vkUAuPo/0W7t84oAhlKix1mspzu+p206QMrqhvdIAb5no= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux.beauty; spf=pass smtp.mailfrom=linux.beauty; dkim=pass (1024-bit key) header.d=linux.beauty header.i=me@linux.beauty header.b=VtFxd8an; arc=pass smtp.client-ip=136.143.184.112 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux.beauty Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.beauty Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.beauty header.i=me@linux.beauty header.b="VtFxd8an" ARC-Seal: i=1; a=rsa-sha256; t=1762332473; cv=none; d=zohomail.com; s=zohoarc; b=FEm1V0hQecp0D+8qxfrY41QkZS5DIncrP13A/RVZcsalMyNZIg26EeO6gIaLX5iusNMUl6r1TKj7KJo821mXmV6XWRRnSLWh9U+ToanfIkgbNHTY/gTMkyyATdSkJIgYC3UFZdInk2+thhp9u1E4cJpvjPeTMEky8I6iCUcZKmg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1762332473; h=Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=PspWpmNa95LwydSNmRMQC/seSofntuwNeQ9ulpO4Bz4=; b=QopEW/ZgTC3AfdHo0KLWQzeT2RLMUd/0GEvnJf3igu9QcfXFkmT9fiIycGA84lf8l5yr7T28V+G8refXtvdHGGt9SH18RQdQUwscEFt/tny1w85Yalo5npJi6QiOGUPqYIo97QjyP+3G6TMmhFt0Ie171PJhAXw4pkFmXZdJews= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=linux.beauty; spf=pass smtp.mailfrom=me@linux.beauty; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1762332473; s=zmail; d=linux.beauty; i=me@linux.beauty; h=From:From:To:To:Subject:Subject:Date:Date:Message-ID:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Message-Id:Reply-To:Cc; bh=PspWpmNa95LwydSNmRMQC/seSofntuwNeQ9ulpO4Bz4=; b=VtFxd8anhrmDqRA/YH3gAIEYunHRvnVptMzSUCucLOL1wSki6rdcT1l1n5SksBgE tEOfOyVxK+I/CHsoNn8iZGi3JXqwAuFzU9hdSjMbj4VPSIEBk3gnck/2rZwTFhSZay6 4L4kaNTR6D4xzYhCXqXc7jwYE+yQgMOebHDDrNnw= Received: by mx.zohomail.com with SMTPS id 1762332472045113.64560980394197; Wed, 5 Nov 2025 00:47:52 -0800 (PST) From: Li Chen To: Kees Cook , Nathan Chancellor , Nicolas Schier , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org, Dongsheng Yang , Zheng Gu , dm-devel@lists.linux.dev Subject: [PATCH 3/3] dm-pcache: avoid leaking invalid metadata in pcache_meta_find_latest() Date: Wed, 5 Nov 2025 16:46:54 +0800 Message-ID: <20251105084733.3598704-4-me@linux.beauty> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251105084733.3598704-1-me@linux.beauty> References: <20251105084733.3598704-1-me@linux.beauty> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMailClient: External Content-Type: text/plain; charset="utf-8" From: Li Chen Before this change pcache_meta_find_latest() was copying each slot directly into meta_ret while scanning. If no valid slot was found and the function returned NULL, meta_ret still held whatever was last copied (possibly CRC-bad). Later users (e.g. cache_segs_init) could mistakenly trust that data. Allocate a temporary buffer instead and only populate meta_ret after a valid/latest header is found. If no valid header exists we return NULL without touching meta_ret. Also add __free(kvfree) so the temporary buffer is always freed, and include the needed headers. Signed-off-by: Li Chen --- drivers/md/dm-pcache/pcache_internal.h | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/drivers/md/dm-pcache/pcache_internal.h b/drivers/md/dm-pcache/= pcache_internal.h index b7a3319d2bd3e..ac28f9dd2986f 100644 --- a/drivers/md/dm-pcache/pcache_internal.h +++ b/drivers/md/dm-pcache/pcache_internal.h @@ -4,6 +4,8 @@ =20 #include #include +#include +#include =20 #define pcache_err(fmt, ...) \ pr_err("dm-pcache: %s:%u " fmt, __func__, __LINE__, ##__VA_ARGS__) @@ -79,14 +81,17 @@ static inline void __must_check *pcache_meta_find_lates= t(struct pcache_meta_head u32 meta_size, u32 meta_max_size, void *meta_ret) { - struct pcache_meta_header *meta, *latest =3D NULL; + struct pcache_meta_header *latest =3D NULL; + struct pcache_meta_header *meta __free(kvfree); u32 i, seq_latest =3D 0; - void *meta_addr; =20 - meta =3D meta_ret; + meta =3D kvzalloc(meta_size, GFP_KERNEL); + if (!meta) + return ERR_PTR(-ENOMEM); =20 for (i =3D 0; i < PCACHE_META_INDEX_MAX; i++) { - meta_addr =3D (void *)header + (i * meta_max_size); + void *meta_addr =3D (void *)header + (i * meta_max_size); + if (copy_mc_to_kernel(meta, meta_addr, meta_size)) { pcache_err("hardware memory error when copy meta"); return ERR_PTR(-EIO); --=20 2.51.0