From patchwork Mon Sep  5 12:24:51 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alexander Potapenko <glider@google.com>
X-Patchwork-Id: 12966074
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 79495C54EE9
	for <linux-mm@archiver.kernel.org>; Mon,  5 Sep 2022 12:26:58 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 19C7E8D0092; Mon,  5 Sep 2022 08:26:58 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 0FE0F8D0076; Mon,  5 Sep 2022 08:26:58 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id F07BA8D0092; Mon,  5 Sep 2022 08:26:57 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com
 [216.40.44.15])
	by kanga.kvack.org (Postfix) with ESMTP id E080D8D0076
	for <linux-mm@kvack.org>; Mon,  5 Sep 2022 08:26:57 -0400 (EDT)
Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay06.hostedemail.com (Postfix) with ESMTP id B8914AB69B
	for <linux-mm@kvack.org>; Mon,  5 Sep 2022 12:26:57 +0000 (UTC)
X-FDA: 79877956074.14.86409EA
Received: from mail-ed1-f73.google.com (mail-ed1-f73.google.com
 [209.85.208.73])
	by imf07.hostedemail.com (Postfix) with ESMTP id 7492C40052
	for <linux-mm@kvack.org>; Mon,  5 Sep 2022 12:26:57 +0000 (UTC)
Received: by mail-ed1-f73.google.com with SMTP id
 h6-20020aa7de06000000b004483647900fso5815487edv.21
        for <linux-mm@kvack.org>; Mon, 05 Sep 2022 05:26:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date;
        bh=RV5QTvMygwcM31S/hyrs6MnTkve28DlweGTrQchhxXo=;
        b=UJpdtPzQ4jg2bWxTTvLaBi+Ut8ibPGKpNFhDZh0iWTz3b+amhz6N+AZttgF2UwhDsT
         0LBgQGCXwZMpWRgLy4vET4fOKKKgXxY1KuDJisX2XchJTyi2VCCX2dm68m0DAAvKGjC4
         xIiTur2vx0OwVtk/WuhzSCK0dCMGsAVAL1CUqR69b/4FX/L7L9Ac2f05uDt/2u86QFT3
         sZ1YamUl4cHshGvep6afoqIL2W3pcn/R7pZmOmD+ro7M2AzkNlTp3ADlUIg3hz9E6cPD
         /LU/ibYLRJEjq+u+M10jxNd1fjPNCkgQzBqOq14Kbt19kwHHkgk2aqR1DyBMN6VYb1BR
         uz3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date;
        bh=RV5QTvMygwcM31S/hyrs6MnTkve28DlweGTrQchhxXo=;
        b=q3nBI8x2W7tZ400yCqo8HhmKNj1sWZ06aPZXyc83sGh78fvMrmfm+9Y2yD3bZuvizU
         4WZnKj5tsxCfVnQWeKgjbY6vgHQEXsbEYceMl/TZT7t/hRZg5lD4EVQqr+aIV4xuZ8M2
         hAMWFEyU4wj6iP9/eYtlUMKSOO/X/foZLVJ0/Z0yi2W0NPFHGozNm0Pw/2JSQropGuJ1
         VHPSzHlgGRLetke9K80JGuI2fEV77qK23jIq7nG8F9AmXkYIuhDpxoE0FDFgVu4XWrD3
         879Q2Sg18QcjY4ERvf/bVdaE4WOOKZXZlwQaxmRDP2us4W3zN/wT63ato/hm4TBX4CdW
         vLHQ==
X-Gm-Message-State: ACgBeo2/M2m1HDknH7/Rf7I7WK9SsfZJJQ/M7SXtKUi44jkFhwJWTGH8
	i171UHGXelc5lLVc3qCFkefEUPie25Y=
X-Google-Smtp-Source: 
 AA6agR7PXaXryyLZJx+eRIAfaY6wz+72tUpar4Sm/m5k7H+ezMzVzMxUtwtMAFDWbsTMvDkpBpYpems7Myc=
X-Received: from glider.muc.corp.google.com
 ([2a00:79e0:9c:201:b808:8d07:ab4a:554c])
 (user=glider job=sendgmr) by 2002:aa7:cb87:0:b0:43b:e650:6036 with SMTP id
 r7-20020aa7cb87000000b0043be6506036mr44092076edt.350.1662380816223; Mon, 05
 Sep 2022 05:26:56 -0700 (PDT)
Date: Mon,  5 Sep 2022 14:24:51 +0200
In-Reply-To: <20220905122452.2258262-1-glider@google.com>
Mime-Version: 1.0
References: <20220905122452.2258262-1-glider@google.com>
X-Mailer: git-send-email 2.37.2.789.g6183377224-goog
Message-ID: <20220905122452.2258262-44-glider@google.com>
Subject: [PATCH v6 43/44] mm: fs: initialize fsdata passed to
 write_begin/write_end interface
From: Alexander Potapenko <glider@google.com>
To: glider@google.com
Cc: Alexander Viro <viro@zeniv.linux.org.uk>,
 Alexei Starovoitov <ast@kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
 Andrey Konovalov <andreyknvl@google.com>,
	Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
 Borislav Petkov <bp@alien8.de>,
	Christoph Hellwig <hch@lst.de>, Christoph Lameter <cl@linux.com>,
 David Rientjes <rientjes@google.com>,
	Dmitry Vyukov <dvyukov@google.com>, Eric Dumazet <edumazet@google.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
 Herbert Xu <herbert@gondor.apana.org.au>,
	Ilya Leoshkevich <iii@linux.ibm.com>, Ingo Molnar <mingo@redhat.com>,
 Jens Axboe <axboe@kernel.dk>,
	Joonsoo Kim <iamjoonsoo.kim@lge.com>, Kees Cook <keescook@chromium.org>,
	Marco Elver <elver@google.com>, Mark Rutland <mark.rutland@arm.com>,
	Matthew Wilcox <willy@infradead.org>, "Michael S. Tsirkin" <mst@redhat.com>,
 Pekka Enberg <penberg@kernel.org>,
	Peter Zijlstra <peterz@infradead.org>, Petr Mladek <pmladek@suse.com>,
	Steven Rostedt <rostedt@goodmis.org>, Thomas Gleixner <tglx@linutronix.de>,
	Vasily Gorbik <gor@linux.ibm.com>, Vegard Nossum <vegard.nossum@oracle.com>,
	Vlastimil Babka <vbabka@suse.cz>, kasan-dev@googlegroups.com,
 linux-mm@kvack.org,
	linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org
ARC-Authentication-Results: i=1;
	imf07.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=UJpdtPzQ;
	spf=pass (imf07.hostedemail.com: domain of
 3EOsVYwYKCF0BGD89MBJJBG9.7JHGDIPS-HHFQ57F.JMB@flex--glider.bounces.google.com
 designates 209.85.208.73 as permitted sender)
 smtp.mailfrom=3EOsVYwYKCF0BGD89MBJJBG9.7JHGDIPS-HHFQ57F.JMB@flex--glider.bounces.google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1662380817; a=rsa-sha256;
	cv=none;
	b=LHKht1Ds3ie/WpSic3/u06ueh96MoCTM5d/zC85xizJjGJDFit06PE/3k8gcEXB46VPQIU
	97CT1+OqWvXD5vc1rNCyQSppaJ5HXLqg2Fd95t00Hun6wmc5AtZDGXK7eNWw861SSmUE20
	OeR/hVKkUEimfEuBXC9MWz/DxpU8MV0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1662380817;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=RV5QTvMygwcM31S/hyrs6MnTkve28DlweGTrQchhxXo=;
	b=BMzd7x1K9gApMQamf8bn19XXYpEJ5aTjOg6tpKDqT8gYQnAI1eeYuHZnTzMrfJoLc9lzEz
	WaGXxwLcrf2YpO7lDpJyrcKjvq7XrBut08QjYk23yBoeho7P9NlWAlAhl7xWpKWVYidQ/2
	E0TXOqg+lo/rkE+irtfuzPbtWdprOaY=
X-Stat-Signature: xtchfsbint896oe6w9dfs1dg7g8ctrpz
X-Rspamd-Queue-Id: 7492C40052
X-Rspam-User: 
Authentication-Results: imf07.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=UJpdtPzQ;
	spf=pass (imf07.hostedemail.com: domain of
 3EOsVYwYKCF0BGD89MBJJBG9.7JHGDIPS-HHFQ57F.JMB@flex--glider.bounces.google.com
 designates 209.85.208.73 as permitted sender)
 smtp.mailfrom=3EOsVYwYKCF0BGD89MBJJBG9.7JHGDIPS-HHFQ57F.JMB@flex--glider.bounces.google.com;
	dmarc=pass (policy=reject) header.from=google.com
X-Rspamd-Server: rspam07
X-HE-Tag: 1662380817-157362
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

Functions implementing the a_ops->write_end() interface accept the
`void *fsdata` parameter that is supposed to be initialized by the
corresponding a_ops->write_begin() (which accepts `void **fsdata`).

However not all a_ops->write_begin() implementations initialize `fsdata`
unconditionally, so it may get passed uninitialized to a_ops->write_end(),
resulting in undefined behavior.

Fix this by initializing fsdata with NULL before the call to
write_begin(), rather than doing so in all possible a_ops
implementations.

This patch covers only the following cases found by running x86 KMSAN
under syzkaller:

 - generic_perform_write()
 - cont_expand_zero() and generic_cont_expand_simple()
 - page_symlink()

Other cases of passing uninitialized fsdata may persist in the codebase.

Signed-off-by: Alexander Potapenko <glider@google.com>
---
Link: https://linux-review.googlesource.com/id/Ie300c21bbe9dea69a730745bd3c6d2720953bf41
---
 fs/buffer.c  | 4 ++--
 fs/namei.c   | 2 +-
 mm/filemap.c | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/fs/buffer.c b/fs/buffer.c
index 55e762a58eb65..e1198f4b28c8f 100644
--- a/fs/buffer.c
+++ b/fs/buffer.c
@@ -2352,7 +2352,7 @@ int generic_cont_expand_simple(struct inode *inode, loff_t size)
 	struct address_space *mapping = inode->i_mapping;
 	const struct address_space_operations *aops = mapping->a_ops;
 	struct page *page;
-	void *fsdata;
+	void *fsdata = NULL;
 	int err;
 
 	err = inode_newsize_ok(inode, size);
@@ -2378,7 +2378,7 @@ static int cont_expand_zero(struct file *file, struct address_space *mapping,
 	const struct address_space_operations *aops = mapping->a_ops;
 	unsigned int blocksize = i_blocksize(inode);
 	struct page *page;
-	void *fsdata;
+	void *fsdata = NULL;
 	pgoff_t index, curidx;
 	loff_t curpos;
 	unsigned zerofrom, offset, len;
diff --git a/fs/namei.c b/fs/namei.c
index 53b4bc094db23..076ae96ca0b14 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -5088,7 +5088,7 @@ int page_symlink(struct inode *inode, const char *symname, int len)
 	const struct address_space_operations *aops = mapping->a_ops;
 	bool nofs = !mapping_gfp_constraint(mapping, __GFP_FS);
 	struct page *page;
-	void *fsdata;
+	void *fsdata = NULL;
 	int err;
 	unsigned int flags;
 
diff --git a/mm/filemap.c b/mm/filemap.c
index 15800334147b3..ada25b9f45ad1 100644
--- a/mm/filemap.c
+++ b/mm/filemap.c
@@ -3712,7 +3712,7 @@ ssize_t generic_perform_write(struct kiocb *iocb, struct iov_iter *i)
 		unsigned long offset;	/* Offset into pagecache page */
 		unsigned long bytes;	/* Bytes to write to page */
 		size_t copied;		/* Bytes copied from user */
-		void *fsdata;
+		void *fsdata = NULL;
 
 		offset = (pos & (PAGE_SIZE - 1));
 		bytes = min_t(unsigned long, PAGE_SIZE - offset,