Re: KMSAN: uninit-value in snapshot_compat_ioctl
From: Alexander Potapenko
Date: Mon Mar 09 2020 - 07:53:43 EST
> > Looks like a KMSAN false positive? As far as I can tell, the memory is being
> > initialized by put_user() called under set_fs(KERNEL_DS).
Why? put_user() doesn't write to kernel memory, instead it copies a
value to the userspace.
That's why KMSAN performs kmsan_check_memory() on it.
It would actually be better if KMSAN printed an kernel-infoleak warning instead.
> Although, it also looks like the problematic code can just be removed, since
> always sizeof(compat_loff_t) == sizeof(loff_t). I'll send a patch to do that...
Thanks!
--
Alexander Potapenko
Software Engineer
Google Germany GmbH
Erika-Mann-StraÃe, 33
80636 MÃnchen
GeschÃftsfÃhrer: Paul Manicle, Halimah DeLaine Prado
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg