Patch "bpf, x86: initialize the variable "first_off" in save_args()" has been added to the 6.5-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Wed, 15 Nov 2023 15:08:35 -0500

This is a note to let you know that I've just added the patch titled

    bpf, x86: initialize the variable "first_off" in save_args()

to the 6.5-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     bpf-x86-initialize-the-variable-first_off-in-save_args.patch
and it can be found in the queue-6.5 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From 492e797fdab25f2d8eb1b6bb3236f4aac474f878 Mon Sep 17 00:00:00 2001
From: Menglong Dong <imagedong@xxxxxxxxxxx>
Date: Wed, 19 Jul 2023 19:03:30 +0800
Subject: bpf, x86: initialize the variable "first_off" in save_args()

From: Menglong Dong <imagedong@xxxxxxxxxxx>

commit 492e797fdab25f2d8eb1b6bb3236f4aac474f878 upstream.

As Dan Carpenter reported, the variable "first_off" which is passed to
clean_stack_garbage() in save_args() can be uninitialized, which can
cause runtime warnings with KMEMsan. Therefore, init it with 0.

Fixes: 473e3150e30a ("bpf, x86: allow function arguments up to 12 for TRACING")
Cc: Hao Peng <flyingpeng@xxxxxxxxxxx>
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Closes: https://lore.kernel.org/bpf/09784025-a812-493f-9829-5e26c8691e07@moroto.mountain/
Signed-off-by: Menglong Dong <imagedong@xxxxxxxxxxx>
Link: https://lore.kernel.org/r/20230719110330.2007949-1-imagedong@xxxxxxxxxxx
Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 arch/x86/net/bpf_jit_comp.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/arch/x86/net/bpf_jit_comp.c
+++ b/arch/x86/net/bpf_jit_comp.c
@@ -1927,7 +1927,7 @@ static int get_nr_used_regs(const struct
 static void save_args(const struct btf_func_model *m, u8 **prog,
 		      int stack_size, bool for_call_origin)
 {
-	int arg_regs, first_off, nr_regs = 0, nr_stack_slots = 0;
+	int arg_regs, first_off = 0, nr_regs = 0, nr_stack_slots = 0;
 	int i, j;
 
 	/* Store function arguments to stack.


Patches currently in stable-queue which might be from imagedong@xxxxxxxxxxx are

queue-6.5/bpf-x86-allow-function-arguments-up-to-12-for-tracin.patch
queue-6.5/bpf-x86-initialize-the-variable-first_off-in-save_args.patch
queue-6.5/bpf-x86-save-restore-regs-with-bpf_dw-size.patch






