releases/6.3.4/statfs-enforce-statfs-structure-initialization.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From ed40866ec7d328b3dfb70db7e2011640a16202c3 Mon Sep 17 00:00:00 2001
 From: Ilya Leoshkevich <iii@linux.ibm.com>
 Date: Thu, 4 May 2023 16:40:20 +0200
 Subject: statfs: enforce statfs[64] structure initialization

 From: Ilya Leoshkevich <iii@linux.ibm.com>

 commit ed40866ec7d328b3dfb70db7e2011640a16202c3 upstream.

 s390's struct statfs and struct statfs64 contain padding, which
 field-by-field copying does not set. Initialize the respective structs
 with zeros before filling them and copying them to userspace, like it's
 already done for the compat versions of these structs.

 Found by KMSAN.

 [agordeev@linux.ibm.com: fixed typo in patch description]
 Acked-by: Heiko Carstens <hca@linux.ibm.com>
 Cc: stable@vger.kernel.org # v4.14+
 Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
 Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
 Link: https://lore.kernel.org/r/20230504144021.808932-2-iii@linux.ibm.com
 Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 ---
  fs/statfs.c |    4 ++--
  1 file changed, 2 insertions(+), 2 deletions(-)

 --- a/fs/statfs.c
 +++ b/fs/statfs.c
 @@ -130,6 +130,7 @@ static int do_statfs_native(struct kstat
  	if (sizeof(buf) == sizeof(*st))
  		memcpy(&buf, st, sizeof(*st));
  	else {
 +		memset(&buf, 0, sizeof(buf));
  		if (sizeof buf.f_blocks == 4) {
  			if ((st->f_blocks | st->f_bfree | st->f_bavail |
  			     st->f_bsize | st->f_frsize) &
 @@ -158,7 +159,6 @@ static int do_statfs_native(struct kstat
  		buf.f_namelen = st->f_namelen;
  		buf.f_frsize = st->f_frsize;
  		buf.f_flags = st->f_flags;
 -		memset(buf.f_spare, 0, sizeof(buf.f_spare));
  	}
  	if (copy_to_user(p, &buf, sizeof(buf)))
  		return -EFAULT;
 @@ -171,6 +171,7 @@ static int do_statfs64(struct kstatfs *s
  	if (sizeof(buf) == sizeof(*st))
  		memcpy(&buf, st, sizeof(*st));
  	else {
 +		memset(&buf, 0, sizeof(buf));
  		buf.f_type = st->f_type;
  		buf.f_bsize = st->f_bsize;
  		buf.f_blocks = st->f_blocks;
 @@ -182,7 +183,6 @@ static int do_statfs64(struct kstatfs *s
  		buf.f_namelen = st->f_namelen;
  		buf.f_frsize = st->f_frsize;
  		buf.f_flags = st->f_flags;
 -		memset(buf.f_spare, 0, sizeof(buf.f_spare));
  	}
  	if (copy_to_user(p, &buf, sizeof(buf)))
  		return -EFAULT;
	From ed40866ec7d328b3dfb70db7e2011640a16202c3 Mon Sep 17 00:00:00 2001
	From: Ilya Leoshkevich <iii@linux.ibm.com>
	Date: Thu, 4 May 2023 16:40:20 +0200
	Subject: statfs: enforce statfs[64] structure initialization

	From: Ilya Leoshkevich <iii@linux.ibm.com>

	commit ed40866ec7d328b3dfb70db7e2011640a16202c3 upstream.

	s390's struct statfs and struct statfs64 contain padding, which
	field-by-field copying does not set. Initialize the respective structs
	with zeros before filling them and copying them to userspace, like it's
	already done for the compat versions of these structs.

	Found by KMSAN.

	[agordeev@linux.ibm.com: fixed typo in patch description]
	Acked-by: Heiko Carstens <hca@linux.ibm.com>
	Cc: stable@vger.kernel.org # v4.14+
	Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
	Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
	Link: https://lore.kernel.org/r/20230504144021.808932-2-iii@linux.ibm.com
	Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>
	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	---
	fs/statfs.c \| 4 ++--
	1 file changed, 2 insertions(+), 2 deletions(-)

	--- a/fs/statfs.c
	+++ b/fs/statfs.c
	@@ -130,6 +130,7 @@ static int do_statfs_native(struct kstat
	if (sizeof(buf) == sizeof(*st))
	memcpy(&buf, st, sizeof(*st));
	else {
	+ memset(&buf, 0, sizeof(buf));
	if (sizeof buf.f_blocks == 4) {
	if ((st->f_blocks \| st->f_bfree \| st->f_bavail \|
	st->f_bsize \| st->f_frsize) &
	@@ -158,7 +159,6 @@ static int do_statfs_native(struct kstat
	buf.f_namelen = st->f_namelen;
	buf.f_frsize = st->f_frsize;
	buf.f_flags = st->f_flags;
	- memset(buf.f_spare, 0, sizeof(buf.f_spare));
	}
	if (copy_to_user(p, &buf, sizeof(buf)))
	return -EFAULT;
	@@ -171,6 +171,7 @@ static int do_statfs64(struct kstatfs *s
	if (sizeof(buf) == sizeof(*st))
	memcpy(&buf, st, sizeof(*st));
	else {
	+ memset(&buf, 0, sizeof(buf));
	buf.f_type = st->f_type;
	buf.f_bsize = st->f_bsize;
	buf.f_blocks = st->f_blocks;
	@@ -182,7 +183,6 @@ static int do_statfs64(struct kstatfs *s
	buf.f_namelen = st->f_namelen;
	buf.f_frsize = st->f_frsize;
	buf.f_flags = st->f_flags;
	- memset(buf.f_spare, 0, sizeof(buf.f_spare));
	}
	if (copy_to_user(p, &buf, sizeof(buf)))
	return -EFAULT;