From nobody Sat Feb 18 11:55:51 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PJnFN0jSjz3s70W;
Sat, 18 Feb 2023 11:55:52 +0000 (UTC)
(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4PJnFM4cfzz3CNn;
Sat, 18 Feb 2023 11:55:51 +0000 (UTC)
(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
t=1676721351;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding;
bh=9dUJtYuuiXWJvvXpoFOpb5nCsukCNWkv04Qb/UgDGnk=;
b=Z+mJCjjXiU4Osu/0jGKLyJUSz4sRx9n3SppOhoQPEXMLOklR5Y0vafSfC6HaW1dDJYIGxz
oMNMmmADWJ4SXG+Iaa/c52pl4QN7rIf5BUlLMDxWiEAVnWPsWNuxbkGI47cpQFdQ5S8pdC
BwuHTv4f626P5O3YMW5dYFWm1okEtWxRc8+zW2Zmx5hxjx1+uwzX63tfRfgcEDJh04btJu
Hq4x2EA/sFmfj+eLFx1WtJETAupOB45U2VgQDFYuzTgdjdwHCQ8Urqi6Qib3SuoWKQ4i7O
L1ZXnuzJPaabtgDijuwBJbIEU8BbburNfIioJzAhhpTNXEuanEzqU3lKlhao1Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
s=dkim; t=1676721351;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding;
bh=9dUJtYuuiXWJvvXpoFOpb5nCsukCNWkv04Qb/UgDGnk=;
b=EseixwMVpjpIH75pNwGKIzUQ42z0HReCIW1/NKfhdVxwoPmIR2ubVjd3VWRW0AIR+S3THQ
9Fowo/0Wo7R5oeErYgsal8AiG3aJDkS0H9ARwRcyrQ6/h8Jvq4BR5ir0WY9iQqdliUmdHJ
RD1y6ZeFczbpClzyJalZ2uydWXJHQZ1/Zp7bIpnIFbxNmAWlzMHgmJ7gvYcG8/04dCwvRg
J57kkTVOT/3/2gtbZQWtcemW980U+HByqchPkgG8Sry0THl6/2CudTW4vunaAyRY2J7NBG
LMQK2njSX2EaSCyZdbXv461ef9iMIpJ1vpC+GUls3YL2DTbOiH88u/IL60Vmdg==
ARC-Authentication-Results: i=1;
mx1.freebsd.org;
none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1676721351; a=rsa-sha256; cv=none;
b=eczpsFT10zAfKNgsq5dS6SB5Sli1YHpWetflbcsE9iClpvhAfHkbafIb+m4RAnHCOHJTLV
jxZVXCpfBjnXm8QlNQxOZoUW9VZHs/FEvTgFma04Pe/RR9Q6gJmXv817UjEiB9ZPnRNTQO
WNChUTAORujhUS0Vbx9vc6UL9KaEmSuAy4fWkq1VEQk4KVAynWQG96g2lWadXLR4KXY3h2
nPAFBqPJoQIok+TOvuVJI/MiSsW7vxQVbmuufwBM5YIgDBBAKLTnzW62zsj3a8If0aPjXw
iB96B9pBhESSI9rmXVth8pSD17oNoBYyLErvV00rVoKA+3VGekVG7yf5Tglsrg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PJnFM3PyVzM7F;
Sat, 18 Feb 2023 11:55:51 +0000 (UTC)
(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 31IBtpII069592;
Sat, 18 Feb 2023 11:55:51 GMT
(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 31IBtp4H069591;
Sat, 18 Feb 2023 11:55:51 GMT
(envelope-from git)
Date: Sat, 18 Feb 2023 11:55:51 GMT
Message-Id: <202302181155.31IBtp4H069591@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
dev-commits-src-branches@FreeBSD.org
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Subject: git: 2de541757e0a - stable/13 - netlink: Zero-initialize writer structures allocated on the stack
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: melifaro
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 2de541757e0a2e25ce974b3c4c29bc8b753b8b6a
Auto-Submitted: auto-generated
X-ThisMailContainsUnwantedMimeParts: N
The branch stable/13 has been updated by melifaro:
URL: https://cgit.FreeBSD.org/src/commit/?id=2de541757e0a2e25ce974b3c4c29bc8b753b8b6a
commit 2de541757e0a2e25ce974b3c4c29bc8b753b8b6a
Author: Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2023-01-26 15:46:19 +0000
Commit: Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2023-02-18 11:53:54 +0000
netlink: Zero-initialize writer structures allocated on the stack
The prevailing pattern seems to be to simply initialize all fields to
zero. Without this, it's possible to trigger a branch on uninitialized
memory, specifically, when testing nw->ignore_limit in
nlmsg_refill_buffer().
Initialize the writer structure in a couple of functions where this is
necessary.
Reported by: KMSAN
Reviewed by: melifaro
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38213
(cherry picked from commit 7a78ae88659e0f6a901574d17672d1ccdc3e971b)
---
sys/netlink/route/rt.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/sys/netlink/route/rt.c b/sys/netlink/route/rt.c
index 48a6b0928cab..59b34c53ad4b 100644
--- a/sys/netlink/route/rt.c
+++ b/sys/netlink/route/rt.c
@@ -341,9 +341,9 @@ static void
report_operation(uint32_t fibnum, struct rib_cmd_info *rc,
struct nlpcb *nlp, struct nlmsghdr *hdr)
{
- struct nl_writer nw;
-
+ struct nl_writer nw = {};
uint32_t group_id = family_to_group(rt_get_family(rc->rc_rt));
+
if (nlmsg_get_group_writer(&nw, NLMSG_SMALL, NETLINK_ROUTE, group_id)) {
struct route_nhop_data rnd = {
.rnd_nhop = rc_get_nhop(rc),
@@ -926,10 +926,9 @@ rtnl_handle_getroute(struct nlmsghdr *hdr, struct nlpcb *nlp, struct nl_pstate *
void
rtnl_handle_route_event(uint32_t fibnum, const struct rib_cmd_info *rc)
{
+ struct nl_writer nw = {};
int family, nlm_flags = 0;
- struct nl_writer nw;
-
family = rt_get_family(rc->rc_rt);
/* XXX: check if there are active listeners first */