tree:   https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
head:   5c92ddca1053df02387e8006d06094e18cc8538a
commit: bfcdbae0523bd95eb75a739ffb6221a37109881e [7342/7594] fs/ntfs3: Validate index root when initialize NTFS security
config: mips-randconfig-s051-20221114
compiler: mips-linux-gcc (GCC) 12.1.0
reproduce:
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # apt-get install sparse
        # sparse version: v0.6.4-39-gce1a6720-dirty
        # https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=bfcdbae0523bd95eb75a739ffb6221a37109881e
        git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
        git fetch --no-tags linux-next master
        git checkout bfcdbae0523bd95eb75a739ffb6221a37109881e
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=mips SHELL=/bin/bash fs/ntfs3/

If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>

sparse warnings: (new ones prefixed by >>)
>> fs/ntfs3/fsntfs.c:1855:63: sparse: sparse: restricted __le32 degrades to integer
   fs/ntfs3/fsntfs.c:1855:80: sparse: sparse: restricted __le32 degrades to integer
   fs/ntfs3/fsntfs.c:1874:63: sparse: sparse: restricted __le32 degrades to integer
   fs/ntfs3/fsntfs.c:1874:80: sparse: sparse: restricted __le32 degrades to integer

vim +1855 fs/ntfs3/fsntfs.c

  1806	
  1807	/*
  1808	 * ntfs_security_init - Load and parse $Secure.
  1809	 */
  1810	int ntfs_security_init(struct ntfs_sb_info *sbi)
  1811	{
  1812		int err;
  1813		struct super_block *sb = sbi->sb;
  1814		struct inode *inode;
  1815		struct ntfs_inode *ni;
  1816		struct MFT_REF ref;
  1817		struct ATTRIB *attr;
  1818		struct ATTR_LIST_ENTRY *le;
  1819		u64 sds_size;
  1820		size_t off;
  1821		struct NTFS_DE *ne;
  1822		struct NTFS_DE_SII *sii_e;
  1823		struct ntfs_fnd *fnd_sii = NULL;
  1824		const struct INDEX_ROOT *root_sii;
  1825		const struct INDEX_ROOT *root_sdh;
  1826		struct ntfs_index *indx_sdh = &sbi->security.index_sdh;
  1827		struct ntfs_index *indx_sii = &sbi->security.index_sii;
  1828	
  1829		ref.low = cpu_to_le32(MFT_REC_SECURE);
  1830		ref.high = 0;
  1831		ref.seq = cpu_to_le16(MFT_REC_SECURE);
  1832	
  1833		inode = ntfs_iget5(sb, &ref, &NAME_SECURE);
  1834		if (IS_ERR(inode)) {
  1835			err = PTR_ERR(inode);
  1836			ntfs_err(sb, "Failed to load $Secure.");
  1837			inode = NULL;
  1838			goto out;
  1839		}
  1840	
  1841		ni = ntfs_i(inode);
  1842	
  1843		le = NULL;
  1844	
  1845		attr = ni_find_attr(ni, NULL, &le, ATTR_ROOT, SDH_NAME,
  1846				    ARRAY_SIZE(SDH_NAME), NULL, NULL);
  1847		if (!attr) {
  1848			err = -EINVAL;
  1849			goto out;
  1850		}
  1851	
  1852		root_sdh = resident_data_ex(attr, sizeof(struct INDEX_ROOT));
  1853		if (root_sdh->type != ATTR_ZERO ||
  1854		    root_sdh->rule != NTFS_COLLATION_TYPE_SECURITY_HASH ||
> 1855		    offsetof(struct INDEX_ROOT, ihdr) + root_sdh->ihdr.used > attr->res.data_size) {
  1856			err = -EINVAL;
  1857			goto out;
  1858		}
  1859	
  1860		err = indx_init(indx_sdh, sbi, attr, INDEX_MUTEX_SDH);
  1861		if (err)
  1862			goto out;
  1863	
  1864		attr = ni_find_attr(ni, attr, &le, ATTR_ROOT, SII_NAME,
  1865				    ARRAY_SIZE(SII_NAME), NULL, NULL);
  1866		if (!attr) {
  1867			err = -EINVAL;
  1868			goto out;
  1869		}
  1870	
  1871		root_sii = resident_data_ex(attr, sizeof(struct INDEX_ROOT));
  1872		if (root_sii->type != ATTR_ZERO ||
  1873		    root_sii->rule != NTFS_COLLATION_TYPE_UINT ||
  1874		    offsetof(struct INDEX_ROOT, ihdr) + root_sii->ihdr.used > attr->res.data_size) {
  1875			err = -EINVAL;
  1876			goto out;
  1877		}
  1878	
  1879		err = indx_init(indx_sii, sbi, attr, INDEX_MUTEX_SII);
  1880		if (err)
  1881			goto out;
  1882	
  1883		fnd_sii = fnd_get();
  1884		if (!fnd_sii) {
  1885			err = -ENOMEM;
  1886			goto out;
  1887		}
  1888	
  1889		sds_size = inode->i_size;
  1890	
  1891		/* Find the last valid Id. */
  1892		sbi->security.next_id = SECURITY_ID_FIRST;
  1893		/* Always write new security at the end of bucket. */
  1894		sbi->security.next_off =
  1895			ALIGN(sds_size - SecurityDescriptorsBlockSize, 16);
  1896	
  1897		off = 0;
  1898		ne = NULL;
  1899	
  1900		for (;;) {
  1901			u32 next_id;
  1902	
  1903			err = indx_find_raw(indx_sii, ni, root_sii, &ne, &off, fnd_sii);
  1904			if (err || !ne)
  1905				break;
  1906	
  1907			sii_e = (struct NTFS_DE_SII *)ne;
  1908			if (le16_to_cpu(ne->view.data_size) < SIZEOF_SECURITY_HDR)
  1909				continue;
  1910	
  1911			next_id = le32_to_cpu(sii_e->sec_id) + 1;
  1912			if (next_id >= sbi->security.next_id)
  1913				sbi->security.next_id = next_id;
  1914		}
  1915	
  1916		sbi->security.ni = ni;
  1917		inode = NULL;
  1918	out:
  1919		iput(inode);
  1920		fnd_put(fnd_sii);
  1921	
  1922		return err;
  1923	}
  1924	

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp