From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4E40FC27C77 for ; Wed, 12 Jun 2024 15:07:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BA26E6B0098; Wed, 12 Jun 2024 11:07:46 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B52B16B0099; Wed, 12 Jun 2024 11:07:46 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A19C56B009A; Wed, 12 Jun 2024 11:07:46 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 7F7EB6B0098 for ; Wed, 12 Jun 2024 11:07:46 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 2F17F1A1751 for ; Wed, 12 Jun 2024 15:07:46 +0000 (UTC) X-FDA: 82222566132.20.6EED92A Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf15.hostedemail.com (Postfix) with ESMTP id 630FEA0024 for ; Wed, 12 Jun 2024 15:07:43 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=pX1H+S7C; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf15.hostedemail.com: domain of ebiggers@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=ebiggers@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1718204863; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=IllfJQQ9j69Q+COonNVeOvD3MHkoISYff8C8RUMbdBg=; b=jmzyl0iMwn6E+jSfvi/zX7JvEXst+jms6VnNOUNuM9ifkqWg4EXP3zlPPtjNIl8xKL0p5A 8Gn6lHtgg7DhBgGZ1KUZ+hinsX/LX7FZNR1QI9YLQJHzFGx1amELVE4jqAF+AFXfksjeWB hLVD/2oI4FiqHuXqBrkuQeXI2aGIKkw= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=pX1H+S7C; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf15.hostedemail.com: domain of ebiggers@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=ebiggers@kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1718204863; a=rsa-sha256; cv=none; b=ep3zL8cIkX2OBR+A+SvUKkCRglL/hB0A0txLY37TN4CLrz4Py0zgvXbrxyxKCuzcTpptZ6 aDztnvn7JXlvITiYfABrvpsmSgMMGOanlIvSmmAeQSzdipiE6xWs/GpBYYEYVpVQ3LeSBP sSfkrPGeifdm27rFHYPPUwANiDyhPVo= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 3896A614BE; Wed, 12 Jun 2024 15:07:42 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8DDB1C116B1; Wed, 12 Jun 2024 15:07:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1718204861; bh=9NekqWvmrjHgLmsxHX2G+/ZncWBRGFcroyyNaWCh+FI=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=pX1H+S7CCZQQw1Pv2pz13ykdn5K7Ia4/WPa2o37e8o3GeMV2QQ5j2OFpUdVKHFiKX dYRUpxEqa0H4lEfSqHaPVdCFmb1sGamWDDTGeRG3eBNmBpaKDq+1g2TsoN8FwcttTZ WsPbFJRkcAp96zQbd2OqAS8UufRdoiaYiqQwXLTZBpYa44/HWiis+yFUmfgDbuhz+q DjnxaLZ5qdBVh+2lbLwxBqNh+/lZ/tC6q6SfezgmlJMl1TJ5hk+PVjF/7UZwuBNMIe b7NzBDEM/WUwjuWhEQe3A90bPyoonyTsyvsOtPQToO4rM9pJckInFEu650czyhEEye gIgR8diubxYZA== Date: Wed, 12 Jun 2024 08:07:39 -0700 From: Eric Biggers To: Jan Kara Cc: Hugh Dickins , Yosry Ahmed , syzbot , akpm@linux-foundation.org, chengming.zhou@linux.dev, hannes@cmpxchg.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, nphamcs@gmail.com, syzkaller-bugs@googlegroups.com, linux-ext4@vger.kernel.org Subject: Re: [syzbot] [mm?] KMSAN: uninit-value in zswap_store Message-ID: <20240612150739.GA1170@sol.localdomain> References: <000000000000d0f165061a6754c3@google.com> <02a21a55-8fe3-a9eb-f54b-051d75ae8335@google.com> <20240612075027.5pzkkovaewtx63n5@quack3> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240612075027.5pzkkovaewtx63n5@quack3> X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 630FEA0024 X-Stat-Signature: raeb8q8n9znijxgi3drx4isqh4zgja16 X-Rspam-User: X-HE-Tag: 1718204863-483295 X-HE-Meta: U2FsdGVkX1+1kijYCms4V8eTmzFfid6XA8vF6jASvCkzj5RMuwbza6Be4Gn+4o/dUILZD4AaZgZBMMTBlaMRqkWis1ajQY7x6jT7I2V1+LFXpabIDjb5fQSoD75b4hWVq5x9FaefmuSovuHKc0hJFePsAUIbMaUANkc/6lpiEeYSVP4u4m8jSUdivI35GbedrQzB5DnImIy6rcfKTKFXw8wBqPHUMchjCjHhWj4NWW4E43vWZEMCDf5NnNwsRN+wjqAXWE19kx68YJJlvhxEDLgp4j7BkwJaxg3uJxcZEQmwvL0R3RsAZb401gtcZmU7KfnCOGwTsVEjcCeI+/pHZpyr57v6AsQ+f6rWZQ6y6QPfBT5oNkW0lN2cz2z3H5NJQjtIRePTyOf+FyU+ydfZsKLLcUQOD4TtJIkQvUpxRUutuZHNPkDSaB1cJrDkvYeHkCJMWxFT4AGPpWqR26+5RjCUR/UJ/XN10BJFFcO6qhDWt8BshfeAaLfWIMBiTPb7uei4PsUwSPjkYtpWrr47rBUJQd+7ietjg63jaPq3vlitaweGaGf1UEWd88+nfKil2qegjDyEOb+Kwqy54/3lOk5l2ZIe5f26YlaxLM90xxEW5KtE9WXkpCrBThMlz0IKGIUMZYXQmFDQed/5TjC285cU8E7HpHms8DW+GkM0p/oG0LxG4zylCogCDeTFS0m3N+Rtpogcd19uC3m9fvkn8jdz8Fcu73PAWgQI+YlzYlj3kMVtM7WQ6kVEZw6Q4p+5SQoAycH/gcYJK5fhI3TE8qxj5AOBKkh2kAjaX8ILBgEL3RTsmbi10CCWSNAkfDsaCzBy78+ypkole52OSKfqgU7MvapH7c8PLER/ZwOeCn4BJqf9066Z2ha+aAui0afznDEOQ2yGwLjBW8rHONRPYq0tpSjrDmn/H/L9xhGq1FlFQIiO2RRhSMHymr1THQ/TZugDCDZ3YGd/U4HzCeu abJoQeT3 jEyZjlh02r098a/VJ9CpFFemT/xqNYjLoXHdpgAZz7qOQXDxi4hxXyyPRv3ZwKcjL2wkhD1weAh+GcVDMktZLudA/PRgpYmB5HP3sbR5p0lKnyppXB/z9pXrbnQSzavf3mUV+ceewLupvIe0HaodZwRdE641Oi/2VqnJ/TPCI64+Ph36wfDISqARP/ckI7MJSo4XHOb7OM7JeE5OqyqCnZLDbLsRA1zRg38j4ofXZDR89mHjgNTKDCGMtro2At41gZPSeaKA0I2KrUinRzaWWPVI3F3khO0ViiMf0lJjkovCizIIuXk2fIqFB+orEjW8zIplHdXmShIxgOpq2o8N4WwxPhA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Jun 12, 2024 at 09:50:27AM +0200, Jan Kara wrote: > On Tue 11-06-24 02:13:59, Hugh Dickins wrote: > > On Mon, 10 Jun 2024, Yosry Ahmed wrote: > > > Hugh, do you mind taking a quick look at whether this is a real bug? > > > > > > If this is expected behavior, perhaps there is some annotation we can > > > use in zswap that it is fine to encounter uninitialized data when > > > reading the folio. > > > > I've not been faced with a KMSAN report before, so I might well be > > misunderstanding its language: but this looks like an ext4 "bug" to me. > > > > I think the story that the three KMSAN stacks are telling is this: > > syzbot has an ext4 filesystem on a loop device on a tmpfs file (I do > > exactly that too); ext4 is doing some ext4_xattr_inode_write() business, > > in the course of which it writes back a not-fully-initialized block to > > the loop device; shmem faithfully copies that data into its pagecache, > > then later when under memory pressure that page gets "written" out to > > zswap: where zswap_is_page_same_filled() takes an interest in the data, > > and KMSAN objects because some of it was not originally initialized. > > > > If that's a correct interpretation, then it's probably not a big deal: > > it's probably the uninitialized end of a buffer that's written out, > > not any part of the "disk" which ext4 would ever show to a user; but > > I do agree with KMSAN that ext4 would do better to clear that area, > > rather than accidentally storing someone else's super-secret info. > > Yes, that seems to be accurate. ext4_xattr_inode_write() stores large > extended attribute in the inode and we don't bother to zero out the tail of > the block we use since we never access bytes beyond xattr size. Frankly I > don't consider this a bug since the uninitialized bytes are never exposed > to (unpriviledged) userspace. But I agree that out of pure precaution and > because it doesn't cost much in terms of performance we could zero out the > block tail. Writing uninitialized memory to disk is definitely a bug. - Eric