* [PATCH 1/2] fs: ubifs: zero initialize allocated inode
@ 2026-05-19 13:28 Sascha Hauer
2026-05-19 13:28 ` [PATCH 2/2] fs: jffs2: " Sascha Hauer
0 siblings, 1 reply; 8+ messages in thread
From: Sascha Hauer @ 2026-05-19 13:28 UTC (permalink / raw)
To: Barebox List
UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
zeroes all fields in the ubifs_inode except the embedded struct inode.
In Linux this is done in the kmem_cache constructor function which calls
inode_init_once(). In barebox we have the constructor function as well,
but we don't have an equivalent of inode_init_once(), so the constructor
is empty. zero the inode in the constructor instead so that barebox
gets a zeroed inode.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
fs/ubifs/super.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index 45037b42ea..8eb8e574a8 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -1128,6 +1128,9 @@ static void kill_ubifs_super(struct super_block *s)
*/
static void inode_slab_ctor(void *obj)
{
+ struct ubifs_inode *ui = obj;
+
+ memset(&ui->vfs_inode, 0, sizeof(ui->vfs_inode));
}
static int __init ubifs_init(void)
--
2.47.3
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH 2/2] fs: jffs2: zero initialize allocated inode
2026-05-19 13:28 [PATCH 1/2] fs: ubifs: zero initialize allocated inode Sascha Hauer
@ 2026-05-19 13:28 ` Sascha Hauer
2026-05-19 13:35 ` Ahmad Fatoum
2026-05-19 15:15 ` Sascha Hauer
0 siblings, 2 replies; 8+ messages in thread
From: Sascha Hauer @ 2026-05-19 13:28 UTC (permalink / raw)
To: Barebox List
JFFS2 uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
returned from kmem_cache_alloc() is not zeroed. jffs2_alloc_inode()
zeroes all fields in the ubifs_inode except the embedded struct inode.
In Linux this is done in the kmem_cache constructor function which calls
inode_init_once(). In barebox we have the constructor function as well,
but we don't have an equivalent of inode_init_once(), so the constructor
is empty. zero the inode in the constructor instead so that barebox
gets a zeroed inode.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
fs/jffs2/super.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
index b9a5b99744..6546943173 100644
--- a/fs/jffs2/super.c
+++ b/fs/jffs2/super.c
@@ -55,8 +55,11 @@ static void jffs2_destroy_inode(struct inode *inode)
kmem_cache_free(jffs2_inode_cachep, f);
}
-static void jffs2_i_init_once(void *foo)
+static void jffs2_i_init_once(void *obj)
{
+ struct jffs2_inode_info *f = obj;
+
+ memset(&f->vfs_inode, 0, sizeof(f->vfs_inode));
}
static const struct super_operations jffs2_super_operations =
--
2.47.3
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 2/2] fs: jffs2: zero initialize allocated inode
2026-05-19 13:28 ` [PATCH 2/2] fs: jffs2: " Sascha Hauer
@ 2026-05-19 13:35 ` Ahmad Fatoum
2026-05-19 15:15 ` Sascha Hauer
1 sibling, 0 replies; 8+ messages in thread
From: Ahmad Fatoum @ 2026-05-19 13:35 UTC (permalink / raw)
To: Sascha Hauer, Barebox List
On 5/19/26 3:28 PM, Sascha Hauer wrote:
> JFFS2 uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
> returned from kmem_cache_alloc() is not zeroed. jffs2_alloc_inode()
> zeroes all fields in the ubifs_inode except the embedded struct inode.
> In Linux this is done in the kmem_cache constructor function which calls
> inode_init_once(). In barebox we have the constructor function as well,
> but we don't have an equivalent of inode_init_once(), so the constructor
> is empty. zero the inode in the constructor instead so that barebox
> gets a zeroed inode.
>
> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Reviewed-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
> ---
> fs/jffs2/super.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
> index b9a5b99744..6546943173 100644
> --- a/fs/jffs2/super.c
> +++ b/fs/jffs2/super.c
> @@ -55,8 +55,11 @@ static void jffs2_destroy_inode(struct inode *inode)
> kmem_cache_free(jffs2_inode_cachep, f);
> }
>
> -static void jffs2_i_init_once(void *foo)
> +static void jffs2_i_init_once(void *obj)
> {
> + struct jffs2_inode_info *f = obj;
> +
> + memset(&f->vfs_inode, 0, sizeof(f->vfs_inode));
> }
>
> static const struct super_operations jffs2_super_operations =
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 2/2] fs: jffs2: zero initialize allocated inode
2026-05-19 13:28 ` [PATCH 2/2] fs: jffs2: " Sascha Hauer
2026-05-19 13:35 ` Ahmad Fatoum
@ 2026-05-19 15:15 ` Sascha Hauer
1 sibling, 0 replies; 8+ messages in thread
From: Sascha Hauer @ 2026-05-19 15:15 UTC (permalink / raw)
To: Barebox List, Sascha Hauer
On Tue, 19 May 2026 15:28:46 +0200, Sascha Hauer wrote:
> JFFS2 uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
> returned from kmem_cache_alloc() is not zeroed. jffs2_alloc_inode()
> zeroes all fields in the ubifs_inode except the embedded struct inode.
> In Linux this is done in the kmem_cache constructor function which calls
> inode_init_once(). In barebox we have the constructor function as well,
> but we don't have an equivalent of inode_init_once(), so the constructor
> is empty. zero the inode in the constructor instead so that barebox
> gets a zeroed inode.
>
> [...]
Applied, thanks!
[2/2] fs: jffs2: zero initialize allocated inode
https://git.pengutronix.de/cgit/barebox/commit/?id=e6610f524cec (link may not be stable)
Best regards,
--
Sascha Hauer <s.hauer@pengutronix.de>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 1/2] fs: ubifs: zero initialize allocated inode
2026-05-19 13:14 ` Sascha Hauer
@ 2026-05-19 13:16 ` Ahmad Fatoum
0 siblings, 0 replies; 8+ messages in thread
From: Ahmad Fatoum @ 2026-05-19 13:16 UTC (permalink / raw)
To: Sascha Hauer; +Cc: Barebox List
Hi,
On 5/19/26 3:14 PM, Sascha Hauer wrote:
> On 2026-05-19 15:03, Ahmad Fatoum wrote:
>> Hi,
>>
>> On 5/19/26 2:44 PM, Sascha Hauer wrote:
>>> UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
>>> returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
>>> zeroes all fields in the ubifs_inode except the embedded struct inode.
>>> In Linux this is done in the kmem_cache constructor function which calls
>>> inode_init_once(). In barebox we have the constructor function as well,
>>> but we don't have an equivalent of inode_init_once(), so the constructor
>>> is empty. zero the inode in the constructor instead so that barebox
>>> gets a zeroed inode.
>>>
>>> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
>>> ---
>>> fs/ubifs/super.c | 1 +
>>> 1 file changed, 1 insertion(+)
>>>
>>> diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
>>> index 45037b42ea..4022270d4c 100644
>>> --- a/fs/ubifs/super.c
>>> +++ b/fs/ubifs/super.c
>>> @@ -1128,6 +1128,7 @@ static void kill_ubifs_super(struct super_block *s)
>>> */
>>> static void inode_slab_ctor(void *obj)
>>> {
>>> + memset(obj, 0, sizeof(struct inode));
>>
>> This works because inode is the first member of struct ubifs_inode, but
>> I would prefer to avoid depending on that as it might change with a
>> future update.
>>
>> Can't we just zero all of struct ubifs_inode here to be on the safe side?
>
> That was my first approach as well, but I was afraid this could be lost
> on an UBIFS update.
>
> I could treat obj as a struct ubifs_inode and zero the inode member
> instead.
Yes, that would work too.
>
> That would have prevented the bug I introduced with the JFFS2 patch as
> well.
>
> Sascha
>
> --
> Pengutronix e.K. | |
> Steuerwalder Str. 21 | http://www.pengutronix.de/ |
> 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
> Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 1/2] fs: ubifs: zero initialize allocated inode
2026-05-19 13:03 ` Ahmad Fatoum
@ 2026-05-19 13:14 ` Sascha Hauer
2026-05-19 13:16 ` Ahmad Fatoum
0 siblings, 1 reply; 8+ messages in thread
From: Sascha Hauer @ 2026-05-19 13:14 UTC (permalink / raw)
To: Ahmad Fatoum; +Cc: Barebox List
On 2026-05-19 15:03, Ahmad Fatoum wrote:
> Hi,
>
> On 5/19/26 2:44 PM, Sascha Hauer wrote:
> > UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
> > returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
> > zeroes all fields in the ubifs_inode except the embedded struct inode.
> > In Linux this is done in the kmem_cache constructor function which calls
> > inode_init_once(). In barebox we have the constructor function as well,
> > but we don't have an equivalent of inode_init_once(), so the constructor
> > is empty. zero the inode in the constructor instead so that barebox
> > gets a zeroed inode.
> >
> > Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
> > ---
> > fs/ubifs/super.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
> > index 45037b42ea..4022270d4c 100644
> > --- a/fs/ubifs/super.c
> > +++ b/fs/ubifs/super.c
> > @@ -1128,6 +1128,7 @@ static void kill_ubifs_super(struct super_block *s)
> > */
> > static void inode_slab_ctor(void *obj)
> > {
> > + memset(obj, 0, sizeof(struct inode));
>
> This works because inode is the first member of struct ubifs_inode, but
> I would prefer to avoid depending on that as it might change with a
> future update.
>
> Can't we just zero all of struct ubifs_inode here to be on the safe side?
That was my first approach as well, but I was afraid this could be lost
on an UBIFS update.
I could treat obj as a struct ubifs_inode and zero the inode member
instead.
That would have prevented the bug I introduced with the JFFS2 patch as
well.
Sascha
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 1/2] fs: ubifs: zero initialize allocated inode
2026-05-19 12:44 [PATCH 1/2] fs: ubifs: " Sascha Hauer
@ 2026-05-19 13:03 ` Ahmad Fatoum
2026-05-19 13:14 ` Sascha Hauer
0 siblings, 1 reply; 8+ messages in thread
From: Ahmad Fatoum @ 2026-05-19 13:03 UTC (permalink / raw)
To: Sascha Hauer, Barebox List
Hi,
On 5/19/26 2:44 PM, Sascha Hauer wrote:
> UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
> returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
> zeroes all fields in the ubifs_inode except the embedded struct inode.
> In Linux this is done in the kmem_cache constructor function which calls
> inode_init_once(). In barebox we have the constructor function as well,
> but we don't have an equivalent of inode_init_once(), so the constructor
> is empty. zero the inode in the constructor instead so that barebox
> gets a zeroed inode.
>
> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
> ---
> fs/ubifs/super.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
> index 45037b42ea..4022270d4c 100644
> --- a/fs/ubifs/super.c
> +++ b/fs/ubifs/super.c
> @@ -1128,6 +1128,7 @@ static void kill_ubifs_super(struct super_block *s)
> */
> static void inode_slab_ctor(void *obj)
> {
> + memset(obj, 0, sizeof(struct inode));
This works because inode is the first member of struct ubifs_inode, but
I would prefer to avoid depending on that as it might change with a
future update.
Can't we just zero all of struct ubifs_inode here to be on the safe side?
Cheers,
Ahmad
> }
>
> static int __init ubifs_init(void)
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH 1/2] fs: ubifs: zero initialize allocated inode
@ 2026-05-19 12:44 Sascha Hauer
2026-05-19 13:03 ` Ahmad Fatoum
0 siblings, 1 reply; 8+ messages in thread
From: Sascha Hauer @ 2026-05-19 12:44 UTC (permalink / raw)
To: Barebox List
UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
zeroes all fields in the ubifs_inode except the embedded struct inode.
In Linux this is done in the kmem_cache constructor function which calls
inode_init_once(). In barebox we have the constructor function as well,
but we don't have an equivalent of inode_init_once(), so the constructor
is empty. zero the inode in the constructor instead so that barebox
gets a zeroed inode.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
fs/ubifs/super.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index 45037b42ea..4022270d4c 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -1128,6 +1128,7 @@ static void kill_ubifs_super(struct super_block *s)
*/
static void inode_slab_ctor(void *obj)
{
+ memset(obj, 0, sizeof(struct inode));
}
static int __init ubifs_init(void)
--
2.47.3
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2026-05-19 15:29 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-05-19 13:28 [PATCH 1/2] fs: ubifs: zero initialize allocated inode Sascha Hauer
2026-05-19 13:28 ` [PATCH 2/2] fs: jffs2: " Sascha Hauer
2026-05-19 13:35 ` Ahmad Fatoum
2026-05-19 15:15 ` Sascha Hauer
-- strict thread matches above, loose matches on Subject: below --
2026-05-19 12:44 [PATCH 1/2] fs: ubifs: " Sascha Hauer
2026-05-19 13:03 ` Ahmad Fatoum
2026-05-19 13:14 ` Sascha Hauer
2026-05-19 13:16 ` Ahmad Fatoum
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox