[PATCH 1/2] fs: ubifs: zero initialize allocated inode

[PATCH 1/2] fs: ubifs: zero initialize allocated inode

[Sascha Hauer]

UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
zeroes all fields in the ubifs_inode except the embedded struct inode.
In Linux this is done in the kmem_cache constructor function which calls
inode_init_once(). In barebox we have the constructor function as well,
but we don't have an equivalent of inode_init_once(), so the constructor
is empty.  zero the inode in the constructor instead so that barebox
gets a zeroed inode.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
 fs/ubifs/super.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index 45037b42ea..8eb8e574a8 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -1128,6 +1128,9 @@ static void kill_ubifs_super(struct super_block *s)
  */
 static void inode_slab_ctor(void *obj)
 {
+	struct ubifs_inode *ui = obj;
+
+	memset(&ui->vfs_inode, 0, sizeof(ui->vfs_inode));
 }
 
 static int __init ubifs_init(void)
-- 
2.47.3

[PATCH 2/2] fs: jffs2: zero initialize allocated inode

[Sascha Hauer]

JFFS2 uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
returned from kmem_cache_alloc() is not zeroed. jffs2_alloc_inode()
zeroes all fields in the ubifs_inode except the embedded struct inode.
In Linux this is done in the kmem_cache constructor function which calls
inode_init_once(). In barebox we have the constructor function as well,
but we don't have an equivalent of inode_init_once(), so the constructor
is empty.  zero the inode in the constructor instead so that barebox
gets a zeroed inode.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
 fs/jffs2/super.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
index b9a5b99744..6546943173 100644
--- a/fs/jffs2/super.c
+++ b/fs/jffs2/super.c
@@ -55,8 +55,11 @@ static void jffs2_destroy_inode(struct inode *inode)
 	kmem_cache_free(jffs2_inode_cachep, f);
 }
 
-static void jffs2_i_init_once(void *foo)
+static void jffs2_i_init_once(void *obj)
 {
+	struct jffs2_inode_info *f = obj;
+
+	memset(&f->vfs_inode, 0, sizeof(f->vfs_inode));
 }
 
 static const struct super_operations jffs2_super_operations =
-- 
2.47.3

Re: [PATCH 2/2] fs: jffs2: zero initialize allocated inode

[Ahmad Fatoum]

On 5/19/26 3:28 PM, Sascha Hauer wrote:
> JFFS2 uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
> returned from kmem_cache_alloc() is not zeroed. jffs2_alloc_inode()
> zeroes all fields in the ubifs_inode except the embedded struct inode.
> In Linux this is done in the kmem_cache constructor function which calls
> inode_init_once(). In barebox we have the constructor function as well,
> but we don't have an equivalent of inode_init_once(), so the constructor
> is empty.  zero the inode in the constructor instead so that barebox
> gets a zeroed inode.
> 
> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>

Reviewed-by: Ahmad Fatoum <a.fatoum@pengutronix.de>

> ---
>  fs/jffs2/super.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
> index b9a5b99744..6546943173 100644
> --- a/fs/jffs2/super.c
> +++ b/fs/jffs2/super.c
> @@ -55,8 +55,11 @@ static void jffs2_destroy_inode(struct inode *inode)
>  	kmem_cache_free(jffs2_inode_cachep, f);
>  }
>  
> -static void jffs2_i_init_once(void *foo)
> +static void jffs2_i_init_once(void *obj)
>  {
> +	struct jffs2_inode_info *f = obj;
> +
> +	memset(&f->vfs_inode, 0, sizeof(f->vfs_inode));
>  }
>  
>  static const struct super_operations jffs2_super_operations =

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |

Re: [PATCH 2/2] fs: jffs2: zero initialize allocated inode

[Sascha Hauer]

On Tue, 19 May 2026 15:28:46 +0200, Sascha Hauer wrote:
> JFFS2 uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
> returned from kmem_cache_alloc() is not zeroed. jffs2_alloc_inode()
> zeroes all fields in the ubifs_inode except the embedded struct inode.
> In Linux this is done in the kmem_cache constructor function which calls
> inode_init_once(). In barebox we have the constructor function as well,
> but we don't have an equivalent of inode_init_once(), so the constructor
> is empty.  zero the inode in the constructor instead so that barebox
> gets a zeroed inode.
> 
> [...]

Applied, thanks!

[2/2] fs: jffs2: zero initialize allocated inode
      https://git.pengutronix.de/cgit/barebox/commit/?id=e6610f524cec (link may not be stable)

Best regards,
-- 
Sascha Hauer <s.hauer@pengutronix.de>

Re: [PATCH 2/2] fs: jffs2: zero initialize allocated inode

[Ahmad Fatoum]

Hello Sascha,

On 5/19/26 2:44 PM, Sascha Hauer wrote:
> JFFS2 uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
> returned from kmem_cache_alloc() is not zeroed. jffs2_alloc_inode()
> zeroes all fields in the ubifs_inode except the embedded struct inode.
> In Linux this is done in the kmem_cache constructor function which calls
> inode_init_once(). In barebox we have the constructor function as well,
> but we don't have an equivalent of inode_init_once(), so the constructor
> is empty.  zero the inode in the constructor instead so that barebox
> gets a zeroed inode.
> 
> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
> ---
>  fs/jffs2/super.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
> index b9a5b99744..260a812b7c 100644
> --- a/fs/jffs2/super.c
> +++ b/fs/jffs2/super.c
> @@ -55,8 +55,9 @@ static void jffs2_destroy_inode(struct inode *inode)
>  	kmem_cache_free(jffs2_inode_cachep, f);
>  }
>  
> -static void jffs2_i_init_once(void *foo)
> +static void jffs2_i_init_once(void *obj)
>  {
> +	memset(obj, 0, sizeof(struct inode));

jffs2_i_init_once is used as constructor for creating objects of
sizeof(struct jffs2_inode_info).

struct jffs2_inode_info has a struct inode member, but as the last
element, not the first, so this does nothing to initialize the inode by
the looks of it?

I'd rather suggest we zero the whole sizeof(jffs2_inode_info) here to be
on the safe side, even with respect to future updates.

Cheers,
Ahmad

>  }
>  
>  static const struct super_operations jffs2_super_operations =

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |

[PATCH 2/2] fs: jffs2: zero initialize allocated inode

[Sascha Hauer]

JFFS2 uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
returned from kmem_cache_alloc() is not zeroed. jffs2_alloc_inode()
zeroes all fields in the ubifs_inode except the embedded struct inode.
In Linux this is done in the kmem_cache constructor function which calls
inode_init_once(). In barebox we have the constructor function as well,
but we don't have an equivalent of inode_init_once(), so the constructor
is empty.  zero the inode in the constructor instead so that barebox
gets a zeroed inode.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
 fs/jffs2/super.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
index b9a5b99744..260a812b7c 100644
--- a/fs/jffs2/super.c
+++ b/fs/jffs2/super.c
@@ -55,8 +55,9 @@ static void jffs2_destroy_inode(struct inode *inode)
 	kmem_cache_free(jffs2_inode_cachep, f);
 }
 
-static void jffs2_i_init_once(void *foo)
+static void jffs2_i_init_once(void *obj)
 {
+	memset(obj, 0, sizeof(struct inode));
 }
 
 static const struct super_operations jffs2_super_operations =
-- 
2.47.3