[PATCH 1/2] fs: ubifs: zero initialize allocated inode

mail archive of the barebox mailing list
 help / color / mirror / Atom feed

* [PATCH 1/2] fs: ubifs: zero initialize allocated inode
@ 2026-05-19 12:44 Sascha Hauer
  2026-05-19 12:44 ` [PATCH 2/2] fs: jffs2: " Sascha Hauer
  2026-05-19 13:03 ` [PATCH 1/2] fs: ubifs: " Ahmad Fatoum
  0 siblings, 2 replies; 7+ messages in thread
From: Sascha Hauer @ 2026-05-19 12:44 UTC (permalink / raw)
  To: Barebox List

UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
zeroes all fields in the ubifs_inode except the embedded struct inode.
In Linux this is done in the kmem_cache constructor function which calls
inode_init_once(). In barebox we have the constructor function as well,
but we don't have an equivalent of inode_init_once(), so the constructor
is empty.  zero the inode in the constructor instead so that barebox
gets a zeroed inode.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
 fs/ubifs/super.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index 45037b42ea..4022270d4c 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -1128,6 +1128,7 @@ static void kill_ubifs_super(struct super_block *s)
  */
 static void inode_slab_ctor(void *obj)
 {
+	memset(obj, 0, sizeof(struct inode));
 }

 static int __init ubifs_init(void)
-- 
2.47.3

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [PATCH 2/2] fs: jffs2: zero initialize allocated inode
  2026-05-19 12:44 [PATCH 1/2] fs: ubifs: zero initialize allocated inode Sascha Hauer
@ 2026-05-19 12:44 ` Sascha Hauer
  2026-05-19 12:59   ` Ahmad Fatoum
  2026-05-19 13:03 ` [PATCH 1/2] fs: ubifs: " Ahmad Fatoum
  1 sibling, 1 reply; 7+ messages in thread
From: Sascha Hauer @ 2026-05-19 12:44 UTC (permalink / raw)
  To: Barebox List

JFFS2 uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
returned from kmem_cache_alloc() is not zeroed. jffs2_alloc_inode()
zeroes all fields in the ubifs_inode except the embedded struct inode.
In Linux this is done in the kmem_cache constructor function which calls
inode_init_once(). In barebox we have the constructor function as well,
but we don't have an equivalent of inode_init_once(), so the constructor
is empty.  zero the inode in the constructor instead so that barebox
gets a zeroed inode.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
 fs/jffs2/super.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
index b9a5b99744..260a812b7c 100644
--- a/fs/jffs2/super.c
+++ b/fs/jffs2/super.c
@@ -55,8 +55,9 @@ static void jffs2_destroy_inode(struct inode *inode)
 	kmem_cache_free(jffs2_inode_cachep, f);
 }

-static void jffs2_i_init_once(void *foo)
+static void jffs2_i_init_once(void *obj)
 {
+	memset(obj, 0, sizeof(struct inode));
 }

 static const struct super_operations jffs2_super_operations =
-- 
2.47.3

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH 2/2] fs: jffs2: zero initialize allocated inode
  2026-05-19 12:44 ` [PATCH 2/2] fs: jffs2: " Sascha Hauer
@ 2026-05-19 12:59   ` Ahmad Fatoum
  0 siblings, 0 replies; 7+ messages in thread
From: Ahmad Fatoum @ 2026-05-19 12:59 UTC (permalink / raw)
  To: Sascha Hauer, Barebox List

Hello Sascha,

On 5/19/26 2:44 PM, Sascha Hauer wrote:
> JFFS2 uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
> returned from kmem_cache_alloc() is not zeroed. jffs2_alloc_inode()
> zeroes all fields in the ubifs_inode except the embedded struct inode.
> In Linux this is done in the kmem_cache constructor function which calls
> inode_init_once(). In barebox we have the constructor function as well,
> but we don't have an equivalent of inode_init_once(), so the constructor
> is empty.  zero the inode in the constructor instead so that barebox
> gets a zeroed inode.
> 
> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
> ---
>  fs/jffs2/super.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
> index b9a5b99744..260a812b7c 100644
> --- a/fs/jffs2/super.c
> +++ b/fs/jffs2/super.c
> @@ -55,8 +55,9 @@ static void jffs2_destroy_inode(struct inode *inode)
>  	kmem_cache_free(jffs2_inode_cachep, f);
>  }
>  
> -static void jffs2_i_init_once(void *foo)
> +static void jffs2_i_init_once(void *obj)
>  {
> +	memset(obj, 0, sizeof(struct inode));

jffs2_i_init_once is used as constructor for creating objects of
sizeof(struct jffs2_inode_info).

struct jffs2_inode_info has a struct inode member, but as the last
element, not the first, so this does nothing to initialize the inode by
the looks of it?

I'd rather suggest we zero the whole sizeof(jffs2_inode_info) here to be
on the safe side, even with respect to future updates.

Cheers,
Ahmad

>  }
>  
>  static const struct super_operations jffs2_super_operations =

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |




^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH 1/2] fs: ubifs: zero initialize allocated inode
  2026-05-19 12:44 [PATCH 1/2] fs: ubifs: zero initialize allocated inode Sascha Hauer
  2026-05-19 12:44 ` [PATCH 2/2] fs: jffs2: " Sascha Hauer
@ 2026-05-19 13:03 ` Ahmad Fatoum
  2026-05-19 13:14   ` Sascha Hauer
  1 sibling, 1 reply; 7+ messages in thread
From: Ahmad Fatoum @ 2026-05-19 13:03 UTC (permalink / raw)
  To: Sascha Hauer, Barebox List

Hi,

On 5/19/26 2:44 PM, Sascha Hauer wrote:
> UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
> returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
> zeroes all fields in the ubifs_inode except the embedded struct inode.
> In Linux this is done in the kmem_cache constructor function which calls
> inode_init_once(). In barebox we have the constructor function as well,
> but we don't have an equivalent of inode_init_once(), so the constructor
> is empty.  zero the inode in the constructor instead so that barebox
> gets a zeroed inode.
> 
> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
> ---
>  fs/ubifs/super.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
> index 45037b42ea..4022270d4c 100644
> --- a/fs/ubifs/super.c
> +++ b/fs/ubifs/super.c
> @@ -1128,6 +1128,7 @@ static void kill_ubifs_super(struct super_block *s)
>   */
>  static void inode_slab_ctor(void *obj)
>  {
> +	memset(obj, 0, sizeof(struct inode));

This works because inode is the first member of struct ubifs_inode, but
I would prefer to avoid depending on that as it might change with a
future update.

Can't we just zero all of struct ubifs_inode here to be on the safe side?

Cheers,
Ahmad

>  }
>  
>  static int __init ubifs_init(void)

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |




^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH 1/2] fs: ubifs: zero initialize allocated inode
  2026-05-19 13:03 ` [PATCH 1/2] fs: ubifs: " Ahmad Fatoum
@ 2026-05-19 13:14   ` Sascha Hauer
  2026-05-19 13:16     ` Ahmad Fatoum
  0 siblings, 1 reply; 7+ messages in thread
From: Sascha Hauer @ 2026-05-19 13:14 UTC (permalink / raw)
  To: Ahmad Fatoum; +Cc: Barebox List

On 2026-05-19 15:03, Ahmad Fatoum wrote:
> Hi,
> 
> On 5/19/26 2:44 PM, Sascha Hauer wrote:
> > UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
> > returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
> > zeroes all fields in the ubifs_inode except the embedded struct inode.
> > In Linux this is done in the kmem_cache constructor function which calls
> > inode_init_once(). In barebox we have the constructor function as well,
> > but we don't have an equivalent of inode_init_once(), so the constructor
> > is empty.  zero the inode in the constructor instead so that barebox
> > gets a zeroed inode.
> > 
> > Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
> > ---
> >  fs/ubifs/super.c | 1 +
> >  1 file changed, 1 insertion(+)
> > 
> > diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
> > index 45037b42ea..4022270d4c 100644
> > --- a/fs/ubifs/super.c
> > +++ b/fs/ubifs/super.c
> > @@ -1128,6 +1128,7 @@ static void kill_ubifs_super(struct super_block *s)
> >   */
> >  static void inode_slab_ctor(void *obj)
> >  {
> > +	memset(obj, 0, sizeof(struct inode));
> 
> This works because inode is the first member of struct ubifs_inode, but
> I would prefer to avoid depending on that as it might change with a
> future update.
> 
> Can't we just zero all of struct ubifs_inode here to be on the safe side?

That was my first approach as well, but I was afraid this could be lost
on an UBIFS update.

I could treat obj as a struct ubifs_inode and zero the inode member
instead.

That would have prevented the bug I introduced with the JFFS2 patch as
well.

Sascha

--
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH 1/2] fs: ubifs: zero initialize allocated inode
  2026-05-19 13:14   ` Sascha Hauer
@ 2026-05-19 13:16     ` Ahmad Fatoum
  0 siblings, 0 replies; 7+ messages in thread
From: Ahmad Fatoum @ 2026-05-19 13:16 UTC (permalink / raw)
  To: Sascha Hauer; +Cc: Barebox List

Hi,

On 5/19/26 3:14 PM, Sascha Hauer wrote:
> On 2026-05-19 15:03, Ahmad Fatoum wrote:
>> Hi,
>>
>> On 5/19/26 2:44 PM, Sascha Hauer wrote:
>>> UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
>>> returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
>>> zeroes all fields in the ubifs_inode except the embedded struct inode.
>>> In Linux this is done in the kmem_cache constructor function which calls
>>> inode_init_once(). In barebox we have the constructor function as well,
>>> but we don't have an equivalent of inode_init_once(), so the constructor
>>> is empty.  zero the inode in the constructor instead so that barebox
>>> gets a zeroed inode.
>>>
>>> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
>>> ---
>>>  fs/ubifs/super.c | 1 +
>>>  1 file changed, 1 insertion(+)
>>>
>>> diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
>>> index 45037b42ea..4022270d4c 100644
>>> --- a/fs/ubifs/super.c
>>> +++ b/fs/ubifs/super.c
>>> @@ -1128,6 +1128,7 @@ static void kill_ubifs_super(struct super_block *s)
>>>   */
>>>  static void inode_slab_ctor(void *obj)
>>>  {
>>> +	memset(obj, 0, sizeof(struct inode));
>>
>> This works because inode is the first member of struct ubifs_inode, but
>> I would prefer to avoid depending on that as it might change with a
>> future update.
>>
>> Can't we just zero all of struct ubifs_inode here to be on the safe side?
> 
> That was my first approach as well, but I was afraid this could be lost
> on an UBIFS update.
> 
> I could treat obj as a struct ubifs_inode and zero the inode member
> instead.

Yes, that would work too.

> 
> That would have prevented the bug I introduced with the JFFS2 patch as
> well.
> 
> Sascha
> 
> --
> Pengutronix e.K.                           |                             |
> Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
> 31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
> Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |
> 

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |




^ permalink raw reply	[flat|nested] 7+ messages in thread

* [PATCH 1/2] fs: ubifs: zero initialize allocated inode
@ 2026-05-19 13:28 Sascha Hauer
  0 siblings, 0 replies; 7+ messages in thread
From: Sascha Hauer @ 2026-05-19 13:28 UTC (permalink / raw)
  To: Barebox List

UBIFS uses kmem_cache_alloc() to allocate an ubifs_inode. The memory
returned from kmem_cache_alloc() is not zeroed. ubifs_alloc_inode()
zeroes all fields in the ubifs_inode except the embedded struct inode.
In Linux this is done in the kmem_cache constructor function which calls
inode_init_once(). In barebox we have the constructor function as well,
but we don't have an equivalent of inode_init_once(), so the constructor
is empty.  zero the inode in the constructor instead so that barebox
gets a zeroed inode.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
 fs/ubifs/super.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index 45037b42ea..8eb8e574a8 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -1128,6 +1128,9 @@ static void kill_ubifs_super(struct super_block *s)
  */
 static void inode_slab_ctor(void *obj)
 {
+	struct ubifs_inode *ui = obj;
+
+	memset(&ui->vfs_inode, 0, sizeof(ui->vfs_inode));
 }

 static int __init ubifs_init(void)
-- 
2.47.3

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2026-05-19 15:29 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-05-19 12:44 [PATCH 1/2] fs: ubifs: zero initialize allocated inode Sascha Hauer
2026-05-19 12:44 ` [PATCH 2/2] fs: jffs2: " Sascha Hauer
2026-05-19 12:59   ` Ahmad Fatoum
2026-05-19 13:03 ` [PATCH 1/2] fs: ubifs: " Ahmad Fatoum
2026-05-19 13:14   ` Sascha Hauer
2026-05-19 13:16     ` Ahmad Fatoum
2026-05-19 13:28 Sascha Hauer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox