[PATCH v1A 2/3] x86/xen/msr: Fix uninitialized symbol 'err'
From: Xin Li (Intel)
Date: Sat May 17 2025 - 12:58:00 EST
xen_read_msr_safe() currently passes an uninitialized argument err to
xen_do_read_msr(). But as xen_do_read_msr() may not set the argument,
xen_read_msr_safe() could return err with an unpredictable value.
To ensure correctness, initialize err to 0 (representing success)
in xen_read_msr_safe().
Do the same in xen_read_msr(), even err is not used after being passed
to xen_do_read_msr().
Fixes: d815da84fdd0 ("x86/msr: Change the function type of native_read_msr_safe()"
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Closes: https://lore.kernel.org/xen-devel/aBxNI_Q0-MhtBSZG@stanley.mountain/
Signed-off-by: Xin Li (Intel) <xin@xxxxxxxxx>
---
Change in v1A:
*) Drop setting err to 0 in xen_do_read_msr() initially and set err to
0 in all callers (Jürgen Groß).
---
arch/x86/xen/enlighten_pv.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c
index 7f9ded1bc707..26bbaf4b7330 100644
--- a/arch/x86/xen/enlighten_pv.c
+++ b/arch/x86/xen/enlighten_pv.c
@@ -1162,7 +1162,7 @@ static void xen_do_write_msr(u32 msr, u64 val, int *err)
static int xen_read_msr_safe(u32 msr, u64 *val)
{
- int err;
+ int err = 0;
*val = xen_do_read_msr(msr, &err);
return err;
@@ -1179,7 +1179,7 @@ static int xen_write_msr_safe(u32 msr, u64 val)
static u64 xen_read_msr(u32 msr)
{
- int err;
+ int err = 0;
return xen_do_read_msr(msr, xen_msr_safe ? &err : NULL);
}
--
2.49.0