I compiled the noble:linux kernel version 6.8.0-86.87 with Clang and verified that the warning is gone.
** Tags removed: verification-needed-noble-linux ** Tags added: verification-done-noble-linux -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2120561 Title: Fix compilation failure because of incomplete backport Status in linux package in Ubuntu: Invalid Status in linux source package in Noble: Fix Committed Bug description: SRU Justification [Impact] In ctnetlink_secctx_size() from net/netfilter/nf_conntrack_netlink.c, `len` is used uninitialized, triggering the following warning when compiling with Clang: net/netfilter/nf_conntrack_netlink.c:674:41: warning: variable 'len' is uninitialized when used here [-Wuninitialized] 674 | + nla_total_size(sizeof(char) * len); /* CTA_SECCTX_NAME */ | ^~~ net/netfilter/nf_conntrack_netlink.c:667:9: note: initialize the variable 'len' to silence this warning 667 | int len, ret; | ^ | = 0 [Fix] Match mainline commit 2d470c778120 ("lsm: replace context+len with lsm_context"). [Test Plan] Compile with Clang, check the warning is gone and no other warning has been triggered. [Where problems could occur] This patch touches bits of the netlink interface for nf_conntrack. However, it addresses a clear mistake in the current implementation, so no issues should be introduced. ---------------------------- Original bug report ---------------------------- Below code is failing while compiling with clang: static inline int ctnetlink_secctx_size(const struct nf_conn *ct) { #ifdef CONFIG_NF_CONNTRACK_SECMARK int len, ret; ^^^ <-- len is not initialized before use ret = security_secid_to_secctx(ct->secmark, NULL); if (ret < 0) return 0; return nla_total_size(0) /* CTA_SECCTX */ + nla_total_size(sizeof(char) * len); /* CTA_SECCTX_NAME */ ^^^ <-- len has not been initialized #else return 0; #endif } Looking into git history I realized that there an incomplete commit of 2d470c778120d3cdb8d8ab250329ca85f49f12b1 (lsm: replace context+len with lsm_context) causing it: commit c45f92d3c95e9a242c0b22e2f7f24e4f319391dd Author: Casey Schaufler <[email protected]> Date: Tue Dec 12 14:21:57 2023 -0800 UBUNTU: SAUCE: apparmor4.0.0 [17/90]: LSM stacking v39: LSM: Use lsmcontext in security_secid_to_secctx BugLink: http://bugs.launchpad.net/bugs/2028253 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2120561/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
