rds: Prevent kernel-infoleak in rds_notify_queue_get() - kernel

diff options

author	Peilin Ye <[email protected]>	2020-07-30 19:20:26 +0000
committer	David S. Miller <[email protected]>	2020-07-31 23:52:48 +0000
commit	bbc8a99e952226c585ac17477a85ef1194501762 (patch)
tree	6e62fbfef1f8f51b488c3be4af8599b48f2cfefc /drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c
parent	Merge branch '1GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher... (diff)
download	kernel-bbc8a99e952226c585ac17477a85ef1194501762.tar.gz kernel-bbc8a99e952226c585ac17477a85ef1194501762.zip

rds: Prevent kernel-infoleak in rds_notify_queue_get()

rds_notify_queue_get() is potentially copying uninitialized kernel stack memory to userspace since the compiler may leave a 4-byte hole at the end of `cmsg`. In 2016 we tried to fix this issue by doing `= { 0 };` on `cmsg`, which unfortunately does not always initialize that 4-byte hole. Fix it by using memset() instead. Cc: [email protected] Fixes: f037590fff30 ("rds: fix a leak of kernel memory") Fixes: bdbe6fbc6a2f ("RDS: recv.c") Suggested-by: Dan Carpenter <[email protected]> Signed-off-by: Peilin Ye <[email protected]> Acked-by: Santosh Shilimkar <[email protected]> Signed-off-by: David S. Miller <[email protected]>

Diffstat (limited to 'drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: