On Tue, 28 Jul 2020 at 07:37, Peilin Ye <yepeilin.cs@xxxxxxxxx> wrote:
>
> xsk_getsockopt() is copying uninitialized stack memory to userspace when
> `extra_stats` is `false`. Fix it.
>
> Fixes: 8aa5a33578e9 ("xsk: Add new statistics")
> Suggested-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> Signed-off-by: Peilin Ye <yepeilin.cs@xxxxxxxxx>
> ---
Acked-by: Björn Töpel <bjorn.topel@xxxxxxxxx>
> Doing `= {};` is sufficient since currently `struct xdp_statistics` is
> defined as follows:
>
> struct xdp_statistics {
> __u64 rx_dropped;
> __u64 rx_invalid_descs;
> __u64 tx_invalid_descs;
> __u64 rx_ring_full;
> __u64 rx_fill_ring_empty_descs;
> __u64 tx_ring_empty_descs;
> };
>
> When being copied to the userspace, `stats` will not contain any
> uninitialized "holes" between struct fields.
>
> Changes in v2:
> - Remove the "Cc: stable@xxxxxxxxxxxxxxx" tag. (Suggested by Song Liu
> <songliubraving@xxxxxx>)
> - Initialize `stats` by assignment instead of using memset().
> (Suggested by Song Liu <songliubraving@xxxxxx>)
>
> net/xdp/xsk.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/xdp/xsk.c b/net/xdp/xsk.c
> index 26e3bba8c204..b2b533eddebf 100644
> --- a/net/xdp/xsk.c
> +++ b/net/xdp/xsk.c
> @@ -840,7 +840,7 @@ static int xsk_getsockopt(struct socket *sock, int level, int optname,
> switch (optname) {
> case XDP_STATISTICS:
> {
> - struct xdp_statistics stats;
> + struct xdp_statistics stats = {};
> bool extra_stats = true;
> size_t stats_size;
>
> --
> 2.25.1
>
