Re: [PATCH net-next v14 07/14] net: Add struct kernel_ethtool_ts_info

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, 2024-06-04 at 12:39 +0200, Kory Maincent wrote:
> @@ -2443,13 +2444,20 @@ static int ethtool_get_dump_data(struct net_device *dev,
>  
>  static int ethtool_get_ts_info(struct net_device *dev, void __user *useraddr)
>  {
> +	struct kernel_ethtool_ts_info kernel_info;
>  	struct ethtool_ts_info info;
>  	int err;
>  
> -	err = __ethtool_get_ts_info(dev, &info);
> +	err = __ethtool_get_ts_info(dev, &kernel_info);
>  	if (err)
>  		return err;
>  
> +	info.cmd = kernel_info.cmd;
> +	info.so_timestamping = kernel_info.so_timestamping;
> +	info.phc_index = kernel_info.phc_index;
> +	info.tx_types = kernel_info.tx_types;
> +	info.rx_filters = kernel_info.rx_filters;

It looks like 'info' is not zeroed anymore...

> +
>  	if (copy_to_user(useraddr, &info, sizeof(info)))
>  		return -EFAULT;

... so this risk exposing to user-space unintialized kernel memory

Cheers,

Paolo
[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]
  Powered by Linux