The GPIO event descriptor was leaking kernel stack to userspace because we don't zero the variable before use. Ooops. Fix this. Cc: stable@xxxxxxxxxxxxxxx Cc: Bartosz Golaszewski <brgl@xxxxxxxx> Cc: Arnd Bergmann <arnd@xxxxxxxx> Reported-by: Arnd Bergmann <arnd@xxxxxxxx> Signed-off-by: Linus Walleij <linus.walleij@xxxxxxxxxx> --- drivers/gpio/gpiolib.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c index 37e31ba82ca0..754836e4ca0e 100644 --- a/drivers/gpio/gpiolib.c +++ b/drivers/gpio/gpiolib.c @@ -744,6 +744,9 @@ static irqreturn_t lineevent_irq_thread(int irq, void *p) struct gpioevent_data ge; int ret, level; + /* Do not leak kernel stack to userspace */ + memset(&ge, 0, sizeof(ge)); + ge.timestamp = ktime_get_real_ns(); level = gpiod_get_value_cansleep(le->desc); -- 2.14.3 -- To unsubscribe from this list: send the line "unsubscribe linux-gpio" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] gpio: Fix kernel stack leak to userspace
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: [PATCH] gpio: Fix kernel stack leak to userspace
- From: Linus Walleij <linus.walleij@xxxxxxxxxx>
- Date: Mon, 22 Jan 2018 13:21:46 +0100
- Follow-Ups:
- Re: [PATCH] gpio: Fix kernel stack leak to userspace
- From: Arnd Bergmann
- Re: [PATCH] gpio: Fix kernel stack leak to userspace
- From: Bartosz Golaszewski
- Re: [PATCH] gpio: Fix kernel stack leak to userspace
- Prev by Date: Re: [linux-sunxi] [RFC PATCH 2/9] ARM: sunxi: add Allwinner ARMv5 SoCs
- Next by Date: Re: [PATCH] gpio: Fix kernel stack leak to userspace
- Previous by thread: Re: [PATCH 2/4] arm64: add basic DTS for i.MX8MQ
- Next by thread: Re: [PATCH] gpio: Fix kernel stack leak to userspace
- Index(es):
 |