On 4/3/17 2:42 PM, Darrick J. Wong wrote:
> On Mon, Apr 03, 2017 at 10:34:30AM -0700, Darrick J. Wong wrote:
>> Fix a memory exposure problems in inumbers where we allocate an array of
>> structures with holes, fail to zero the holes, then blindly copy the
>> kernel memory contents (junk and all) into userspace.
>>
>> Signed-off-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
>> Reviewed-by: Christoph Hellwig <hch@xxxxxx>
>
> BTW, I intend to send this patch (though not the getbmap patch) for 4.11
> since kernel memory exposure is usually treated as a security problem.
I agree with that plan; if this change isn't safe I don't know what
is ...
-Eric
> --D
>
>> ---
>> v2: split patches
>> ---
>> fs/xfs/xfs_itable.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/fs/xfs/xfs_itable.c b/fs/xfs/xfs_itable.c
>> index 2a6d9b1..26d67ce 100644
>> --- a/fs/xfs/xfs_itable.c
>> +++ b/fs/xfs/xfs_itable.c
>> @@ -583,7 +583,7 @@ xfs_inumbers(
>> return error;
>>
>> bcount = MIN(left, (int)(PAGE_SIZE / sizeof(*buffer)));
>> - buffer = kmem_alloc(bcount * sizeof(*buffer), KM_SLEEP);
>> + buffer = kmem_zalloc(bcount * sizeof(*buffer), KM_SLEEP);
>> do {
>> struct xfs_inobt_rec_incore r;
>> int stat;
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-xfs" in
>> the body of a message to majordomo@xxxxxxxxxxxxxxx
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
> --
> To unsubscribe from this list: send the line "unsubscribe linux-xfs" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
To unsubscribe from this list: send the line "unsubscribe linux-xfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
