Re: [PATCH] gpio: Fix kernel stack leak to userspace

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2018-01-22 13:21 GMT+01:00 Linus Walleij <linus.walleij@xxxxxxxxxx>:
> The GPIO event descriptor was leaking kernel stack to
> userspace because we don't zero the variable before
> use. Ooops. Fix this.
>
> Cc: stable@xxxxxxxxxxxxxxx
> Cc: Bartosz Golaszewski <brgl@xxxxxxxx>
> Cc: Arnd Bergmann <arnd@xxxxxxxx>
> Reported-by: Arnd Bergmann <arnd@xxxxxxxx>
> Signed-off-by: Linus Walleij <linus.walleij@xxxxxxxxxx>
> ---
>  drivers/gpio/gpiolib.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c
> index 37e31ba82ca0..754836e4ca0e 100644
> --- a/drivers/gpio/gpiolib.c
> +++ b/drivers/gpio/gpiolib.c
> @@ -744,6 +744,9 @@ static irqreturn_t lineevent_irq_thread(int irq, void *p)
>         struct gpioevent_data ge;
>         int ret, level;
>
> +       /* Do not leak kernel stack to userspace */
> +       memset(&ge, 0, sizeof(ge));
> +
>         ge.timestamp = ktime_get_real_ns();
>         level = gpiod_get_value_cansleep(le->desc);
>
> --
> 2.14.3
>

Reviewed-by: Bartosz Golaszewski <brgl@xxxxxxxx>



[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]