Message ID | 20200728022859.381819-1-yepeilin.cs@gmail.com |
---|---|
State | Changes Requested |
Delegated to: | BPF Maintainers |
Headers | show |
Series | [Linux-kernel-mentees,net] xdp: Prevent kernel-infoleak in xsk_getsockopt() | expand |
On Mon, Jul 27, 2020 at 7:30 PM Peilin Ye <yepeilin.cs@gmail.com> wrote: > > xsk_getsockopt() is copying uninitialized stack memory to userspace when > `extra_stats` is `false`. Fix it by initializing `stats` with memset(). > > Cc: stable@vger.kernel.org 8aa5a33578e9 is not in stable branches yet, so we don't need to Cc stable. > Fixes: 8aa5a33578e9 ("xsk: Add new statistics") > Suggested-by: Dan Carpenter <dan.carpenter@oracle.com> > Signed-off-by: Peilin Ye <yepeilin.cs@gmail.com> > --- > net/xdp/xsk.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/net/xdp/xsk.c b/net/xdp/xsk.c > index 26e3bba8c204..acf001908a0d 100644 > --- a/net/xdp/xsk.c > +++ b/net/xdp/xsk.c > @@ -844,6 +844,8 @@ static int xsk_getsockopt(struct socket *sock, int level, int optname, > bool extra_stats = true; > size_t stats_size; > > + memset(&stats, 0, sizeof(stats)); > + xsk.c doesn't include linux/string.h directly, so using memset may break build for some config combinations. We can probably just use struct xdp_statistics stats = {}; Thanks, Song > if (len < sizeof(struct xdp_statistics_v1)) { > return -EINVAL; > } else if (len < sizeof(stats)) { > -- > 2.25.1 >
On Mon, Jul 27, 2020 at 10:07:20PM -0700, Song Liu wrote: > On Mon, Jul 27, 2020 at 7:30 PM Peilin Ye <yepeilin.cs@gmail.com> wrote: > > > > xsk_getsockopt() is copying uninitialized stack memory to userspace when > > `extra_stats` is `false`. Fix it by initializing `stats` with memset(). > > > > Cc: stable@vger.kernel.org > > 8aa5a33578e9 is not in stable branches yet, so we don't need to Cc stable. > > > Fixes: 8aa5a33578e9 ("xsk: Add new statistics") > > Suggested-by: Dan Carpenter <dan.carpenter@oracle.com> > > Signed-off-by: Peilin Ye <yepeilin.cs@gmail.com> > > --- > > net/xdp/xsk.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/net/xdp/xsk.c b/net/xdp/xsk.c > > index 26e3bba8c204..acf001908a0d 100644 > > --- a/net/xdp/xsk.c > > +++ b/net/xdp/xsk.c > > @@ -844,6 +844,8 @@ static int xsk_getsockopt(struct socket *sock, int level, int optname, > > bool extra_stats = true; > > size_t stats_size; > > > > + memset(&stats, 0, sizeof(stats)); > > + > > xsk.c doesn't include linux/string.h directly, so using memset may break > build for some config combinations. We can probably just use > > struct xdp_statistics stats = {}; I see. I will send v2 soon. Thank you for reviewing the patch! Peilin Ye
diff --git a/net/xdp/xsk.c b/net/xdp/xsk.c index 26e3bba8c204..acf001908a0d 100644 --- a/net/xdp/xsk.c +++ b/net/xdp/xsk.c @@ -844,6 +844,8 @@ static int xsk_getsockopt(struct socket *sock, int level, int optname, bool extra_stats = true; size_t stats_size; + memset(&stats, 0, sizeof(stats)); + if (len < sizeof(struct xdp_statistics_v1)) { return -EINVAL; } else if (len < sizeof(stats)) {
xsk_getsockopt() is copying uninitialized stack memory to userspace when `extra_stats` is `false`. Fix it by initializing `stats` with memset(). Cc: stable@vger.kernel.org Fixes: 8aa5a33578e9 ("xsk: Add new statistics") Suggested-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Peilin Ye <yepeilin.cs@gmail.com> --- net/xdp/xsk.c | 2 ++ 1 file changed, 2 insertions(+)