From: Edward Cree <ecree@solarflare.com>
To: Kangjie Lu <kangjielu@gmail.com>, <davem@davemloft.net>
Cc: <ben@decadent.org.uk>, <kan.liang@intel.com>,
<netdev@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
<taesoo@gatech.edu>, <csong84@gatech.edu>,
Kangjie Lu <kjlu@gatech.edu>
Subject: Re: [PATCH] ethtool: fix a kernel infoleak in ethtool_get_pauseparam
Date: Wed, 1 Jun 2016 15:57:33 +0100 [thread overview]
Message-ID: <574EF7DD.9060905@solarflare.com> (raw)
In-Reply-To: <1464791961-8169-1-git-send-email-kjlu@gatech.edu>
On 01/06/16 15:39, Kangjie Lu wrote:
> The field autoneg of pauseparam is not initialized in some
> implementations of get_pauseparam(), but the whole object is
> copied to userland.
>
> Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
> ---
> net/core/ethtool.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/net/core/ethtool.c b/net/core/ethtool.c
> index f426c5a..84544bd 100644
> --- a/net/core/ethtool.c
> +++ b/net/core/ethtool.c
> @@ -1723,7 +1723,10 @@ static noinline_for_stack int ethtool_set_channels(struct net_device *dev,
>
> static int ethtool_get_pauseparam(struct net_device *dev, void __user *useraddr)
> {
> - struct ethtool_pauseparam pauseparam = { ETHTOOL_GPAUSEPARAM };
AIUI an incomplete compound initialiser will fill all unspecified fields
with zeroes of the appropriate type. So this patch is unnecessary.
Per C99, §6.7.8.21:
> If there are fewer initializers in a brace-enclosed list than there are elements or members of an aggregate [...] the remainder of the aggregate shall be initialized implicitly the same as objects that have static storage duration.
-Ed
> + struct ethtool_pauseparam pauseparam;
> +
> + memset(&pauseparam, 0, sizeof(pauseparam));
> + pauseparam.cmd = ETHTOOL_GPAUSEPARAM;
>
> if (!dev->ethtool_ops->get_pauseparam)
> return -EOPNOTSUPP;
next prev parent reply other threads:[~2016-06-01 15:05 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-01 14:39 [PATCH] ethtool: fix a kernel infoleak in ethtool_get_pauseparam Kangjie Lu
2016-06-01 14:57 ` Edward Cree [this message]
2016-06-01 17:14 ` Ben Hutchings
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=574EF7DD.9060905@solarflare.com \
--to=ecree@solarflare.com \
--cc=ben@decadent.org.uk \
--cc=csong84@gatech.edu \
--cc=davem@davemloft.net \
--cc=kan.liang@intel.com \
--cc=kangjielu@gmail.com \
--cc=kjlu@gatech.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=taesoo@gatech.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.