From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754133AbcHVIir (ORCPT <rfc822;w@1wt.eu>);
        Mon, 22 Aug 2016 04:38:47 -0400
Received: from mga05.intel.com ([192.55.52.43]:24868 "EHLO mga05.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1750839AbcHVIip (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 22 Aug 2016 04:38:45 -0400
X-Greylist: delayed 575 seconds by postgrey-1.27 at vger.kernel.org; Mon, 22 Aug 2016 04:38:45 EDT
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.28,559,1464678000"; 
   d="scan'208";a="1045237044"
From: Jani Nikula <jani.nikula@linux.intel.com>
To: Daniel Vetter <daniel@ffwll.ch>,
        Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org
Subject: Re: [PATCH 1/1] drm: avoid exposing kernel stack in compat_drm_getstats
In-Reply-To: <20160822072718.GC6232@phenom.ffwll.local>
Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo
References: <1471802179-2886-1-git-send-email-xypron.glpk@gmx.de> <20160822072718.GC6232@phenom.ffwll.local>
User-Agent: Notmuch/0.22.1+63~g648dcc7 (https://notmuchmail.org) Emacs/24.4.1 (x86_64-pc-linux-gnu)
Date: Mon, 22 Aug 2016 11:29:07 +0300
Message-ID: <87fupxurzg.fsf@intel.com>
MIME-Version: 1.0
Content-Type: text/plain
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, 22 Aug 2016, Daniel Vetter <daniel@ffwll.ch> wrote:
> On Sun, Aug 21, 2016 at 07:56:19PM +0200, Heinrich Schuchardt wrote:
>> The C standard does not specify the size of the integer used
>> to store an enum. Hence in structure drm_stats32_t alignment
>> bytes may exist.
>> 
>> To avoid exposing bytes from the kernel stack it is
>> necessary to initialize variable s32 completely.
>> 
>> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
>
> Applied to drm-misc, thanks.
> -Daniel
>
>> ---
>>  drivers/gpu/drm/drm_ioc32.c | 1 +
>>  1 file changed, 1 insertion(+)
>> 
>> diff --git a/drivers/gpu/drm/drm_ioc32.c b/drivers/gpu/drm/drm_ioc32.c
>> index 57676f8..32a489b 100644
>> --- a/drivers/gpu/drm/drm_ioc32.c
>> +++ b/drivers/gpu/drm/drm_ioc32.c
>> @@ -346,6 +346,7 @@ static int compat_drm_getstats(struct file *file, unsigned int cmd,
>>  	struct drm_stats __user *stats;
>>  	int i, err;
>>  
>> +	memset(&s32, 0, sizeof(drm_stats32_t));

For future reference,

	memset(&s32, 0, sizeof(s32));

is the better approach, avoiding problems if the type of s32 ever
changes.

BR,
Jani.


>>  	stats = compat_alloc_user_space(sizeof(*stats));
>>  	if (!stats)
>>  		return -EFAULT;
>> -- 
>> 2.1.4
>> 
>> _______________________________________________
>> dri-devel mailing list
>> dri-devel@lists.freedesktop.org
>> https://lists.freedesktop.org/mailman/listinfo/dri-devel

-- 
Jani Nikula, Intel Open Source Technology Center