Re: [Linux-kernel-mentees] [PATCH net v2] xdp: Prevent kernel-infoleak in xsk_getsockopt()

From: Daniel Borkmann
Date: Tue Jul 28 2020 - 06:54:45 EST

Next message: Mike Rapoport: "Re: [PATCH 14/15] x86/numa: remove redundant iteration over memblock.reserved"
Previous message: peterz: "Re: [PATCH 23/24] x86: use asm-generic/mmu_context.h for no-op implementations"
In reply to: Arnd Bergmann: "Re: [Linux-kernel-mentees] [PATCH net v2] xdp: Prevent kernel-infoleak in xsk_getsockopt()"
Next in thread: Peilin Ye: "Re: [Linux-kernel-mentees] [PATCH net v2] xdp: Prevent kernel-infoleak in xsk_getsockopt()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 7/28/20 7:36 AM, Peilin Ye wrote:

xsk_getsockopt() is copying uninitialized stack memory to userspace when
`extra_stats` is `false`. Fix it.

Fixes: 8aa5a33578e9 ("xsk: Add new statistics")
Suggested-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Signed-off-by: Peilin Ye <yepeilin.cs@xxxxxxxxx>
---
Doing `= {};` is sufficient since currently `struct xdp_statistics` is
defined as follows:

struct xdp_statistics {
__u64 rx_dropped;
__u64 rx_invalid_descs;
__u64 tx_invalid_descs;
__u64 rx_ring_full;
__u64 rx_fill_ring_empty_descs;
__u64 tx_ring_empty_descs;
};

When being copied to the userspace, `stats` will not contain any
uninitialized "holes" between struct fields.

I've added above explanation to the commit log since it's useful reasoning for later
on 'why' something has been done a certain way. Applied, thanks Peilin!

Next message: Mike Rapoport: "Re: [PATCH 14/15] x86/numa: remove redundant iteration over memblock.reserved"
Previous message: peterz: "Re: [PATCH 23/24] x86: use asm-generic/mmu_context.h for no-op implementations"
In reply to: Arnd Bergmann: "Re: [Linux-kernel-mentees] [PATCH net v2] xdp: Prevent kernel-infoleak in xsk_getsockopt()"
Next in thread: Peilin Ye: "Re: [Linux-kernel-mentees] [PATCH net v2] xdp: Prevent kernel-infoleak in xsk_getsockopt()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]