diff options
| author | Darrick J. Wong <darrick.wong@oracle.com> | 2017-04-03 15:17:53 -0700 |
|---|---|---|
| committer | Darrick J. Wong <darrick.wong@oracle.com> | 2017-04-03 15:18:15 -0700 |
| commit | f1c0e20243baca1194fccfdf0111831bee12647c (patch) | |
| tree | 2ae4bba79108dda7cc01fbf1a877e2be3c94ff39 | |
| parent | 105664df51648d6376bda2895a890e786d0426ee (diff) | |
| download | linux-exynos-f1c0e20243baca1194fccfdf0111831bee12647c.tar.gz linux-exynos-f1c0e20243baca1194fccfdf0111831bee12647c.tar.bz2 linux-exynos-f1c0e20243baca1194fccfdf0111831bee12647c.zip | |
xfs: fix kernel memory exposure problems
Fix a memory exposure problems in inumbers where we allocate an array of
structures with holes, fail to zero the holes, then blindly copy the
kernel memory contents (junk and all) into userspace.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
| -rw-r--r-- | fs/xfs/xfs_itable.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/xfs/xfs_itable.c b/fs/xfs/xfs_itable.c index 2a6d9b1558e0..26d67ce3c18d 100644 --- a/fs/xfs/xfs_itable.c +++ b/fs/xfs/xfs_itable.c @@ -583,7 +583,7 @@ xfs_inumbers( return error; bcount = MIN(left, (int)(PAGE_SIZE / sizeof(*buffer))); - buffer = kmem_alloc(bcount * sizeof(*buffer), KM_SLEEP); + buffer = kmem_zalloc(bcount * sizeof(*buffer), KM_SLEEP); do { struct xfs_inobt_rec_incore r; int stat; |