From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E399CCA9ECB for ; Thu, 31 Oct 2019 22:12:26 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id BEC7320862 for ; Thu, 31 Oct 2019 22:12:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730009AbfJaWMZ (ORCPT ); Thu, 31 Oct 2019 18:12:25 -0400 Received: from out01.mta.xmission.com ([166.70.13.231]:60523 "EHLO out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726602AbfJaWMZ (ORCPT ); Thu, 31 Oct 2019 18:12:25 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]) by out01.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1iQIg0-0007kM-Ml; Thu, 31 Oct 2019 16:12:20 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95] helo=x220.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from ) id 1iQIfz-0005t2-OP; Thu, 31 Oct 2019 16:12:20 -0600 From: ebiederm@xmission.com (Eric W. Biederman) To: Joe Perches Cc: Andrea Righi , Dan Carpenter , Bartlomiej Zolnierkiewicz , Daniel Vetter , Sam Ravnborg , Maarten Lankhorst , Peter Rosin , Gerd Hoffmann , dri-devel@lists.freedesktop.org, linux-fbdev@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-janitors@vger.kernel.org, security@kernel.org, Kees Cook , Julia Lawall References: <20191029182320.GA17569@mwanda> <87zhhjjryk.fsf@x220.int.ebiederm.org> <20191030074321.GD2656@xps-13> <87r22ujaqq.fsf@x220.int.ebiederm.org> <20191030201201.GA3209@xps-13> <734ef2833e4e4e7bded92e9d964bc2415aadf3c4.camel@perches.com> Date: Thu, 31 Oct 2019 17:12:10 -0500 In-Reply-To: <734ef2833e4e4e7bded92e9d964bc2415aadf3c4.camel@perches.com> (Joe Perches's message of "Thu, 31 Oct 2019 11:16:39 -0700") Message-ID: <87ftj8k1j9.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1iQIfz-0005t2-OP;;;mid=<87ftj8k1j9.fsf@x220.int.ebiederm.org>;;;hst=in02.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX1+Wj6J2YX8vDTKT+N1A+xx3aEijyjCXou4= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com Subject: Re: [PATCH] fbdev: potential information leak in do_fb_ioctl() X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Joe Perches writes: > On Wed, 2019-10-30 at 21:12 +0100, Andrea Righi wrote: >> Then memset() + memcpy() is probably the best option, >> since copying all those fields one by one looks quite ugly to me... > > A memset of an automatic before a memcpy to the same > automatic is unnecessary. You still need to guarantee that all of the holes in the structure you are copying are initialized before you copy it. Otherwise you are just changing which unitialized memory that is being copied to userspace. Which is my concern with your very simple suggestion. Eric From mboxrd@z Thu Jan 1 00:00:00 1970 From: ebiederm@xmission.com (Eric W. Biederman) Date: Thu, 31 Oct 2019 22:12:10 +0000 Subject: Re: [PATCH] fbdev: potential information leak in do_fb_ioctl() Message-Id: <87ftj8k1j9.fsf@x220.int.ebiederm.org> List-Id: References: <20191029182320.GA17569@mwanda> <87zhhjjryk.fsf@x220.int.ebiederm.org> <20191030074321.GD2656@xps-13> <87r22ujaqq.fsf@x220.int.ebiederm.org> <20191030201201.GA3209@xps-13> <734ef2833e4e4e7bded92e9d964bc2415aadf3c4.camel@perches.com> In-Reply-To: <734ef2833e4e4e7bded92e9d964bc2415aadf3c4.camel@perches.com> (Joe Perches's message of "Thu, 31 Oct 2019 11:16:39 -0700") MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: Joe Perches Cc: Andrea Righi , Dan Carpenter , Bartlomiej Zolnierkiewicz , Daniel Vetter , Sam Ravnborg , Maarten Lankhorst , Peter Rosin , Gerd Hoffmann , dri-devel@lists.freedesktop.org, linux-fbdev@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-janitors@vger.kernel.org, security@kernel.org, Kees Cook , Julia Lawall Joe Perches writes: > On Wed, 2019-10-30 at 21:12 +0100, Andrea Righi wrote: >> Then memset() + memcpy() is probably the best option, >> since copying all those fields one by one looks quite ugly to me... > > A memset of an automatic before a memcpy to the same > automatic is unnecessary. You still need to guarantee that all of the holes in the structure you are copying are initialized before you copy it. Otherwise you are just changing which unitialized memory that is being copied to userspace. Which is my concern with your very simple suggestion. Eric From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4EEBBCA9EC9 for ; Fri, 1 Nov 2019 08:10:37 +0000 (UTC) Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2D0A2208E3 for ; Fri, 1 Nov 2019 08:10:37 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2D0A2208E3 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=xmission.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=dri-devel-bounces@lists.freedesktop.org Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 77A356F760; Fri, 1 Nov 2019 08:10:27 +0000 (UTC) Received: from out01.mta.xmission.com (out01.mta.xmission.com [166.70.13.231]) by gabe.freedesktop.org (Postfix) with ESMTPS id 2435F6F665 for ; Thu, 31 Oct 2019 22:12:25 +0000 (UTC) Received: from in02.mta.xmission.com ([166.70.13.52]) by out01.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1iQIg0-0007kM-Ml; Thu, 31 Oct 2019 16:12:20 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95] helo=x220.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from ) id 1iQIfz-0005t2-OP; Thu, 31 Oct 2019 16:12:20 -0600 From: ebiederm@xmission.com (Eric W. Biederman) To: Joe Perches References: <20191029182320.GA17569@mwanda> <87zhhjjryk.fsf@x220.int.ebiederm.org> <20191030074321.GD2656@xps-13> <87r22ujaqq.fsf@x220.int.ebiederm.org> <20191030201201.GA3209@xps-13> <734ef2833e4e4e7bded92e9d964bc2415aadf3c4.camel@perches.com> Date: Thu, 31 Oct 2019 17:12:10 -0500 In-Reply-To: <734ef2833e4e4e7bded92e9d964bc2415aadf3c4.camel@perches.com> (Joe Perches's message of "Thu, 31 Oct 2019 11:16:39 -0700") Message-ID: <87ftj8k1j9.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 X-XM-SPF: eid=1iQIfz-0005t2-OP; ; ; mid=<87ftj8k1j9.fsf@x220.int.ebiederm.org>; ; ; hst=in02.mta.xmission.com; ; ; ip=68.227.160.95; ; ; frm=ebiederm@xmission.com; ; ; spf=neutral X-XM-AID: U2FsdGVkX1+Wj6J2YX8vDTKT+N1A+xx3aEijyjCXou4= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com Subject: Re: [PATCH] fbdev: potential information leak in do_fb_ioctl() X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) X-Mailman-Approved-At: Fri, 01 Nov 2019 08:09:55 +0000 X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linux-fbdev@vger.kernel.org, security@kernel.org, Kees Cook , Julia Lawall , Bartlomiej Zolnierkiewicz , kernel-janitors@vger.kernel.org, Daniel Vetter , linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org, Andrea Righi , Gerd Hoffmann , Sam Ravnborg , Peter Rosin , Dan Carpenter Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" Message-ID: <20191031221210.laFf7D6ZoeSRgvAQnU3k6wjtCTGn5d5yGC84QYxI3co@z> Sm9lIFBlcmNoZXMgPGpvZUBwZXJjaGVzLmNvbT4gd3JpdGVzOgoKPiBPbiBXZWQsIDIwMTktMTAt MzAgYXQgMjE6MTIgKzAxMDAsIEFuZHJlYSBSaWdoaSB3cm90ZToKPj4gVGhlbiBtZW1zZXQoKSAr IG1lbWNweSgpIGlzIHByb2JhYmx5IHRoZSBiZXN0IG9wdGlvbiwKPj4gc2luY2UgY29weWluZyBh bGwgdGhvc2UgZmllbGRzIG9uZSBieSBvbmUgbG9va3MgcXVpdGUgdWdseSB0byBtZS4uLgo+Cj4g QSBtZW1zZXQgb2YgYW4gYXV0b21hdGljIGJlZm9yZSBhIG1lbWNweSB0byB0aGUgc2FtZQo+IGF1 dG9tYXRpYyBpcyB1bm5lY2Vzc2FyeS4KCllvdSBzdGlsbCBuZWVkIHRvIGd1YXJhbnRlZSB0aGF0 IGFsbCBvZiB0aGUgaG9sZXMgaW4gdGhlCnN0cnVjdHVyZSB5b3UgYXJlIGNvcHlpbmcgYXJlIGlu aXRpYWxpemVkIGJlZm9yZSB5b3UgY29weSBpdC4KCk90aGVyd2lzZSB5b3UgYXJlIGp1c3QgY2hh bmdpbmcgd2hpY2ggdW5pdGlhbGl6ZWQgbWVtb3J5IHRoYXQKaXMgYmVpbmcgY29waWVkIHRvIHVz ZXJzcGFjZS4KCldoaWNoIGlzIG15IGNvbmNlcm4gd2l0aCB5b3VyIHZlcnkgc2ltcGxlIHN1Z2dl c3Rpb24uCgpFcmljCgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fXwpkcmktZGV2ZWwgbWFpbGluZyBsaXN0CmRyaS1kZXZlbEBsaXN0cy5mcmVlZGVza3RvcC5v cmcKaHR0cHM6Ly9saXN0cy5mcmVlZGVza3RvcC5vcmcvbWFpbG1hbi9saXN0aW5mby9kcmktZGV2 ZWw=