From mboxrd@z Thu Jan  1 00:00:00 1970
From: Vlad Tsyrklevich <vlad@tsyrklevich.net>
Date: Thu, 26 Jan 2017 15:54:21 +0700
Subject: [Cluster-devel] [PATCH] fs/dlm: Fix kernel memory disclosure
In-Reply-To: <1483968444-5460-1-git-send-email-vlad@tsyrklevich.net>
References: <1483968444-5460-1-git-send-email-vlad@tsyrklevich.net>
Message-ID: <CAH0z3hPjz7eg-hpQqM8aZY9pUb=MVWGf6T8w3vx+C81n3EAV0Q@mail.gmail.com>
List-Id: <cluster-devel.redhat.com>
To: cluster-devel.redhat.com
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hello, I wanted to ping the list and see if this could get a review.

On Mon, Jan 9, 2017 at 8:27 PM, Vlad Tsyrklevich <vlad@tsyrklevich.net> wrote:
> Clear the 'unused' field to avoid leaking memory to userland in
> copy_result_to_user().
>
> Signed-off-by: Vlad Tsyrklevich <vlad@tsyrklevich.net>
> ---
>  fs/dlm/user.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/fs/dlm/user.c b/fs/dlm/user.c
> index 1ce908c..0570711 100644
> --- a/fs/dlm/user.c
> +++ b/fs/dlm/user.c
> @@ -138,6 +138,8 @@ static void compat_output(struct dlm_lock_result *res,
>         res32->lksb.sb_flags = res->lksb.sb_flags;
>         res32->lksb.sb_lkid = res->lksb.sb_lkid;
>         res32->lksb.sb_lvbptr = (__u32)(long)res->lksb.sb_lvbptr;
> +
> +       memset(&res32->unused, 0, sizeof(res32->unused));
>  }
>  #endif
>
> --
> 2.7.0
>