diff options
| author | Tejun Heo <tj@kernel.org> | 2014-05-19 15:52:10 -0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2014-06-07 10:28:24 -0700 |
| commit | 43d3b56b2e8c6c6ffdd988187a096e5c24cb5a8b (patch) | |
| tree | 730665f2a702e1749b23ab00880820508f1f727a /fs/proc_namespace.c | |
| parent | bae3622bb8afd02343c79949635b8d84c2cf3485 (diff) | |
sysfs: make sure read buffer is zeroed
commit f5c16f29bf5e57ba4051fc7785ba7f035f798c71 upstream.
13c589d5b0ac ("sysfs: use seq_file when reading regular files")
switched sysfs from custom read implementation to seq_file to enable
later transition to kernfs. After the change, the buffer passed to
->show() is acquired through seq_get_buf(); unfortunately, this
introduces a subtle behavior change. Before the commit, the buffer
passed to ->show() was always zero as it was allocated using
get_zeroed_page(). Because seq_file doesn't clear buffers on
allocation and neither does seq_get_buf(), after the commit, depending
on the behavior of ->show(), we may end up exposing uninitialized data
to userland thus possibly altering userland visible behavior and
leaking information.
Fix it by explicitly clearing the buffer.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Ron <ron@debian.org>
Fixes: 13c589d5b0ac ("sysfs: use seq_file when reading regular files")
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'fs/proc_namespace.c')
0 files changed, 0 insertions, 0 deletions