diff options
author | Michal Hocko <mhocko@suse.com> | 2017-05-08 15:57:24 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-05-08 17:15:12 -0700 |
commit | 81be3dee96346fbe08c31be5ef74f03f6b63cf68 (patch) | |
tree | 0da1345c2f9b956b944c442e1df062dce6d692f9 /security/keys | |
parent | 847f716f9ec2c61f57690c871a307f1349d472d0 (diff) | |
download | linux-81be3dee96346fbe08c31be5ef74f03f6b63cf68.tar.bz2 |
fs/xattr.c: zero out memory copied to userspace in getxattr
getxattr uses vmalloc to allocate memory if kzalloc fails. This is
filled by vfs_getxattr and then copied to the userspace. vmalloc,
however, doesn't zero out the memory so if the specific implementation
of the xattr handler is sloppy we can theoretically expose a kernel
memory. There is no real sign this is really the case but let's make
sure this will not happen and use vzalloc instead.
Fixes: 779302e67835 ("fs/xattr.c:getxattr(): improve handling of allocation failures")
Link: http://lkml.kernel.org/r/20170306103327.2766-1-mhocko@kernel.org
Acked-by: Kees Cook <keescook@chromium.org>
Reported-by: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: Michal Hocko <mhocko@suse.com>
Cc: <stable@vger.kernel.org> [3.6+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security/keys')
0 files changed, 0 insertions, 0 deletions