Re: [PATCH] drm/compat: Clear bounce structures

From: Maxime Ripard <hidden>
Date: 2021-02-25 16:52:16
Also in: dri-devel, intel-gfx

On Mon, Feb 22, 2021 at 11:06:43AM +0100, Daniel Vetter wrote:

Some of them have gaps, or fields we don't clear. Native ioctl code
does full copies plus zero-extends on size mismatch, so nothing can
leak. But compat is more hand-rolled so need to be careful.

None of these matter for performance, so just memset.

Also I didn't fix up the CONFIG_DRM_LEGACY or CONFIG_DRM_AGP ioctl, those
are security holes anyway.

Reported-by: syzbot+620cf21140fc7e772a5d@syzkaller.appspotmail.com # vblank ioctl
Cc: syzbot+620cf21140fc7e772a5d@syzkaller.appspotmail.com
Cc: stable@vger.kernel.org
Signed-off-by: Daniel Vetter <redacted>

Acked-by: Maxime Ripard <mripard@kernel.org>

Maxime

Attachments

signature.asc [application/pgp-signature] 228 bytes

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help