On Thu, Feb 25, 2021 at 05:49:11PM +0100, Maxime Ripard wrote:
On Mon, Feb 22, 2021 at 11:06:43AM +0100, Daniel Vetter wrote:
quoted
Some of them have gaps, or fields we don't clear. Native ioctl code
does full copies plus zero-extends on size mismatch, so nothing can
leak. But compat is more hand-rolled so need to be careful.
None of these matter for performance, so just memset.
Also I didn't fix up the CONFIG_DRM_LEGACY or CONFIG_DRM_AGP ioctl, those
are security holes anyway.
Reported-by: syzbot+620cf21140fc7e772a5d@syzkaller.appspotmail.com # vblank ioctl
Cc: syzbot+620cf21140fc7e772a5d@syzkaller.appspotmail.com
Cc: stable@vger.kernel.org
Signed-off-by: Daniel Vetter <redacted>
Acked-by: Maxime Ripard <mripard@kernel.org>
Merged to drm-misc-next, thanks for taking a look.
-Daniel
--
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch