summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Walleij <linus.walleij@linaro.org>2018-01-22 15:19:28 +0300
committerLinus Walleij <linus.walleij@linaro.org>2018-01-23 16:43:45 +0300
commit24bd3efc9d1efb5f756a7c6f807a36ddb6adc671 (patch)
tree80b9be8d100ed71c1754150950e4c61033cb59de
parent2046362cf11d3dcb0c6904f7f3209c568d7858b3 (diff)
downloadlinux-24bd3efc9d1efb5f756a7c6f807a36ddb6adc671.tar.xz
gpio: Fix kernel stack leak to userspace
The GPIO event descriptor was leaking kernel stack to userspace because we don't zero the variable before use. Ooops. Fix this. Cc: stable@vger.kernel.org Reported-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Bartosz Golaszewski <brgl@bgdev.pl> Reviewed-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
-rw-r--r--drivers/gpio/gpiolib.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c
index 37e31ba82ca0..754836e4ca0e 100644
--- a/drivers/gpio/gpiolib.c
+++ b/drivers/gpio/gpiolib.c
@@ -744,6 +744,9 @@ static irqreturn_t lineevent_irq_thread(int irq, void *p)
struct gpioevent_data ge;
int ret, level;
+ /* Do not leak kernel stack to userspace */
+ memset(&ge, 0, sizeof(ge));
+
ge.timestamp = ktime_get_real_ns();
level = gpiod_get_value_cansleep(le->desc);