| Message ID | 1707110377-1483-1-git-send-email-ajay.kaher@broadcom.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel+bounces-52045-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7301:168b:b0:106:860b:bbdd with SMTP id
ma11csp738435dyb;
Mon, 5 Feb 2024 00:25:43 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IH9SeB7OgC+uj9sjIEdblYkn/tOkLgevxHVMMxUTXTEgYKz3alPlTJgxximgHwoSdQ0U90I
X-Received: by 2002:ac8:7fd4:0:b0:42b:fef7:2390 with SMTP id
b20-20020ac87fd4000000b0042bfef72390mr8619645qtk.29.1707121543604;
Mon, 05 Feb 2024 00:25:43 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1707121543; cv=pass;
d=google.com; s=arc-20160816;
b=wXrn7PBr90yEAb8RoWhFRvQ+RxwAK0EXWoajD8R4jZxigAgZkCbsFfAlXZiguL68xO
4EOLc/gEHVsZjm6vGkzpbg5TtAw4Wkr62eCEMgrsYFRnXRVh2OJQ9GPoNKVJSJTP/bcN
GECOVvTwYGi474DIe1JcAjFDutYLJrcFQTcmr5W4Jul53nGGBzx36Fq9yb9hzQlfEXHO
p0hgx4gRYlbM67l7scJCfKV9XzfJ0PBTPoh9ywzMeaO4/zWlZrficm1yhcQ1RORBxYV+
qzunKwcIRYLy59zMYXbGzYNWTwL6fWE40KI3+FOodGNzdPZTIFUO6kjE/bhptyMlbx/w
6zag==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-unsubscribe:list-subscribe:list-id:precedence:message-id:date
:subject:cc:to:from:dkim-signature;
bh=dW5zoXaotbxS+SYq2Yu+7hcfyLit5t9UvVc+9SbtbuU=;
fh=1onBSa2FBLk3psT77slZj+iib4RVucvwlaDw7Hx/bh0=;
b=WOjGNRAlGzqtS9zX1d1I25JoVNmiL9VGu2YEZzEMelGTWHujpB5ZlyfM1eAiTkoIx8
oWIggXAK0jhecy/z9TLra+kyX3G8b8LdVBF62xnH/HpwkeA05yv/mqDZMuI2jE0ECkoN
oPQTMkWFMVFFJVgmk9wBzeyXAozVnbxU7UCLFe1lXVGMwBYpFemrovGcKnTXjyy5m1iU
mAmPMf0Z3UQKBhIok2MxA9MUZtnhXmuWk5C/yy25Jd4Stfctp14GlqWsdXCIIO2A4nyO
YXcRlOv3WVtZTizyhRVkKruBuUCEtsDCrbplmzQJ5oMOvo6ZJOarJ0feMezT90mnpPCE
IRdA==;
dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
dkim=pass header.i=@broadcom.com header.s=google header.b=cKMjr0dC;
arc=pass (i=1 dkim=pass dkdomain=broadcom.com dmarc=pass
fromdomain=broadcom.com);
spf=pass (google.com: domain of
linux-kernel+bounces-52045-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.199.223 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-52045-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE)
header.from=broadcom.com
X-Forwarded-Encrypted: i=1;
AJvYcCWUngjO5INXlUgxtgXMJrFVZ+M0AOOWyCekb/YbvQLG1oWDJLCDi0E1qRrzVYXhrVofRQyX9rKbMCma2DyIU8iMpiuUDQ==
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223])
by mx.google.com with ESMTPS id
t12-20020a05622a148c00b0042c2cc19ea2si197453qtx.267.2024.02.05.00.25.43
for <ouuuleilei@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Mon, 05 Feb 2024 00:25:43 -0800 (PST)
Received-SPF: pass (google.com: domain of
linux-kernel+bounces-52045-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.199.223 as permitted sender) client-ip=147.75.199.223;
Authentication-Results: mx.google.com;
dkim=pass header.i=@broadcom.com header.s=google header.b=cKMjr0dC;
arc=pass (i=1 dkim=pass dkdomain=broadcom.com dmarc=pass
fromdomain=broadcom.com);
spf=pass (google.com: domain of
linux-kernel+bounces-52045-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.199.223 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-52045-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE)
header.from=broadcom.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
[52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ny.mirrors.kernel.org (Postfix) with ESMTPS id 0B2311C22545
for <ouuuleilei@gmail.com>; Mon, 5 Feb 2024 05:20:28 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id E16E5BE4B;
Mon, 5 Feb 2024 05:20:05 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com
header.b="cKMjr0dC"
Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com
[209.85.215.177])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id 57863BE5D
for <linux-kernel@vger.kernel.org>; Mon, 5 Feb 2024 05:20:01 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
arc=none smtp.client-ip=209.85.215.177
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
t=1707110402; cv=none;
b=rOPrtJD6hfGhgLXIanbBV/FWiYYKsVZKlNstOwP/Pk8ud3No1qW5/Q9beBHOCjodW6dUyOKaE1VruViF9wdtiJMtEnuPXxKORAfR/mXKlKKWpGPlsytgRb0SLTubBcfuBfY3/9574gKwujHpqli4wC7/nzh8p9z/gLlonVfNlOE=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
s=arc-20240116; t=1707110402; c=relaxed/simple;
bh=b/F/IvZJvxSYV6yT8GonNahencq0VCJX3syNSsaFNgM=;
h=From:To:Cc:Subject:Date:Message-Id;
b=Tx6N5WjhskSv6wrmB48ITUUwYxqapn5HT8o8jmKrPg8+qlZommePE26GJSe4m2U/gBso0DdCpeyUbYgtv4GoMCLXbFCI2PVRvyKE6SojCPagmuHcauCO28xARv7NEZTnUwkmSDSpKUg7SrGEIJi37e61o7Pr6bachY+OjCz8moU=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
dmarc=pass (p=quarantine dis=none) header.from=broadcom.com;
spf=fail smtp.mailfrom=broadcom.com;
dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com
header.b=cKMjr0dC; arc=none smtp.client-ip=209.85.215.177
Authentication-Results: smtp.subspace.kernel.org;
dmarc=pass (p=quarantine dis=none) header.from=broadcom.com
Authentication-Results: smtp.subspace.kernel.org;
spf=fail smtp.mailfrom=broadcom.com
Received: by mail-pg1-f177.google.com with SMTP id
41be03b00d2f7-5d8df34835aso1803084a12.0
for <linux-kernel@vger.kernel.org>;
Sun, 04 Feb 2024 21:20:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=broadcom.com; s=google; t=1707110400; x=1707715200;
darn=vger.kernel.org;
h=message-id:date:subject:cc:to:from:from:to:cc:subject:date
:message-id:reply-to;
bh=dW5zoXaotbxS+SYq2Yu+7hcfyLit5t9UvVc+9SbtbuU=;
b=cKMjr0dC2HfnBmkcLxX5AyTHIGifwXoCAp+bcXzL+4MrsRHtmjHCnLno0nB5SpXxkt
VjRwHGY010TT91GEzg/X8txHz4WTG4gToAjieUPlJxtILDFrnlU4jc6NUSbfVOj2+pNr
1b3bgpO/ZNAbhH8S5QrTC9tCiGttAV0Hl/ZuU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1707110400; x=1707715200;
h=message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
:subject:date:message-id:reply-to;
bh=dW5zoXaotbxS+SYq2Yu+7hcfyLit5t9UvVc+9SbtbuU=;
b=WUD3SwooNRL7gC/v7Cy+q1cfZg1IbapzDTujRvc7ifEtCImU6+6r2MPcw6UV75eivO
oCE1v7PFNFcYY4CDp9B1MZ5p1xYytPGzFUAd+jyznL8RGLtvfKE2Xmax7cSlnBYoljyP
2Yrci0ShktZ1yAdVAl9vAJ19L75B7rqzKGTEekzKbv5CPv+Bk7YQct9h/SDaO3qsjfYI
mwAB22Bqvlr+uZfKLsrht9k1xpmvh9nV9V3UZXDiMoR3iVsWvUyoYDVwVVMjW+UbDB0q
Enftnnu3CXicomaqpa69gl+fNTIRP52g6qVLaLQ82oQxXjlN6ZK0HZ2CalMWie1J2YYU
oAeg==
X-Gm-Message-State: AOJu0YwLpAmMjh+TB2e+YtZyV31MqDFbXaWgs0SgfbYjIvIzhxa/3Cud
2BFirCjqxPfQfmy02AQ0uJqYUMr/y13TdLcJm2MKxjXKaEXqUdwMkRH92VhEFw==
X-Received: by 2002:a05:6a20:d909:b0:19e:5e0c:3bb8 with SMTP id
jd9-20020a056a20d90900b0019e5e0c3bb8mr7970208pzb.7.1707110400605;
Sun, 04 Feb 2024 21:20:00 -0800 (PST)
X-Forwarded-Encrypted: i=0;
AJvYcCW49LbvIWU+foFA9+KIxmqctHvrKIaSi1hkNesPGFRM7R9cegKJcmHbSFXi3GzjE/YdnB5Fl/OpeO3vZzMH5DaqL6KSgHIyyvlhIQUpyRQReWw22hTiBxoqktD8Cs1h7bN/Cd/Brw9tVOsaoCiNwdisW/3kqqmoiX+5XZTjDIqgn/YKopHvMH6THCVhQxwRn9vXhafxdhJ7MbNsEh9Z/9YUHTbcQNqFSa+eN44LDAwcUHy+/tAEd4rqQbdLVf1pwFbD1iIlD/rVOCG5lAw/zFeMPiZY9dZ2IBAaMoBOvFsYb/QRCnW7ICYfQ42h28TqV1bbU+64mlT2XlHJn9yY0theGA3HEUVu3iIEwKYlsyLO/v8F+HDPf11iYfXrGwhw7dYZ7Am1PDIbpWcadF12ojDSrkZSe+UAP7aKohAyjC+TQld5Zn/uBnxO8g==
Received: from akaher-virtual-machine.eng.vmware.com ([66.170.99.2])
by smtp.gmail.com with ESMTPSA id
b16-20020aa78110000000b006dd84763ce3sm5612953pfi.169.2024.02.04.21.19.59
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Sun, 04 Feb 2024 21:20:00 -0800 (PST)
From: Ajay Kaher <ajay.kaher@broadcom.com>
To: stable@vger.kernel.org,
gregkh@linuxfoundation.org
Cc: mst@redhat.com,
jasowang@redhat.com,
kvm@vger.kernel.org,
virtualization@lists.linux-foundation.org,
netdev@vger.kernel.org,
linux-kernel@vger.kernel.org,
alexey.makhalov@broadcom.com,
vasavi.sirnapalli@broadcom.com,
Prathu Baronia <prathubaronia2011@gmail.com>,
Ajay Kaher <ajay.kaher@broadcom.com>
Subject: [PATCH v6.1.y-v4.19.y] vhost: use kzalloc() instead of kmalloc()
followed by memset()
Date: Mon, 5 Feb 2024 10:49:37 +0530
Message-Id: <1707110377-1483-1-git-send-email-ajay.kaher@broadcom.com>
X-Mailer: git-send-email 2.7.4
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1790046679640283398
X-GMAIL-MSGID: 1790046679640283398
|
| Series |
[v6.1.y-v4.19.y] vhost: use kzalloc() instead of kmalloc() followed by memset()
|
|
Commit Message
Ajay Kaher
Feb. 5, 2024, 5:19 a.m. UTC
From: Prathu Baronia <prathubaronia2011@gmail.com> From: Prathu Baronia <prathubaronia2011@gmail.com> commit 4d8df0f5f79f747d75a7d356d9b9ea40a4e4c8a9 upstream Use kzalloc() to allocate new zeroed out msg node instead of memsetting a node allocated with kmalloc(). Signed-off-by: Prathu Baronia <prathubaronia2011@gmail.com> Message-Id: <20230522085019.42914-1-prathubaronia2011@gmail.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com> [Ajay: This is a security fix as per CVE-2024-0340] Signed-off-by: Ajay Kaher <ajay.kaher@broadcom.com> --- drivers/vhost/vhost.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-)
Comments
On Mon, Feb 05, 2024 at 10:49:37AM +0530, Ajay Kaher wrote: > From: Prathu Baronia <prathubaronia2011@gmail.com> > > From: Prathu Baronia <prathubaronia2011@gmail.com> > > commit 4d8df0f5f79f747d75a7d356d9b9ea40a4e4c8a9 upstream > > Use kzalloc() to allocate new zeroed out msg node instead of > memsetting a node allocated with kmalloc(). > > Signed-off-by: Prathu Baronia <prathubaronia2011@gmail.com> > Message-Id: <20230522085019.42914-1-prathubaronia2011@gmail.com> > Signed-off-by: Michael S. Tsirkin <mst@redhat.com> > Reviewed-by: Stefano Garzarella <sgarzare@redhat.com> > [Ajay: This is a security fix as per CVE-2024-0340] And this is why I am so grumpy about Red Hat and CVEs, they know how to let us know about stuff like this, but no. Hopefully, someday soon, they will soon not be allowed to do this anymore. {sigh} Now queued up, thanks. greg k-h
diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c index 07427302084955..ecb3b397bb3888 100644 --- a/drivers/vhost/vhost.c +++ b/drivers/vhost/vhost.c @@ -2563,12 +2563,11 @@ EXPORT_SYMBOL_GPL(vhost_disable_notify); /* Create a new message. */ struct vhost_msg_node *vhost_new_msg(struct vhost_virtqueue *vq, int type) { - struct vhost_msg_node *node = kmalloc(sizeof *node, GFP_KERNEL); + /* Make sure all padding within the structure is initialized. */ + struct vhost_msg_node *node = kzalloc(sizeof(*node), GFP_KERNEL); if (!node) return NULL; - /* Make sure all padding within the structure is initialized. */ - memset(&node->msg, 0, sizeof node->msg); node->vq = vq; node->msg.type = type; return node;