The following commit is needed to fix CVE-2022-0494:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc8f7fe1f5eab010191aa4570f27641876fa1267
Haimin Zhang (1):
block-map: add __GFP_ZERO flag for alloc_page in function
bio_copy_kern
block/bio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
base-commit: 501eec4f9e138b958fc7438e7a745c0d6a7c68b3
--
2.36.1
From: Haimin Zhang <[email protected]>
commit cc8f7fe1f5eab010191aa4570f27641876fa1267 upstream.
Add __GFP_ZERO flag for alloc_page in function bio_copy_kern to initialize
the buffer of a bio.
Signed-off-by: Haimin Zhang <[email protected]>
Reviewed-by: Chaitanya Kulkarni <[email protected]>
Reviewed-by: Christoph Hellwig <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Jens Axboe <[email protected]>
[DP: Backported to 4.14: Manually added __GFP_ZERO flag]
Signed-off-by: Dragos-Marian Panait <[email protected]>
---
block/bio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/block/bio.c b/block/bio.c
index 30df1b45dde8..1eaf31976702 100644
--- a/block/bio.c
+++ b/block/bio.c
@@ -1657,7 +1657,7 @@ struct bio *bio_copy_kern(struct request_queue *q, void *data, unsigned int len,
if (bytes > len)
bytes = len;
- page = alloc_page(q->bounce_gfp | gfp_mask);
+ page = alloc_page(q->bounce_gfp | __GFP_ZERO | gfp_mask);
if (!page)
goto cleanup;
--
2.36.1
On Thu, Jun 02, 2022 at 06:01:56PM +0300, Dragos-Marian Panait wrote:
> The following commit is needed to fix CVE-2022-0494:
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc8f7fe1f5eab010191aa4570f27641876fa1267
>
> Haimin Zhang (1):
> block-map: add __GFP_ZERO flag for alloc_page in function
> bio_copy_kern
>
> block/bio.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>
> base-commit: 501eec4f9e138b958fc7438e7a745c0d6a7c68b3
> --
> 2.36.1
>
All now queued up, thanks.
greg k-h