Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp4578145imm; Fri, 18 May 2018 07:24:14 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrKx/eiT3EVT1KV0q6ugp8QSp74dd+DIS5s8GQM9JJFjSHMMlnOQ35VomweabRB7+e/Y9ST X-Received: by 2002:a17:902:680c:: with SMTP id h12-v6mr9929537plk.113.1526653454606; Fri, 18 May 2018 07:24:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526653454; cv=none; d=google.com; s=arc-20160816; b=OLSAODguTTeBjPDilR6C3LpSB3hfcNViKGWRVo5cFONGJXXgZQTkTh3ZprEtq7K/tL b58QfgcJwhUKlcaNHGARvXpInRRec+uLuPqL9z76I7YF9INJYzBsduvgl9pOQOQvAEqk RVZIJetZk0YHx8Bx5Meleyp0SrTglvAgwApIh0XTgwhMAo5Wph65laQoLbjMsBtVfJVl OJJr02lll4UUpxVYnVNPCqRfrpQG7gPWxHjJ8iX9U5JjRgcUdm7lP7TzmIiXlRKUyhwb ereAMGFSk6pb9J5RMrOJsIZmzQMXyWTeO5lJgxvRaSK1/uxFYoElfZVehLEfVfXeWXer THGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature:arc-authentication-results; bh=q95MUy8eN6IZtsNCddHFFeeThj42/EzVTWUzUIEWC8k=; b=suxVnlQeAZUcBLOYLr+deJ5Gr8Mout1Iga/k2DmDibzOn40DBt4wf/d7E01pNo3FAl 46GBpa5jKgHgCSnKN0Trke7SRUR9YnVYeWKs35THq2gh7NRnfhkDOQE4xYjqM1CUHe5Q F6zANvsBQKdBUPkaXtm4rFLbbamlQwf4XhBM2JzXTMm0f9GzRSG9IoeEwZLoOpK2z31S H76oDUgANqLp33x7wWqwIgrnmjFYaO7SZDZ6cjq17gcv+XGzmKjmK4wskUkwfV17OyGv b3n4+J7+ud1FGXdYun/Wem4R1+iq0kOaC/bw0MVTUJfJLPlFHnCRhuJgTfEnbKtZd/71 BIBw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=ZSSJlURd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b39-v6si7741474plb.456.2018.05.18.07.24.00; Fri, 18 May 2018 07:24:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=ZSSJlURd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752133AbeEROXa (ORCPT + 99 others); Fri, 18 May 2018 10:23:30 -0400 Received: from mail-wr0-f193.google.com ([209.85.128.193]:34267 "EHLO mail-wr0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751280AbeEROX0 (ORCPT ); Fri, 18 May 2018 10:23:26 -0400 Received: by mail-wr0-f193.google.com with SMTP id p18-v6so9417385wrm.1 for ; Fri, 18 May 2018 07:23:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=q95MUy8eN6IZtsNCddHFFeeThj42/EzVTWUzUIEWC8k=; b=ZSSJlURdvFzx2JFWscKry5tiO4xkZaKn2uEqWvf0DsepYIaA8k9BbkRJX5a7X5Bk4R pII8h7Djd2WjbY70BP1zIlfQFRxBAIvdhfIKFzgRL90LoAVUVNyqDuKlc1cHPCNOviRS laJfTRrwEPfRb+7BfkGsLDUuVq83bMjyBYcIUS6iY06RLHsGJ/0g+QNW9GyHq0zzYzCr uJOhYQ2GoFR75uRvtkXN0n28ouvjJ2mBD/iO7C2KLrZGRKrB47Z7BNLk1XQaFdFS8jiW hZWqBtKNYTv+IDXfuOIH4M2Me5N6eAbpVcTbyIiOhDeLu0rrRvf3vsGCGXS6efjo9srh AjJA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=q95MUy8eN6IZtsNCddHFFeeThj42/EzVTWUzUIEWC8k=; b=jREf/Z+7uXIPCJBXxp6+GKcIvlfwsiOsswXEZm6hIiWXvGrHFm2tH/g9/A2pY+6VDg U66lFeLB4qR9PURa1O98jVjaJqkFHBJpGVK+ZvGlP/OG+zGzU4kJl3bsrh76NYs4JysZ Brj3Wq/5Q1PkqUsJHUZHssgPDHc+A2LxHEaQ0BG6x6fW20dg7oxXcJ5fnU/arjd0Rvr/ sUFmw4t2GHpP8PtyEFwsPw9UVJSvQtrS5sgFM/kuWqYVy7tYYGsNDCDt/9B3v+bWoyoI 6TFToM/3FUqAlm8oSrZjzJyx3E+Ny7y+Kj6zOmo7/Xx+jn/VNvLaGG9Er5S6vc6AvrIq GAaQ== X-Gm-Message-State: ALKqPwf3RMEXuuw+LBedALY44VzhPgsp3Y28ahzDBdXUfek5l0Z0mUTW Cw1NYiK6u3YGIkMUH4DClJJ4KQ== X-Received: by 2002:adf:8607:: with SMTP id 7-v6mr7672472wrv.255.1526653405428; Fri, 18 May 2018 07:23:25 -0700 (PDT) Received: from glider0.muc.corp.google.com ([2a00:79e0:15:10:e0c7:92b9:c022:f69b]) by smtp.gmail.com with ESMTPSA id w40-v6sm13029922wrc.69.2018.05.18.07.23.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 May 2018 07:23:24 -0700 (PDT) From: Alexander Potapenko To: jthumshirn@suse.de, jejb@linux.vnet.ibm.com, dgilbert@interlog.com Cc: linux-kernel@vger.kernel.org, stable@vger.kernel.org, linux-scsi@vger.kernel.org, dvyukov@google.com, hare@suse.com, torvalds@linux-foundation.org Subject: [PATCH] scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() Date: Fri, 18 May 2018 16:23:18 +0200 Message-Id: <20180518142318.200260-1-glider@google.com> X-Mailer: git-send-email 2.17.0.441.gb46fe60e1d-goog Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This shall help avoid copying uninitialized memory to the userspace when calling ioctl(fd, SG_IO) with an empty command. Reported-by: syzbot+7d26fc1eea198488deab@syzkaller.appspotmail.com Cc: stable@vger.kernel.org Signed-off-by: Alexander Potapenko Acked-by: Douglas Gilbert Reviewed-by: Johannes Thumshirn --- drivers/scsi/sg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c index c198b96368dd..5c40d809830f 100644 --- a/drivers/scsi/sg.c +++ b/drivers/scsi/sg.c @@ -1894,7 +1894,7 @@ sg_build_indirect(Sg_scatter_hold * schp, Sg_fd * sfp, int buff_size) num = (rem_sz > scatter_elem_sz_prev) ? scatter_elem_sz_prev : rem_sz; - schp->pages[k] = alloc_pages(gfp_mask, order); + schp->pages[k] = alloc_pages(gfp_mask | __GFP_ZERO, order); if (!schp->pages[k]) goto out; -- 2.17.0.441.gb46fe60e1d-goog