Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp7277325imu;
        Wed, 14 Nov 2018 14:43:35 -0800 (PST)
X-Google-Smtp-Source: AJdET5ewsxPCJtesYSL9NwuJUE/WTflpvq1dZbbpbLJC8JniTcW8jFwP1IzrxaY0dO0cidSaNWMP
X-Received: by 2002:a62:7e93:: with SMTP id z141mr2585383pfc.239.1542235415248;
        Wed, 14 Nov 2018 14:43:35 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1542235415; cv=none;
        d=google.com; s=arc-20160816;
        b=pYtuRR3NwF/v/RF875sk9gqHr9MZxCxoG5+vTXNgCSPPqHqKncOXTtZSr6naqZjV7T
         cLx+Pxyc4Om3BYquzvHF+7t0g3HGr+Xv8SZsjG9iIgFcaXSlzpMt6wONzeYHpYORvX7W
         K0tju9FSdwx5cVM3rwguGIzYgl7xYS+Fj3MBWqB0kaFjhuXFkDlF6rG5otwtBB4of4hy
         ajRnEjsckP8YvzBYSmeqazpwLRxicH1S4GB4I3NzEZGHWNssNMfru4GB338vDc+nIgSV
         ilIIlEVRqttCOk6FQwJNfDmKkvLSwg/nv6uR0yWiGLlgKALx/qNSfSFXZOG+EhYtLAdZ
         xz3w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature;
        bh=r9cRCs2MnXSlt+KSS9xYfy8p4Uit1qHluv0wdrRc5SY=;
        b=uGn3vs+XTCkzK64zFSPceOXkpe5MUhUSyl/l7MCSSHjBqeM4/sYN4xasxbgOgzJFmX
         z8+h4k0G+JFfXByb9Alux95KZmYnM36pVhUh3mPaX0UczlTqvzCDLwJC+Td//Ava19yv
         RvStmj7B89YzgM0sn0QE2dXjIdOpFAYxKEqBB9K5cuVZiHClExHq+Qd6F+LbduwkN59U
         CsX6w7A1fUE9MW/CI/kCwzKwRXi0rLboB8TtcQAGu2zgjnEScmuVuMzz/aTQ58Vv3ZHv
         BnUNxnIZ4tHpuW0DauYjur3SJHawf+BImtRxRrGHsJm4S+EuNdV1yGbWnB73FqYZqvZh
         F3UQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=O2pTCa4i;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id bh6-v6si25369768plb.66.2018.11.14.14.43.20;
        Wed, 14 Nov 2018 14:43:35 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=O2pTCa4i;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728799AbeKOI1V (ORCPT <rfc822;zcyberian@gmail.com> + 99 others);
        Thu, 15 Nov 2018 03:27:21 -0500
Received: from mail.kernel.org ([198.145.29.99]:34392 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1728719AbeKOI1V (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 15 Nov 2018 03:27:21 -0500
Received: from sasha-vm.mshome.net (unknown [64.114.255.114])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 1206922528;
        Wed, 14 Nov 2018 22:22:18 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1542234138;
        bh=F39rnfOVUoYN9/DL7o7+gxFsFk/S3E9pAO88Ys/rau0=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=O2pTCa4iflaaYuNXK2q0L91N5KYieVa1/YaY5XwueMByuQRFHNvDgj4PeWfCekWWM
         0WiyOPOdNoukSB9U0OtNnsI7OYSYrG9IfKWLJtoqxfqbqEC52dGcKa/lOB0tLVNRsc
         JSL8QDJ538DD3vDEvO13FfbNNl2j0pWXkl04nJsg=
From:   Sasha Levin <sashal@kernel.org>
To:     stable@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     Keith Busch <keith.busch@intel.com>, Jens Axboe <axboe@kernel.dk>,
        Sasha Levin <sashal@kernel.org>
Subject: [PATCH AUTOSEL 4.19 41/73] block: Clear kernel memory before copying to user
Date:   Wed, 14 Nov 2018 17:21:35 -0500
Message-Id: <20181114222207.98701-41-sashal@kernel.org>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20181114222207.98701-1-sashal@kernel.org>
References: <20181114222207.98701-1-sashal@kernel.org>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Keith Busch <keith.busch@intel.com>

[ Upstream commit f3587d76da05f68098ddb1cb3c98cc6a9e8a402c ]

If the kernel allocates a bounce buffer for user read data, this memory
needs to be cleared before copying it to the user, otherwise it may leak
kernel memory to user space.

Laurence Oberman <loberman@redhat.com>
Signed-off-by: Keith Busch <keith.busch@intel.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 block/bio.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/block/bio.c b/block/bio.c
index 0093bed81c0e..41173710430c 100644
--- a/block/bio.c
+++ b/block/bio.c
@@ -1261,6 +1261,7 @@ struct bio *bio_copy_user_iov(struct request_queue *q,
 		if (ret)
 			goto cleanup;
 	} else {
+		zero_fill_bio(bio);
 		iov_iter_advance(iter, bio->bi_iter.bi_size);
 	}
 
-- 
2.17.1