Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp645851ybz;
        Wed, 22 Apr 2020 05:24:43 -0700 (PDT)
X-Google-Smtp-Source: APiQypLJx+cDmAK3fdso2QLzzvA7CgPmqvU2TcFFbWeAND9Fsu3muXqpyVOGrdx2HN2yYBcjXp4W
X-Received: by 2002:a17:906:a418:: with SMTP id l24mr25723132ejz.362.1587558283674;
        Wed, 22 Apr 2020 05:24:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1587558283; cv=none;
        d=google.com; s=arc-20160816;
        b=kXutWeCtHe1qST6TsNJoNpleabUTfyFrqhFdB+J2Sry5lTlpHkCZFdjUagiUmM5IIj
         csHWi9HHPRj/GiRedwOPdrxnnxY4Ssopva9er9NEjr8yGl4UgeZQJGZNS8OQLZCCRIbt
         oNrS14oyCJ3lFB+GfRQ9ynam2aYCa+Lh07L041GLq3jtjXQuxLoTiCcNohGf8VxTwBZs
         ZEcZgSt/8LoUlldz69zUX2L7U98sHE8hE1y0VwELlk19Cm+vq+s+oe9QodMYXKs2mrfr
         S21yGto4QjkUjDzLLwrZQziqlGgKY8wm1oVGWoTe3J+XLV22oTOaN1KMCN8w0lcTJ2Ld
         +Ptw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=iXHNVaJY3ekqt8rrsqzyayGiIuYPuZ10JP8uzOTtyBM=;
        b=LlUXEx4aMuPQ1FceMfdqETx+v6E8ARFL92epA3IpZzP271nb9cGfN2NFyYMQVb8xHe
         oh3s1+vwkNbVInOMDrhDG2c56MV6IHHMYctkxVhzJfI5uzHiwIt9GF6P1/Xayy4fy1pS
         SDfazf3uo5Do3MpPRXjuYC/v5PEaUVf176eyMbVYSTrbQ4eYBs7v1P8RRo0OL1RCc+66
         i5cPB87i/59pls3EcoJBmn2surkfJMgXB0C12jPf4XDwC5Ez+t/hRD9YR8VtYwetDzFV
         YQlxg+1di2A2O2N6TMmUCv1Pa0LROtc32ipyd0u+gSdZNG233TS07XHg9p3BLwh8HhAl
         y+Ag==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2020-01-29 header.b=vBNjvxlE;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id e1si3318945ejl.173.2020.04.22.05.24.20;
        Wed, 22 Apr 2020 05:24:43 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2020-01-29 header.b=vBNjvxlE;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727876AbgDVLqa (ORCPT <rfc822;gasparwang.pro@gmail.com>
        + 99 others); Wed, 22 Apr 2020 07:46:30 -0400
Received: from aserp2120.oracle.com ([141.146.126.78]:33498 "EHLO
        aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726141AbgDVLqa (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 22 Apr 2020 07:46:30 -0400
Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1])
        by aserp2120.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 03MBgSpP068303;
        Wed, 22 Apr 2020 11:45:35 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc
 : subject : message-id : references : mime-version : content-type :
 in-reply-to; s=corp-2020-01-29;
 bh=iXHNVaJY3ekqt8rrsqzyayGiIuYPuZ10JP8uzOTtyBM=;
 b=vBNjvxlES5ioi7aQXEXoJ8OYSuZOF6cDwtNh8kpa9OAcTffTDn5fCmfrLmtipCy76zRW
 nvmhgyoJbyRTjXGaSSGE1o0V7OKkD34F9dt+GFXAf69s3JCf8QFHBiGAxQxkIM+NC+cw
 cFSQv5kRrjEZfx1mt5gIiDDyUps1yeVniTIcLsId9ep2WpL53VqypIqYHHsYK8tCHmeD
 uhkdLkcC3ImCBOO5D7nPEwmoIEkeztne43bgIY6ME47ye0Los+4iLHDSx3xNsM6T/kUg
 JL+ho3msLiI3KkSE0niDAx/Hnat3v3G4syLIVpbVDI1YMjMb7qvX4o/EZwk/LnaO64R9 JA== 
Received: from aserp3020.oracle.com (aserp3020.oracle.com [141.146.126.70])
        by aserp2120.oracle.com with ESMTP id 30fsgm29gy-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Wed, 22 Apr 2020 11:45:35 +0000
Received: from pps.filterd (aserp3020.oracle.com [127.0.0.1])
        by aserp3020.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 03MBgXiv118837;
        Wed, 22 Apr 2020 11:45:35 GMT
Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72])
        by aserp3020.oracle.com with ESMTP id 30gbbgps60-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Wed, 22 Apr 2020 11:45:35 +0000
Received: from abhmp0005.oracle.com (abhmp0005.oracle.com [141.146.116.11])
        by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id 03MBjWgC022078;
        Wed, 22 Apr 2020 11:45:32 GMT
Received: from kadam (/41.57.98.10)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Wed, 22 Apr 2020 04:45:31 -0700
Date:   Wed, 22 Apr 2020 14:45:22 +0300
From:   Dan Carpenter <dan.carpenter@oracle.com>
To:     Colin King <colin.king@canonical.com>
Cc:     Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>,
        Liam Girdwood <lgirdwood@gmail.com>,
        Ranjani Sridharan <ranjani.sridharan@linux.intel.com>,
        Kai Vehmanen <kai.vehmanen@linux.intel.com>,
        Daniel Baluta <daniel.baluta@nxp.com>,
        Mark Brown <broonie@kernel.org>,
        Jaroslav Kysela <perex@perex.cz>,
        Takashi Iwai <tiwai@suse.com>,
        sound-open-firmware@alsa-project.org, alsa-devel@alsa-project.org,
        kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] ASoC: SOF: ensure all fields in header are zero'd before
 copying back to userspace
Message-ID: <20200422114522.GK2659@kadam>
References: <20200422112417.208843-1-colin.king@canonical.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20200422112417.208843-1-colin.king@canonical.com>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9598 signatures=668686
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 malwarescore=0
 suspectscore=0 mlxlogscore=856 adultscore=0 mlxscore=0 phishscore=0
 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2003020000 definitions=main-2004220094
X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9598 signatures=668686
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 priorityscore=1501
 lowpriorityscore=0 mlxlogscore=908 malwarescore=0 clxscore=1011
 spamscore=0 bulkscore=0 phishscore=0 suspectscore=0 impostorscore=0
 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2003020000 definitions=main-2004220094
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Apr 22, 2020 at 12:24:17PM +0100, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
> 
> Field header.tlv is uninitialized and being copied back to userspace
        ^^^^^^^^^^
header.tlv is a zero element array so it doens't have any stack data.

> and hence leaking data from the stack to userspace.  Fix this by
> ensuring the header structure is zero'd.

regards,
dan carpenter