Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp294393pxk; Wed, 2 Sep 2020 23:03:24 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwqhvkNeHIMgVb5489qBpNQy0t0m++PyrmD/1lLgKDvDdhkyQSUKaXDkMIBtWJrnnzfjw0G X-Received: by 2002:a05:6402:176c:: with SMTP id da12mr1472577edb.386.1599113004479; Wed, 02 Sep 2020 23:03:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1599113004; cv=none; d=google.com; s=arc-20160816; b=A4KjWNbExqOo5RKPEHSNA3sqJf21IXjSCIBMVLVUkAnPA/CKGuOMCRdqrw1ABLjh0m /lroLiwLBy7GIWxEM//qCPUhvMo753n6rx/DE7hfbsw7tJBq0GVoeKfKPVXEJlF0Op+X LV4xadqed9ZLkVNiH6vyqp8qPc1J1ARL9hoRL3RiBW4arf1kYYCxg98YdHr1NuCErEf/ jzeTne/kKNq36E0KEq0KtnsuTkLQc+ccAbtUm3G6MTq6kGL/rUB3+PlKyiCnHWLMKX/p rzNyvm5st2sJDZtYIa8nz2NrhUv8EIWd6p62OsEapK7sO3QIinysKHNmbxPvZzikCVXU 0Rnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=FmFBH0qKHDfc/nod7yjkhYOyOCgKVjJFQKsMv98/l+s=; b=ta5P1zd4CmpyxvNYCI66c0I+lVGWMONYCIcgd+OR9kN0GugY1OmfScPEqSCos102Sb I+Q6NdGhVDQXxduKrvETGc2hiJDUDOrR9IZ6YpRMot3mZZrd1f9FFJNQvNRxIWdspjt9 Cj7C2fK8MWYqqs3XWN3oHvW6IBfzpHXOnYdIqzQVTmSEAxrLTARFrtrP837tbKjlb8ZU ZX5AtPV4OHvAbK5sxfsI3WWbPSUjEJrboOB0Hs6mjJPz43KUo2dGgB4PjYvwyxUX3UBE 5GKtw4KaLSHiCI2StdwNKiHMNlYE8kAj7Nn/0V2txkrGHq3bAlm0rR7uSLvRQCeVKlOe Cq+A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=YgJu8tvK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e2si1284367eji.3.2020.09.02.23.03.00; Wed, 02 Sep 2020 23:03:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=YgJu8tvK; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727004AbgICGCC (ORCPT + 99 others); Thu, 3 Sep 2020 02:02:02 -0400 Received: from mail.kernel.org ([198.145.29.99]:55228 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725851AbgICGCB (ORCPT ); Thu, 3 Sep 2020 02:02:01 -0400 Received: from coco.lan (ip5f5ad5c3.dynamic.kabel-deutschland.de [95.90.213.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 09A9E2071B; Thu, 3 Sep 2020 06:01:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1599112921; bh=Ls7GUSqMV1Lls5C+YOMpZmiW/jNMpkQl3lAVRfA6qYg=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=YgJu8tvKoE6Z7L1oqd8DHVrunCg7fekTrPVU1VTsgzJGxm39E7fVwc3/KkHMGBs8x ScSUCIMRAa/TH3+idSKG1dywAY6ZY95NYyBa2Q5jWEk/zAwO+kW1wHA6qIzVqmxPz3 BArnSWOhsG8GeZOZKXHYR0VSTsgz84dn7Hy19Dg8= Date: Thu, 3 Sep 2020 08:01:56 +0200 From: Mauro Carvalho Chehab To: Arnd Bergmann Cc: Hans Verkuil , Sakari Ailus , Laurent Pinchart , Vandana BN , Niklas =?UTF-8?B?U8O2ZGVybHVuZA==?= , Linux Media Mailing List , "linux-kernel@vger.kernel.org" Subject: Re: [PATCH 02/38] media: v4l2-ioctl: avoid memory leaks on some time32 compat functions Message-ID: <20200903080156.1ae119b8@coco.lan> In-Reply-To: References: <27254f9780e7ec8502761826c2888dbd51a536a8.1599062230.git.mchehab+huawei@kernel.org> X-Mailer: Claws Mail 3.17.6 (GTK+ 2.24.32; x86_64-redhat-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Em Wed, 2 Sep 2020 20:45:53 +0200 Arnd Bergmann escreveu: > On Wed, Sep 2, 2020 at 6:10 PM Mauro Carvalho Chehab > wrote: > > > > There are some reports about possible memory leaks: > > > > drivers/media/v4l2-core//v4l2-ioctl.c:3203 video_put_user() warn: check that 'ev32' doesn't leak information (struct has a hole after 'type') > > drivers/media/v4l2-core//v4l2-ioctl.c:3230 video_put_user() warn: check that 'vb32' doesn't leak information (struct has a hole after 'memory') > > > > While smatch seems to be reporting a false positive (line 3203), > > there's indeed a possible leak with reserved2 at vb32. > > > > We might have fixed just that one, but smatch checks won't > > be able to check leaks at ev32. So, re-work the code in a way > > that will ensure that the var contents will be zeroed before > > filling it. > > > > With that, we don't need anymore to touch reserved fields. > > > > Signed-off-by: Mauro Carvalho Chehab > > Isn't this the same as commit 4ffb879ea648 ("media: media/v4l2-core: > Fix kernel-infoleak > in video_put_user()") that you already applied (aside from the issue > that Laurent > pointed out)? Oh! I completely forgot about that one which is at the fixes branch. Yeah, you're right! I'll drop this one from the series. Thanks! Mauro