Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp722481pxu;
        Wed, 2 Dec 2020 01:26:08 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxcCSl/z9E6XwYS2wzU8YY+yRIye6/GkF1qjbDvwy+XViFV90YwxW26RDxUizja++jtI7oN
X-Received: by 2002:a17:906:b793:: with SMTP id dt19mr1466685ejb.120.1606901168030;
        Wed, 02 Dec 2020 01:26:08 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1606901168; cv=none;
        d=google.com; s=arc-20160816;
        b=wLdLPsXX4VmdOJVG+3A+vi+k4KQ5qhKh4dC8O33y03vS74SybIkUj0bwms1ZPoeVEv
         a4tMWSnh+EimthkLIA08AgnTqxFp1NVECQFDdLOeZtIN92UGwprx6O8+5CUV0e0f9JPS
         NjfXbbFkzhJBePQxBzDCmvna2CZS+KAGEqx7BdwHL4+xaKdJvgHVdjIoQdOVseEFJSoV
         1gg1/AMF4Pmr+tAhOga/cOkPbMAnsEP5w3g8MBJBIiqR2EMAqcGqF68AyAgZxMU4nCbz
         vTfW4hyBk6GNZ4jM1hRprgXnzUVvWzkJHy57D6pfVcLzk7Ooh5v3J2E7GyAYy/Tuc42V
         xMKA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=KmfIqVNpO1qdYqld/se9wMpL7fXGnp4cSTMlbr3vWAM=;
        b=k8yo4GwvmF+pSsm5iXCWIuXLD/A+XOkaytM1dyyer9fwHpqzTBTV7iejWKy/Fa6DZk
         ruWIEqT1BYF1mdmU1qpyf4QPswPLDr1rAB2TSeLAp6DBqOgwrWM2PAwIoX/2g07SVixY
         VW6BNfU2XxiLNQcwKfJCndKWFGXAM97ZHfLTfuIuDDkFXraXHzhgoY/5YtddDW3U5i91
         GTfroF+h18SN3MPfS26+o/TYLT4VlxQjLxSQrH4SYMgYhDgXjALtOM62LYCX8eMyu3Wt
         KHBRv273I6t6/NABw/9jQSnhPEdRTMcE2Rbv6+vKZk9yuQfQHAQK8JhdNKnoRR0rYTiD
         fIag==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=fTdyRr4T;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id l2si706153ede.232.2020.12.02.01.25.44;
        Wed, 02 Dec 2020 01:26:08 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=fTdyRr4T;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729239AbgLBJXU (ORCPT <rfc822;epontan@gmail.com> + 99 others);
        Wed, 2 Dec 2020 04:23:20 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51690 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728238AbgLBJXT (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 2 Dec 2020 04:23:19 -0500
Received: from mail-wr1-x441.google.com (mail-wr1-x441.google.com [IPv6:2a00:1450:4864:20::441])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73B8BC0613D6;
        Wed,  2 Dec 2020 01:22:39 -0800 (PST)
Received: by mail-wr1-x441.google.com with SMTP id i2so2713167wrs.4;
        Wed, 02 Dec 2020 01:22:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=KmfIqVNpO1qdYqld/se9wMpL7fXGnp4cSTMlbr3vWAM=;
        b=fTdyRr4TIdSKFljC0Gr4ZoDtqjbX+Dz+iJz+nbvegG+ZiyCb06gD3fFJkaCI4MCHzg
         dTue2FxhpIJzfF8jTWb3U9c2pDrtcVPPJcvPUECAaPmIvUEogQeLdiqQ7wNwtWzMFoOr
         biir7zo2nbeLrg4cgfCQGjLCSo5QB+J8QDNWUn7RByXtPSwX2SBS75KTXDdsQoiAcw7V
         tNyR7UYfIDeCNLdqkvj9trk+6BrpG6U7QLtdVtKyZqlxrTcGURgnYcS1ueObiI+LUkOd
         eMCWxN3IEzgCSDjim6KGZXnyiU53AgcFTDtmtMlrGt/Qk/OVSbBM9WufMx0JnL8em68a
         FfHg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=KmfIqVNpO1qdYqld/se9wMpL7fXGnp4cSTMlbr3vWAM=;
        b=YFAG933tVNtpaw26Y32Jh+GNgZY33wn4eQwrFLsmWHks+yjPqOcOarHAl0PzlOUfWv
         N4utA5hWPTHm7CyvMKEUpQDuSFdVcu+GM2KDlpII5UQ2H94wCwRkTWnyMDM/9rhn/Qqs
         wyIaT+/E7IJhbhIQTBTRGPj7EikMs9hQngg+e4noBO04XD/uNOE6a500E1f+VyQ9i4kp
         pX5GMhu8pr20SrVxcLCoszVJcKlOZ8SkppFsk0qaTrXN31dwgJoDwTGh0no9p+17I26D
         XOOxrfbHABobONC8vTbLg+0o4tOGlrQbVU/1/L0d6W02njAPtMnEimAQysU64lqwMpHN
         B1Tg==
X-Gm-Message-State: AOAM533pyb5oBc5aORoNxjzCjeqXUf4XML+kDhkumvGiFhy1L2aa0ox9
        sb6rZCgzVuCkxvR0KBu4yTe36rPi4wlYng==
X-Received: by 2002:adf:e5c4:: with SMTP id a4mr2259415wrn.56.1606900957760;
        Wed, 02 Dec 2020 01:22:37 -0800 (PST)
Received: from andrea.corp.microsoft.com (host-95-239-64-30.retail.telecomitalia.it. [95.239.64.30])
        by smtp.gmail.com with ESMTPSA id e27sm1535936wrc.9.2020.12.02.01.22.36
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 02 Dec 2020 01:22:37 -0800 (PST)
From:   "Andrea Parri (Microsoft)" <parri.andrea@gmail.com>
To:     linux-kernel@vger.kernel.org, linux-hyperv@vger.kernel.org
Cc:     "K . Y . Srinivasan" <kys@microsoft.com>,
        Haiyang Zhang <haiyangz@microsoft.com>,
        Stephen Hemminger <sthemmin@microsoft.com>,
        Wei Liu <wei.liu@kernel.org>,
        Michael Kelley <mikelley@microsoft.com>,
        Juan Vazquez <juvazq@microsoft.com>,
        Saruhan Karademir <skarade@microsoft.com>,
        "Andrea Parri (Microsoft)" <parri.andrea@gmail.com>
Subject: [PATCH v2 1/7] Drivers: hv: vmbus: Initialize memory to be sent to the host
Date:   Wed,  2 Dec 2020 10:22:08 +0100
Message-Id: <20201202092214.13520-2-parri.andrea@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20201202092214.13520-1-parri.andrea@gmail.com>
References: <20201202092214.13520-1-parri.andrea@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

__vmbus_open() and vmbus_teardown_gpadl() do not inizialite the memory
for the vmbus_channel_open_channel and the vmbus_channel_gpadl_teardown
objects they allocate respectively.  These objects contain padding bytes
and fields that are left uninitialized and that are later sent to the
host, potentially leaking guest data.  Zero initialize such fields to
avoid leaking sensitive information to the host.

Reported-by: Juan Vazquez <juvazq@microsoft.com>
Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@gmail.com>
---
 drivers/hv/channel.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/hv/channel.c b/drivers/hv/channel.c
index 0d63862d65518..9aa789e5f22bb 100644
--- a/drivers/hv/channel.c
+++ b/drivers/hv/channel.c
@@ -621,7 +621,7 @@ static int __vmbus_open(struct vmbus_channel *newchannel,
 		goto error_clean_ring;
 
 	/* Create and init the channel open message */
-	open_info = kmalloc(sizeof(*open_info) +
+	open_info = kzalloc(sizeof(*open_info) +
 			   sizeof(struct vmbus_channel_open_channel),
 			   GFP_KERNEL);
 	if (!open_info) {
@@ -748,7 +748,7 @@ int vmbus_teardown_gpadl(struct vmbus_channel *channel, u32 gpadl_handle)
 	unsigned long flags;
 	int ret;
 
-	info = kmalloc(sizeof(*info) +
+	info = kzalloc(sizeof(*info) +
 		       sizeof(struct vmbus_channel_gpadl_teardown), GFP_KERNEL);
 	if (!info)
 		return -ENOMEM;
-- 
2.25.1