Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp344248pxu;
        Thu, 7 Jan 2021 06:34:27 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxBUXUFOUw4yvulu14xPjSNBDhWH8HyKq5DOOVpuKF4SX0wDmITzxccCXybXdfwjmpVU7uf
X-Received: by 2002:a05:6402:22ea:: with SMTP id dn10mr1844860edb.67.1610030067739;
        Thu, 07 Jan 2021 06:34:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1610030067; cv=none;
        d=google.com; s=arc-20160816;
        b=bZL46MgRDr+FTauZCXkUHS5VQdLZjaILlRxMisNVDbOnhDUC5hqDRNjpzQbCcwfwmg
         3pFwQvHrqLGIcqQgI9SxmtcMatWJYaYDRSieXwNwTZO+LHK8srr7K74YiCQ1JxORyovy
         ND7nccoKtQSSsO+2c4YCWfQVLjRVX5jg/Fm3WsQPrrXvKADBV4EOjRNg1SEPQkfsdy8+
         kk97+A6/1K8ySFiPZPiUx4zwBe0krhHLch3e6rpGobvjOBBVslEWq5pII3Bwdk22mzby
         oVDMOtFy2oRba55VplUKQFi7+aX+wYRksp6WfAXVQ1jzkYDrnHrez+1vAxF0c9/r0lIK
         i6YQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=aTr0fxtUMzq/ay1/A3j5LUFDFlLEv8ikVz/8nXUfej0=;
        b=YVD92/kQ6HVK1JGBGWxhH6ZuROLcZ5UG55UQRvIfCCF1t+8wOkXEMquEwixXY+BXd3
         ZO8uK10xCNwSVD5AOdKoex5OY82izKI5vgaZ1YPaB00qZF3c5RgkI5/3pfDNssRTpMf4
         B5x4ucx+J69HmRlbrkPhZp6gh51vjgFvOd0Y21SXBycUmafww6Nh/vpp4T2MCWPzBVlb
         JXrrGeEBKITd/bJQK5uP82ablhmERlTyozORZSqFRsysCseOjK6CjmUqT9EbE5MVa23p
         9HIw1sjS0qQnJA1AWYyRvjQbN2sJILgDLT5e3ec8FOUg5Id2LJ4sFfmMFd8h/lL0WvNW
         ANjA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=mii6cpHb;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id v26si2219342ejg.723.2021.01.07.06.34.03;
        Thu, 07 Jan 2021 06:34:27 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=mii6cpHb;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728996AbhAGObr (ORCPT <rfc822;linuxmindflow@gmail.com>
        + 99 others); Thu, 7 Jan 2021 09:31:47 -0500
Received: from mail.kernel.org ([198.145.29.99]:45832 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1728984AbhAGObr (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 7 Jan 2021 09:31:47 -0500
Received: by mail.kernel.org (Postfix) with ESMTPSA id DDF1923370;
        Thu,  7 Jan 2021 14:30:46 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1610029847;
        bh=mf2OZCsr1hT4C44vU3RJEfQi0oH2d53fQjELBwfXQUE=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=mii6cpHb1FwH0NhH16f/p4Po9Z99lH27TqouNwO1j2YfzH6WrO84ualhjN4bAslL/
         1zl5+Urn4ZY3Dlatskt0i6xvRUh5+TlWYEvKHM4pBqc9OOBY8VsJZRp+zEX11Vptcf
         PjlGa7ge65Y8hVM9QtaOsvGRaDQ8q3HsVK8Lbgxc=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org,
        syzbot+a79e17c39564bedf0930@syzkaller.appspotmail.com,
        Anant Thazhemadam <anant.thazhemadam@gmail.com>
Subject: [PATCH 4.14 16/29] misc: vmw_vmci: fix kernel info-leak by initializing dbells in vmci_ctx_get_chkpt_doorbells()
Date:   Thu,  7 Jan 2021 15:31:31 +0100
Message-Id: <20210107143055.223687558@linuxfoundation.org>
X-Mailer: git-send-email 2.30.0
In-Reply-To: <20210107143052.973437064@linuxfoundation.org>
References: <20210107143052.973437064@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Anant Thazhemadam <anant.thazhemadam@gmail.com>

commit 31dcb6c30a26d32650ce134820f27de3c675a45a upstream.

A kernel-infoleak was reported by syzbot, which was caused because
dbells was left uninitialized.
Using kzalloc() instead of kmalloc() fixes this issue.

Reported-by: syzbot+a79e17c39564bedf0930@syzkaller.appspotmail.com
Tested-by: syzbot+a79e17c39564bedf0930@syzkaller.appspotmail.com
Signed-off-by: Anant Thazhemadam <anant.thazhemadam@gmail.com>
Link: https://lore.kernel.org/r/20201122224534.333471-1-anant.thazhemadam@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 drivers/misc/vmw_vmci/vmci_context.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/drivers/misc/vmw_vmci/vmci_context.c
+++ b/drivers/misc/vmw_vmci/vmci_context.c
@@ -751,7 +751,7 @@ static int vmci_ctx_get_chkpt_doorbells(
 			return VMCI_ERROR_MORE_DATA;
 		}
 
-		dbells = kmalloc(data_size, GFP_ATOMIC);
+		dbells = kzalloc(data_size, GFP_ATOMIC);
 		if (!dbells)
 			return VMCI_ERROR_NO_MEM;