• Tejun Heo's avatar
    sysfs: make sure read buffer is zeroed · f5c16f29
    Tejun Heo authored
    13c589d5 ("sysfs: use seq_file when reading regular files")
    switched sysfs from custom read implementation to seq_file to enable
    later transition to kernfs.  After the change, the buffer passed to
    ->show() is acquired through seq_get_buf(); unfortunately, this
    introduces a subtle behavior change.  Before the commit, the buffer
    passed to ->show() was always zero as it was allocated using
    get_zeroed_page().  Because seq_file doesn't clear buffers on
    allocation and neither does seq_get_buf(), after the commit, depending
    on the behavior of ->show(), we may end up exposing uninitialized data
    to userland thus possibly altering userland visible behavior and
    leaking information.
    
    Fix it by explicitly clearing the buffer.
    Signed-off-by: default avatarTejun Heo <tj@kernel.org>
    Reported-by: default avatarRon <ron@debian.org>
    Fixes: 13c589d5 ("sysfs: use seq_file when reading regular files")
    Cc: stable <stable@vger.kernel.org> # 3.13+
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    f5c16f29
file.c 10.7 KB