Commit 3c4f850e authored by Peilin Ye's avatar Peilin Ye Committed by Daniel Borkmann

xdp: Prevent kernel-infoleak in xsk_getsockopt()

xsk_getsockopt() is copying uninitialized stack memory to userspace when
'extra_stats' is 'false'. Fix it. Doing '= {};' is sufficient since currently
'struct xdp_statistics' is defined as follows:

  struct xdp_statistics {
    __u64 rx_dropped;
    __u64 rx_invalid_descs;
    __u64 tx_invalid_descs;
    __u64 rx_ring_full;
    __u64 rx_fill_ring_empty_descs;
    __u64 tx_ring_empty_descs;
  };

When being copied to the userspace, 'stats' will not contain any uninitialized
'holes' between struct fields.

Fixes: 8aa5a335 ("xsk: Add new statistics")
Suggested-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: default avatarPeilin Ye <yepeilin.cs@gmail.com>
Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
Acked-by: default avatarBjörn Töpel <bjorn.topel@intel.com>
Acked-by: default avatarSong Liu <songliubraving@fb.com>
Acked-by: default avatarArnd Bergmann <arnd@arndb.de>
Link: https://lore.kernel.org/bpf/20200728053604.404631-1-yepeilin.cs@gmail.com
parent f6dfbe31
...@@ -840,7 +840,7 @@ static int xsk_getsockopt(struct socket *sock, int level, int optname, ...@@ -840,7 +840,7 @@ static int xsk_getsockopt(struct socket *sock, int level, int optname,
switch (optname) { switch (optname) {
case XDP_STATISTICS: case XDP_STATISTICS:
{ {
struct xdp_statistics stats; struct xdp_statistics stats = {};
bool extra_stats = true; bool extra_stats = true;
size_t stats_size; size_t stats_size;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment