From patchwork Sun Jul 31 07:27:39 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roland Dreier X-Patchwork-Id: 9253287 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id E07F560865 for ; Sun, 31 Jul 2016 07:27:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D072B2845C for ; Sun, 31 Jul 2016 07:27:52 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C148428482; Sun, 31 Jul 2016 07:27:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4EAAC2845C for ; Sun, 31 Jul 2016 07:27:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751267AbcGaH1v (ORCPT ); Sun, 31 Jul 2016 03:27:51 -0400 Received: from mail-pa0-f50.google.com ([209.85.220.50]:35394 "EHLO mail-pa0-f50.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751002AbcGaH1u (ORCPT ); Sun, 31 Jul 2016 03:27:50 -0400 Received: by mail-pa0-f50.google.com with SMTP id iw10so43086636pac.2 for ; Sun, 31 Jul 2016 00:27:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=purestorage.com; s=google; h=sender:from:to:cc:subject:date:message-id; bh=6KbqXqREVSKuJSH7h3DTnoR9TZdC1lm5z/O6RUB+Lh4=; b=aCJ/75ZAnIkjlAhpuR54SoYL6BXtvu8usJCmuTe8Pr/YBP9qBwkyprZcoFNCtT7yTK y0HsiZIrAVl2GEFsiab+/Qqy31xTKWTGEzvvCxdMHlmciIQAVy27UhnpzGsaDoVCvYpn M9XpjPwYWZECwc/Ncy0Zkn6w3OxFN5o/wvcSk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id; bh=6KbqXqREVSKuJSH7h3DTnoR9TZdC1lm5z/O6RUB+Lh4=; b=aSSMRNofjqeavJ//lpczuVVtVb4c0n8rEYzE65MHzRx4E1t7Mj+nHRoNL4ciRaisWc VKw6J3uLFG94nKx7o/VJe87Lgox+aPCNHY8zpIgUofSSCKoEfn2r3oPu8z3XopE6NYXM GZa9ZqKYCpfZfYCkqbiZTaXaK15BrW+hkZBIUceWJEMnalYYa5tykCxNLjbstbm9uWnh qe0Gfyp+037exJyZpuYYwOlkZHxdosdr1Ab1PVeBlKdt8UmUj+NqXr8ngIEmp69fDlhD GEIIcXJhX+2aIpHeSG7d/aDOpgo4n6kQFa1E1WVQG+u4qMVLWwSHdauKl5vapqPmonRW pJ8g== X-Gm-Message-State: AEkoousLJ2DMlsEdr41HOjX4kSBx7e/WnYXuXf4MVP2tp92dsA2CApyn3a67FZV5co2S40lW X-Received: by 10.66.123.42 with SMTP id lx10mr83636808pab.95.1469950069793; Sun, 31 Jul 2016 00:27:49 -0700 (PDT) Received: from roland-t440p.purestorage.com ([2001:470:1f05:221:40bb:149:7900:7883]) by smtp.gmail.com with ESMTPSA id u72sm36480481pfa.31.2016.07.31.00.27.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 31 Jul 2016 00:27:49 -0700 (PDT) From: Roland Dreier To: Jens Axboe , Christoph Hellwig Cc: linux-nvme@lists.infradead.org, linux-rdma@vger.kernel.org Subject: [PATCH 1/2] nvme-rdma: Don't leak uninitialized memory in connect request private data Date: Sun, 31 Jul 2016 00:27:39 -0700 Message-Id: <1469950060-18098-1-git-send-email-roland@kernel.org> X-Mailer: git-send-email 2.7.4 Sender: linux-rdma-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-rdma@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Roland Dreier Zero out the full nvme_rdma_cm_req structure before sending it. Otherwise we end up leaking kernel memory in the reserved field, which might break forward compatibility in the future. Signed-off-by: Roland Dreier Acked-by: Sagi Grimberg Reviewed-by: Christoph Hellwig --- drivers/nvme/host/rdma.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/nvme/host/rdma.c b/drivers/nvme/host/rdma.c index 3e3ce2b0424e..b96b88369871 100644 --- a/drivers/nvme/host/rdma.c +++ b/drivers/nvme/host/rdma.c @@ -1269,7 +1269,7 @@ static int nvme_rdma_route_resolved(struct nvme_rdma_queue *queue) { struct nvme_rdma_ctrl *ctrl = queue->ctrl; struct rdma_conn_param param = { }; - struct nvme_rdma_cm_req priv; + struct nvme_rdma_cm_req priv = { }; int ret; param.qp_num = queue->qp->qp_num;