net/netfilter: use memset avoid infoleaks

Message ID	20220301081824.2053310-1-chi.minghao@zte.com.cn (mailing list archive)
State	Awaiting Upstream
Delegated to:	Netdev Maintainers
Headers	show Return-Path: <netdev-owner@kernel.org> From: cgel.zte@gmail.com To: pablo@netfilter.org Cc: kadlec@netfilter.org, fw@strlen.de, davem@davemloft.net, kuba@kernel.org, ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org, kafai@fb.com, songliubraving@fb.com, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, bpf@vger.kernel.org, linux-kernel@vger.kernel.org, Minghao Chi <chi.minghao@zte.com.cn>, Zeal Robot <zealci@zte.com.cn> Subject: [PATCH] net/netfilter: use memset avoid infoleaks Date: Tue, 1 Mar 2022 08:18:24 +0000 Message-Id: <20220301081824.2053310-1-chi.minghao@zte.com.cn> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	net/netfilter: use memset avoid infoleaks \| expand net/netfilter: use memset avoid infoleaks

Message ID

20220301081824.2053310-1-chi.minghao@zte.com.cn (mailing list archive)

State

Awaiting Upstream

Delegated to:

Netdev Maintainers

Headers

From: cgel.zte@gmail.com
To: pablo@netfilter.org
Cc: kadlec@netfilter.org, fw@strlen.de, davem@davemloft.net,
        kuba@kernel.org, ast@kernel.org, daniel@iogearbox.net,
        andrii@kernel.org, kafai@fb.com, songliubraving@fb.com, yhs@fb.com,
        john.fastabend@gmail.com, kpsingh@kernel.org,
        netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
        netdev@vger.kernel.org, bpf@vger.kernel.org,
        linux-kernel@vger.kernel.org, Minghao Chi <chi.minghao@zte.com.cn>,
        Zeal Robot <zealci@zte.com.cn>
Subject: [PATCH] net/netfilter: use memset avoid infoleaks
Date: Tue,  1 Mar 2022 08:18:24 +0000
Message-Id: <20220301081824.2053310-1-chi.minghao@zte.com.cn>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

net/netfilter: use memset avoid infoleaks | expand

Context	Check	Description
netdev/tree_selection	success	Guessed tree name to be net-next
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/subject_prefix	warning	Target tree name not specified in the subject
netdev/cover_letter	success	Single patches do not need cover letters
netdev/patch_count	success	Link
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	success	Errors and warnings before: 0 this patch: 0
netdev/cc_maintainers	success	CCed 17 of 17 maintainers
netdev/build_clang	success	Errors and warnings before: 0 this patch: 0
netdev/module_param	success	Was 0 now: 0
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/verify_fixes	success	No Fixes tag
netdev/build_allmodconfig_warn	success	Errors and warnings before: 0 this patch: 0
netdev/checkpatch	success	total: 0 errors, 0 warnings, 0 checks, 7 lines checked
netdev/kdoc	success	Errors and warnings before: 0 this patch: 0
netdev/source_inline	success	Was 0 now: 0

Context

Check

Description

netdev/tree_selection

success

Guessed tree name to be net-next

netdev/fixes_present

success

Fixes tag not required for -next series

netdev/subject_prefix

warning

Target tree name not specified in the subject

netdev/cover_letter

success

Single patches do not need cover letters

netdev/patch_count

success

Link

netdev/header_inline

success

No static functions without inline keyword in header files

netdev/build_32bit

success

Errors and warnings before: 0 this patch: 0

netdev/cc_maintainers

success

CCed 17 of 17 maintainers

netdev/build_clang

success

Errors and warnings before: 0 this patch: 0

netdev/module_param

success

Was 0 now: 0

netdev/verify_signedoff

success

Signed-off-by tag matches author and committer

netdev/verify_fixes

success

No Fixes tag

netdev/build_allmodconfig_warn

success

Errors and warnings before: 0 this patch: 0

netdev/checkpatch

success

total: 0 errors, 0 warnings, 0 checks, 7 lines checked

netdev/kdoc

success

Errors and warnings before: 0 this patch: 0

netdev/source_inline

success

Was 0 now: 0

Commit Message

CGEL March 1, 2022, 8:18 a.m. UTC

From: Minghao Chi (CGEL ZTE) <chi.minghao@zte.com.cn>

Use memset to initialize structs to preventing infoleaks
in __bpf_mt_check_bytecode

Reported-by: Zeal Robot <zealci@zte.com.cn>
Signed-off-by: Minghao Chi (CGEL ZTE) <chi.minghao@zte.com.cn>
---
 net/netfilter/xt_bpf.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Florian Westphal March 1, 2022, 9:38 a.m. UTC | #1

cgel.zte@gmail.com <cgel.zte@gmail.com> wrote:
> From: Minghao Chi (CGEL ZTE) <chi.minghao@zte.com.cn>
> 
> Use memset to initialize structs to preventing infoleaks
> in __bpf_mt_check_bytecode

What infoleak, care to elaborate?  I don't see where this gets
returned to userspace, its on-stack struct?

diff --git a/net/netfilter/xt_bpf.c b/net/netfilter/xt_bpf.c
index 849ac552a154..5750a68a2a3f 100644
--- a/net/netfilter/xt_bpf.c
+++ b/net/netfilter/xt_bpf.c
@@ -29,6 +29,7 @@  static int __bpf_mt_check_bytecode(struct sock_filter *insns, __u16 len,
 	if (len > XT_BPF_MAX_NUM_INSTR)
 		return -EINVAL;
 
+	memset(&program, 0x0, sizeof(program));
 	program.len = len;
 	program.filter = insns;

net/netfilter: use memset avoid infoleaks

Checks

Commit Message

Comments

Patch