Date: Fri, 25 Mar 2022 17:00:44 GMT From: John Baldwin <jhb@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: b234b8d911cd - main - arm: Zero padding in mcontext_vfp_t in get_vfpcontext(). Message-ID: <202203251700.22PH0i2E097661@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=b234b8d911cdb4fe53032fde0cb8611ae9d0b81d commit b234b8d911cdb4fe53032fde0cb8611ae9d0b81d Author: John Baldwin <jhb@FreeBSD.org> AuthorDate: 2022-03-25 16:57:20 +0000 Commit: John Baldwin <jhb@FreeBSD.org> CommitDate: 2022-03-25 16:57:20 +0000 arm: Zero padding in mcontext_vfp_t in get_vfpcontext(). This can leak kernel stack data otherwise. Reviewed by: imp, markj Sponsored by: The University of Cambridge, Google, Inc. Differential Revision: https://reviews.freebsd.org/D34594 --- sys/arm/arm/exec_machdep.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/arm/arm/exec_machdep.c b/sys/arm/arm/exec_machdep.c index fdd57d7859c5..16c43e3a14fe 100644 --- a/sys/arm/arm/exec_machdep.c +++ b/sys/arm/arm/exec_machdep.c @@ -107,6 +107,7 @@ get_vfpcontext(struct thread *td, mcontext_vfp_t *vfp) critical_exit(); } else MPASS(TD_IS_SUSPENDED(td)); + memset(vfp, 0, sizeof(*vfp)); memcpy(vfp->mcv_reg, pcb->pcb_vfpstate.reg, sizeof(vfp->mcv_reg)); vfp->mcv_fpscr = pcb->pcb_vfpstate.fpscr;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202203251700.22PH0i2E097661>