From owner-svn-src-head@FreeBSD.ORG Thu Nov 8 03:17:41 2012 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6CDCE7D4; Thu, 8 Nov 2012 03:17:41 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 515238FC0C; Thu, 8 Nov 2012 03:17:41 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qA83HfHg092611; Thu, 8 Nov 2012 03:17:41 GMT (envelope-from kib@svn.freebsd.org) Received: (from kib@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id qA83HflE092609; Thu, 8 Nov 2012 03:17:41 GMT (envelope-from kib@svn.freebsd.org) Message-Id: <201211080317.qA83HflE092609@svn.freebsd.org> From: Konstantin Belousov Date: Thu, 8 Nov 2012 03:17:41 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r242744 - head/sys/dev/md X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Nov 2012 03:17:41 -0000 Author: kib Date: Thu Nov 8 03:17:41 2012 New Revision: 242744 URL: http://svnweb.freebsd.org/changeset/base/242744 Log: Zero the newly allocated md(4) swap-backed page to prevent random kernel memory leakage to userspace. For the typical use, when a filesystem put on the md disk, the change only results in CPU and memory bandwidth spent to zero the page, since filsystems make sure that user never see unwritten content. But if md disk is used as raw device by userspace, the garbage is exposed. Reported by: Paul Schenkeveld MFC after: 2 weeks Modified: head/sys/dev/md/md.c Modified: head/sys/dev/md/md.c ============================================================================== --- head/sys/dev/md/md.c Thu Nov 8 02:55:30 2012 (r242743) +++ head/sys/dev/md/md.c Thu Nov 8 03:17:41 2012 (r242744) @@ -677,6 +677,15 @@ mdstart_swap(struct md_s *sc, struct bio sched_unpin(); vm_page_wakeup(m); break; + } else if (rv == VM_PAGER_FAIL) { + /* + * Pager does not have the page. Zero + * the allocated page, and mark it as + * valid. Do not set dirty, the page + * can be recreated if thrown out. + */ + bzero((void *)sf_buf_kva(sf), PAGE_SIZE); + m->valid = VM_PAGE_BITS_ALL; } bcopy((void *)(sf_buf_kva(sf) + offs), p, len); cpu_flush_dcache(p, len);