git: b234b8d911cd - main - arm: Zero padding in mcontext_vfp_t in get_vfpcontext().
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 25 Mar 2022 17:00:44 UTC
The branch main has been updated by jhb:
URL: https://cgit.FreeBSD.org/src/commit/?id=b234b8d911cdb4fe53032fde0cb8611ae9d0b81d
commit b234b8d911cdb4fe53032fde0cb8611ae9d0b81d
Author: John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2022-03-25 16:57:20 +0000
Commit: John Baldwin <jhb@FreeBSD.org>
CommitDate: 2022-03-25 16:57:20 +0000
arm: Zero padding in mcontext_vfp_t in get_vfpcontext().
This can leak kernel stack data otherwise.
Reviewed by: imp, markj
Sponsored by: The University of Cambridge, Google, Inc.
Differential Revision: https://reviews.freebsd.org/D34594
---
sys/arm/arm/exec_machdep.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/sys/arm/arm/exec_machdep.c b/sys/arm/arm/exec_machdep.c
index fdd57d7859c5..16c43e3a14fe 100644
--- a/sys/arm/arm/exec_machdep.c
+++ b/sys/arm/arm/exec_machdep.c
@@ -107,6 +107,7 @@ get_vfpcontext(struct thread *td, mcontext_vfp_t *vfp)
critical_exit();
} else
MPASS(TD_IS_SUSPENDED(td));
+ memset(vfp, 0, sizeof(*vfp));
memcpy(vfp->mcv_reg, pcb->pcb_vfpstate.reg,
sizeof(vfp->mcv_reg));
vfp->mcv_fpscr = pcb->pcb_vfpstate.fpscr;