From: Andrzej Pietrasiewicz Date: Wed, 2 Mar 2011 12:12:13 +0000 (-0300) Subject: [media] v4l2: vb2-dma-sg: fix potential security hole X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=941f896071c5c9120c8473c77246beaf36155247;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git [media] v4l2: vb2-dma-sg: fix potential security hole Memory allocated by alloc_page() function might contain some potentially important data from other system processes. The patch adds a flag to zero the allocated page before giving it to videobuf2 (and then to userspace). Signed-off-by: Andrzej Pietrasiewicz Signed-off-by: Kyungmin Park Signed-off-by: Marek Szyprowski Signed-off-by: Mauro Carvalho Chehab --- diff --git a/drivers/media/video/videobuf2-dma-sg.c b/drivers/media/video/videobuf2-dma-sg.c index d5311ff3fab0..b2d9485aac75 100644 --- a/drivers/media/video/videobuf2-dma-sg.c +++ b/drivers/media/video/videobuf2-dma-sg.c @@ -62,7 +62,7 @@ static void *vb2_dma_sg_alloc(void *alloc_ctx, unsigned long size) goto fail_pages_array_alloc; for (i = 0; i < buf->sg_desc.num_pages; ++i) { - buf->pages[i] = alloc_page(GFP_KERNEL); + buf->pages[i] = alloc_page(GFP_KERNEL | __GFP_ZERO); if (NULL == buf->pages[i]) goto fail_pages_alloc; sg_set_page(&buf->sg_desc.sglist[i],