Commit 941f8960 authored Mar 02, 2011 by Andrzej Pietrasiewicz Committed by Mauro Carvalho Chehab Mar 22, 2011

[media] v4l2: vb2-dma-sg: fix potential security hole



Memory allocated by alloc_page() function might contain some potentially
important data from other system processes. The patch adds a flag to
zero the allocated page before giving it to videobuf2 (and then to
userspace).

Signed-off-by: Andrzej Pietrasiewicz <andrzej.p@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>

parent 72f1fc33

drivers/media/video/videobuf2-dma-sg.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -62,7 +62,7 @@ static void vb2_dma_sg_alloc(void alloc_ctx, unsigned long size)
		goto fail_pages_array_alloc;

		for (i = 0; i < buf->sg_desc.num_pages; ++i) {
		buf->pages[i] = alloc_page(GFP_KERNEL);
		buf->pages[i] = alloc_page(GFP_KERNEL \| __GFP_ZERO);
		if (NULL == buf->pages[i])
		goto fail_pages_alloc;
		sg_set_page(&buf->sg_desc.sglist[i],