accel/habanalabs: fix information leak in sec_attest_info()
[ Upstream commit a9f07790 ] This function may copy the pad0 field of struct hl_info_sec_attest to user mode which has not been initialized, resulting in leakage of kernel heap data to user mode. To prevent this, use kzalloc() to allocate and zero out the buffer, which can also eliminate other uninitialized holes, if any. Fixes: 0c88760f ("habanalabs/gaudi2: add secured attestation info uapi") Signed-off-by:Xingyuan Mo <hdthky0@gmail.com> Reviewed-by:
Oded Gabbay <ogabbay@kernel.org> Signed-off-by:
Sasha Levin <sashal@kernel.org>
Loading