[Devel,RH7,5/5] uapi/ploop/bc/vzctl: add comments about leaks

Submitted by Dmitry Safonov on Sept. 28, 2016, 2:05 p.m.

Details

Message ID 20160928140513.2518-6-dsafonov@virtuozzo.com
State New
Series "Fix leaks, found by audit"
Headers show

Commit Message

Dmitry Safonov Sept. 28, 2016, 2:05 p.m.
For now copy_to_user on those structures are safe, but that may
be changed with future struct extensions.

https://jira.sw.ru/browse/PSBM-52219

Cc: Maxim Patlasov <mpatlasov@virtuozzo.com>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
---
 include/linux/ploop/ploop_if.h     |  5 +++++
 include/uapi/linux/bc/statd.h      | 15 +++++++++++++++
 include/uapi/linux/vzctl_netstat.h | 10 ++++++++++
 3 files changed, 30 insertions(+)

Patch hide | download patch | download mbox

diff --git a/include/linux/ploop/ploop_if.h b/include/linux/ploop/ploop_if.h
index 302ace984a5a..9c116ce5b74e 100644
--- a/include/linux/ploop/ploop_if.h
+++ b/include/linux/ploop/ploop_if.h
@@ -274,6 +274,11 @@  struct ploop_track_extent
 {
 	__u64	start;
 	__u64	end;
+	/*
+	 * On any changes to this struct keep in mind fixing
+	 * all copy_to_user instances, initializing new fields/paddings
+	 * to prevent possible leaks from kernel-space.
+	 */
 };
 
 /* Start tracking of top delta image. */
diff --git a/include/uapi/linux/bc/statd.h b/include/uapi/linux/bc/statd.h
index 9bbfb42177b3..554c4580b6fd 100644
--- a/include/uapi/linux/bc/statd.h
+++ b/include/uapi/linux/bc/statd.h
@@ -29,6 +29,11 @@  typedef struct {
 	ubstattime_t	start_time;
 	ubstattime_t	end_time;
 	ubstattime_t	cur_time;
+	/*
+	 * On any changes to this struct keep in mind fixing
+	 * all copy_to_user instances, initializing new fields/paddings
+	 * to prevent possible leaks from kernel-space.
+	 */
 } ubgettime_t;
 
 typedef struct {
@@ -39,6 +44,11 @@  typedef struct {
 typedef struct {
 	unsigned long	maxheld;
 	unsigned long	failcnt;
+	/*
+	 * On any changes to this struct keep in mind fixing
+	 * all copy_to_user instances, initializing new fields/paddings
+	 * to prevent possible leaks from kernel-space.
+	 */
 } ubstatparm_t;
 
 typedef struct {
@@ -50,6 +60,11 @@  typedef struct {
 	unsigned long	failcnt;
 	unsigned long __unused1;
 	unsigned long __unused2;
+	/*
+	 * On any changes to this struct keep in mind fixing
+	 * all copy_to_user instances, initializing new fields/paddings
+	 * to prevent possible leaks from kernel-space.
+	 */
 } ubstatparmf_t;
 
 typedef struct {
diff --git a/include/uapi/linux/vzctl_netstat.h b/include/uapi/linux/vzctl_netstat.h
index 425ae8295ecf..33c875148d32 100644
--- a/include/uapi/linux/vzctl_netstat.h
+++ b/include/uapi/linux/vzctl_netstat.h
@@ -24,6 +24,11 @@  struct vz_tc_class_info {
 	__u32				cid;	/* class number */
 	__u32				addr;	/* Network byte order */
 	__u32				mask;	/* subnet mask */
+	/*
+	 * On any changes to this struct keep in mind fixing
+	 * all copy_to_user instances, initializing new fields/paddings
+	 * to prevent possible leaks from kernel-space.
+	 */
 };
 
 
@@ -37,6 +42,11 @@  struct vz_tc_class_info_v6 {
 	__u32				cid;	/* class number */
 	__u32				addr[4];/* Network byte order */
 	__u32				mask[4];/* subnet mask */
+	/*
+	 * On any changes to this struct keep in mind fixing
+	 * all copy_to_user instances, initializing new fields/paddings
+	 * to prevent possible leaks from kernel-space.
+	 */
 };
 
 struct vzctl_tc_classes_v6 {