Merge tag 'v5.5-rc7' into perf/core, to pick up fixes

Signed-off-by: Ingo Molnar <mingo@kernel.org>
author: Ingo Molnar <mingo@kernel.org> 2020-01-20 08:43:44 +0100
committer: Ingo Molnar <mingo@kernel.org> 2020-01-20 08:43:44 +0100
commit: cb6c82df684e912b10245c13200ef09c9d372fc2 (patch)
tree: 98448cea990ecf17ad39798980ab18165b72b7ac /kernel/seccomp.c
parent: perf/x86/amd: Add support for Large Increment per Cycle Events (diff)
parent: Linux 5.5-rc7 (diff)
download: linux-cb6c82df684e912b10245c13200ef09c9d372fc2.tar.xz
linux-cb6c82df684e912b10245c13200ef09c9d372fc2.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index 12d2227e5786..b6ea3dcb57bf 100644
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -1026,6 +1026,13 @@ static long seccomp_notify_recv(struct seccomp_filter *filter,
 	struct seccomp_notif unotif;
 	ssize_t ret;
 
+	/* Verify that we're not given garbage to keep struct extensible. */
+	ret = check_zeroed_user(buf, sizeof(unotif));
+	if (ret < 0)
+		return ret;
+	if (!ret)
+		return -EINVAL;
+
 	memset(&unotif, 0, sizeof(unotif));
 
 	ret = down_interruptible(&filter->notif->request);
author	Ingo Molnar <mingo@kernel.org>	2020-01-20 08:43:44 +0100
committer	Ingo Molnar <mingo@kernel.org>	2020-01-20 08:43:44 +0100
commit	cb6c82df684e912b10245c13200ef09c9d372fc2 (patch)
tree	98448cea990ecf17ad39798980ab18165b72b7ac /kernel/seccomp.c
parent	perf/x86/amd: Add support for Large Increment per Cycle Events (diff)
parent	Linux 5.5-rc7 (diff)
download	linux-cb6c82df684e912b10245c13200ef09c9d372fc2.tar.xz linux-cb6c82df684e912b10245c13200ef09c9d372fc2.zip