[src/trunk]: src/sys/net Fix info leak: use kmem_zalloc, because we align the...

[maxv <maxv%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/fee1b5051dc1
branches:  trunk
changeset: 1000154:fee1b5051dc1
user:      maxv <maxv%NetBSD.org@localhost>
date:      Wed Jul 10 17:55:33 2019 +0000

description:
Fix info leak: use kmem_zalloc, because we align the buffers, and the
otherwise uninitialized padding bytes get copied to userland in bpf_read().

diffstat:

 sys/net/bpf.c |  8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diffs (31 lines):

diff -r f905b64406d0 -r fee1b5051dc1 sys/net/bpf.c
--- a/sys/net/bpf.c     Wed Jul 10 17:52:22 2019 +0000
+++ b/sys/net/bpf.c     Wed Jul 10 17:55:33 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: bpf.c,v 1.228 2018/09/03 16:29:35 riastradh Exp $      */
+/*     $NetBSD: bpf.c,v 1.229 2019/07/10 17:55:33 maxv Exp $   */
 
 /*
  * Copyright (c) 1990, 1991, 1993
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.228 2018/09/03 16:29:35 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.229 2019/07/10 17:55:33 maxv Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_bpf.h"
@@ -1987,10 +1987,10 @@
 bpf_allocbufs(struct bpf_d *d)
 {
 
-       d->bd_fbuf = kmem_alloc(d->bd_bufsize, KM_NOSLEEP);
+       d->bd_fbuf = kmem_zalloc(d->bd_bufsize, KM_NOSLEEP);
        if (!d->bd_fbuf)
                return (ENOBUFS);
-       d->bd_sbuf = kmem_alloc(d->bd_bufsize, KM_NOSLEEP);
+       d->bd_sbuf = kmem_zalloc(d->bd_bufsize, KM_NOSLEEP);
        if (!d->bd_sbuf) {
                kmem_free(d->bd_fbuf, d->bd_bufsize);
                return (ENOBUFS);