[PATCH 1/1] block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern

[Yuxuan Luo]

Add __GFP_ZERO flag for alloc_page in function bio_copy_kern to initialize
the buffer of a bio.

Signed-off-by: Haimin Zhang <tcs.kernel at gmail.com>
Reviewed-by: Chaitanya Kulkarni <kch at nvidia.com>
Reviewed-by: Christoph Hellwig <hch at lst.de>
Link: https://lore.kernel.org/r/20220216084038.15635-1-tcs.kernel@gmail.com
Signed-off-by: Jens Axboe <axboe at kernel.dk>
(backported from commit cc8f7fe1f5eab010191aa4570f27641876fa1267)
[yuxuan.luo: only add the flag to solve the uninitialization problem]
CVE-2022-0494
Signed-off-by: Yuxuan Luo <yuxuan.luo at canonical.com>
---
 block/bio.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/block/bio.c b/block/bio.c
index 58921797f2e63..2d23063819544 100644
--- a/block/bio.c
+++ b/block/bio.c
@@ -1541,7 +1541,7 @@ struct bio *bio_copy_kern(struct request_queue *q, void *data, unsigned int len,
 		if (bytes > len)
 			bytes = len;
 
-		page = alloc_page(q->bounce_gfp | gfp_mask);
+		page = alloc_page(q->bounce_gfp | __GFP_ZERO | gfp_mask);
 		if (!page)
 			goto cleanup;
 
-- 
2.34.1