diff options
| author | kib <kib@FreeBSD.org> | 2012-11-08 03:17:41 +0000 |
|---|---|---|
| committer | kib <kib@FreeBSD.org> | 2012-11-08 03:17:41 +0000 |
| commit | a6087f0bd1f606a167eb4e97ac80d3faf8bafa39 (patch) | |
| tree | 885cf69e2b68584ffa14cd4feef2e9252b433b61 | |
| parent | ab4526dbe850d9bcf55f30ff75175aeea62da778 (diff) | |
| download | FreeBSD-src-a6087f0bd1f606a167eb4e97ac80d3faf8bafa39.zip FreeBSD-src-a6087f0bd1f606a167eb4e97ac80d3faf8bafa39.tar.gz | |
Zero the newly allocated md(4) swap-backed page to prevent random
kernel memory leakage to userspace. For the typical use, when a
filesystem put on the md disk, the change only results in CPU and
memory bandwidth spent to zero the page, since filsystems make sure
that user never see unwritten content. But if md disk is used as raw
device by userspace, the garbage is exposed.
Reported by: Paul Schenkeveld <freebsd@psconsult.nl>
MFC after: 2 weeks
| -rw-r--r-- | sys/dev/md/md.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/sys/dev/md/md.c b/sys/dev/md/md.c index a86c26a..443c127 100644 --- a/sys/dev/md/md.c +++ b/sys/dev/md/md.c @@ -677,6 +677,15 @@ mdstart_swap(struct md_s *sc, struct bio *bp) sched_unpin(); vm_page_wakeup(m); break; + } else if (rv == VM_PAGER_FAIL) { + /* + * Pager does not have the page. Zero + * the allocated page, and mark it as + * valid. Do not set dirty, the page + * can be recreated if thrown out. + */ + bzero((void *)sf_buf_kva(sf), PAGE_SIZE); + m->valid = VM_PAGE_BITS_ALL; } bcopy((void *)(sf_buf_kva(sf) + offs), p, len); cpu_flush_dcache(p, len); |
