net/bpfilter: Initialize pos in __bpfilter_process_sockopt

__bpfilter_process_sockopt never initialized the pos variable passed to the pipe write. This has been mostly harmless in the past as pipes ignore the offset, but the switch to kernel_write now verified the position, which can lead to a failure depending on the exact stack initialization pattern. Initialize the variable to zero to make rw_verify_area happy. Fixes: 6955a76fbcd5 ("bpfilter: switch to kernel_write") Reported-by: Christian Brauner <christian.brauner@ubuntu.com> Reported-by: Rodrigo Madera <rodrigo.madera@gmail.com> Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Tested-by: Rodrigo Madera <rodrigo.madera@gmail.com> Tested-by: Christian Brauner <christian.brauner@ubuntu.com> Reviewed-by: Christian Brauner <christian.brauner@ubuntu.com> Link: https://lore.kernel.org/bpf/20200730160900.187157-1-hch@lst.de
author: Christoph Hellwig <hch@lst.de> 2020-07-30 18:09:00 +0200
committer: Daniel Borkmann <daniel@iogearbox.net> 2020-07-31 01:07:32 +0200
commit: 4f010246b4087ab931b060481014ec110e6a8a46 (patch)
tree: e454d2a5f3dad27c81eaaba95127c681cdb6cce4
parent: 0ba58348414eb10249480635545758b40b3c33b6 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/bpfilter/bpfilter_kern.c b/net/bpfilter/bpfilter_kern.c
index c0f0990f30b6..cfb27166bfd7 100644
--- a/net/bpfilter/bpfilter_kern.c
+++ b/net/bpfilter/bpfilter_kern.c
@@ -39,7 +39,7 @@ static int __bpfilter_process_sockopt(struct sock *sk, int optname,
 {
 	struct mbox_request req;
 	struct mbox_reply reply;
-	loff_t pos;
+	loff_t pos = 0;
 	ssize_t n;
 	int ret = -EFAULT;
author	Christoph Hellwig <hch@lst.de>	2020-07-30 18:09:00 +0200
committer	Daniel Borkmann <daniel@iogearbox.net>	2020-07-31 01:07:32 +0200
commit	4f010246b4087ab931b060481014ec110e6a8a46 (patch)
tree	e454d2a5f3dad27c81eaaba95127c681cdb6cce4
parent	0ba58348414eb10249480635545758b40b3c33b6 (diff)