From b4575761960a0276e554c1d3a87dae103b52c445 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Thu, 4 Oct 2018 11:06:14 -0700 Subject: [PATCH] tty: wipe buffer if not echoing data commit b97b3d9fb57860a60592859e332de7759fd54c2e upstream. If we are not echoing the data to userspace or the console is in icanon mode, then perhaps it is a "secret" so we should wipe it once we are done with it. This mirrors the logic that the audit code has. Reported-by: aszlig Tested-by: Milan Broz Tested-by: Daniel Zatovic Tested-by: aszlig Cc: Willy Tarreau Signed-off-by: Greg Kroah-Hartman --- drivers/tty/n_tty.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c index f53682b..4d46a1c 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -188,15 +188,29 @@ static int receive_room(struct tty_struct *tty) return left; } +/* If we are not echoing the data, perhaps this is a secret so erase it */ +static inline void zero_buffer(struct tty_struct *tty, u8 *buffer, int size) +{ + bool icanon = !!L_ICANON(tty); + bool no_echo = !L_ECHO(tty); + + if (icanon && no_echo) + memset(buffer, 0x00, size); +} + static inline int tty_copy_to_user(struct tty_struct *tty, void __user *to, - const void *from, + void *from, unsigned long n) { struct n_tty_data *ldata = tty->disc_data; + int retval; tty_audit_add_data(tty, from, n, ldata->icanon); - return copy_to_user(to, from, n); + retval = copy_to_user(to, from, n); + if (!retval) + zero_buffer(tty, from, n); + return retval; } /** @@ -2006,6 +2020,7 @@ static int copy_from_read_buf(struct tty_struct *tty, is_eof = n == 1 && read_buf(ldata, tail) == EOF_CHAR(tty); tty_audit_add_data(tty, read_buf_addr(ldata, tail), n, ldata->icanon); + zero_buffer(tty, read_buf_addr(ldata, tail), n); ldata->read_tail += n; /* Turn single EOF into zero-length read */ if (L_EXTPROC(tty) && ldata->icanon && is_eof && !read_cnt(ldata)) -- 2.7.4