On Thu, Aug 06, 2020 at 11:35:38PM -0700, Kees Cook wrote: > The only-root-readable /sys/module/$module/sections/$section files > did not truncate their output to the available buffer size. While most > paths into the kernfs read handlers end up using PAGE_SIZE buffers, > it's possible to get there through other paths (e.g. splice, sendfile). > Actually limit the output to the "count" passed into the read function, > and report it back correctly. *sigh*
Ugh, never thought about that... Reviewed-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
