From 6b3f3f257aa58e294dbe6fed5ca50435a59b02ea Mon Sep 17 00:00:00 2001
From: Yaniv Gardi <ygardi@codeaurora.org>
Date: Fri, 1 Aug 2014 00:54:26 +0300
Subject: [PATCH] scsi: ufs: fix a possible kernel info leak to userspace

This change fixes a possible info leak from kernel into userspace, since
two buffers were allocated with kmalloc() and never set their memory
region to 0.
Now, they are being allocated with kzalloc that fixes this issue

Change-Id: I23012ae8d3611c561511775362c3014b9a8be522
Signed-off-by: Yaniv Gardi <ygardi@codeaurora.org>
---
 drivers/scsi/ufs/ufshcd.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c
index 3ae20c41bb16..851970a0b768 100644
--- a/drivers/scsi/ufs/ufshcd.c
+++ b/drivers/scsi/ufs/ufshcd.c
@@ -5014,7 +5014,7 @@ static int ufshcd_query_ioctl(struct ufs_hba *hba, u8 lun, void __user *buffer)
 	u8 index;
 	u8 *desc = NULL;
 
-	ioctl_data = kmalloc(sizeof(struct ufs_ioctl_query_data), GFP_KERNEL);
+	ioctl_data = kzalloc(sizeof(struct ufs_ioctl_query_data), GFP_KERNEL);
 	if (!ioctl_data) {
 		dev_err(hba->dev, "%s: Failed allocating %zu bytes\n", __func__,
 				sizeof(struct ufs_ioctl_query_data));
@@ -5058,7 +5058,7 @@ static int ufshcd_query_ioctl(struct ufs_hba *hba, u8 lun, void __user *buffer)
 		}
 		length = min_t(int, QUERY_DESC_MAX_SIZE,
 				ioctl_data->buf_size);
-		desc = kmalloc(length, GFP_KERNEL);
+		desc = kzalloc(length, GFP_KERNEL);
 		if (!desc) {
 			dev_err(hba->dev, "%s: Failed allocating %d bytes\n",
 					__func__, length);