https://source.android.com/security/bulletin/2020-03-01
CVE-2019-19527
CVE-2019-19537
CVE-2020-0040
CVE-2020-0041
CVE-2020-0009
UPSTREAM: sched/psi: Fix OOB write when writing 0 bytes to PSI files

Issuing write() with count parameter set to 0 on any file under
/proc/pressure/ will cause an OOB write because of the access to
buf[buf_size-1] when NUL-termination is performed. Fix this by checking
for buf_size to be non-zero.

Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Link: https://lkml.kernel.org/r/20200203212216.7076-1-surenb@google.com

(cherry picked from commit 6fcca0fa48118e6d63733eb4644c6cd880c15b8f)

Bug: 148159562
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I9ec7acfc6e1083c677a95b0ea1c559ab50152873
1 file changed