struct sioc_vif_req has a padding hole after the vifi field due to
alignment requirements. These padding bytes were uninitialized,
potentially leaking kernel stack memory to userspace when the
struct is copied via sock_ioctl_inout().

Reported by Smatch:
    net/ipv4/ipmr.c:1575 ipmr_sk_ioctl() warn: check that 'buffer'
    doesn't leak information (struct has a hole after 'vifi')

Fixes: e1d001fa5b47 ("net: ioctl: Use kernel memory on protocol ioctl callbacks")
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
---
 net/ipv4/ipmr.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c
index ca9eaee4c2ef..18441fbe7ed7 100644
--- a/net/ipv4/ipmr.c
+++ b/net/ipv4/ipmr.c
@@ -1571,6 +1571,7 @@ int ipmr_sk_ioctl(struct sock *sk, unsigned int cmd, void __user *arg)
 	/* These userspace buffers will be consumed by ipmr_ioctl() */
 	case SIOCGETVIFCNT: {
 		struct sioc_vif_req buffer;
+		memset(&buffer, 0, sizeof(buffer));
 
 		return sock_ioctl_inout(sk, cmd, arg, &buffer,
 				      sizeof(buffer));
-- 
2.43.0