luck/tmp_suning_uos_patched
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f86de018fd
tmp_suning_uos_patched/arch/s390
History
David Hildenbrand 79286ea830 s390/pci_mmio: fully validate the VMA before calling follow_pte() 
commit a8b92b8c1eac8d655a97b1e90f4d83c25d9b9a18 upstream.

We should not walk/touch page tables outside of VMA boundaries when
holding only the mmap sem in read mode. Evil user space can modify the
VMA layout just before this function runs and e.g., trigger races with
page table removal code since commit dd2283f260 ("mm: mmap: zap pages
with read mmap_sem in munmap").

find_vma() does not check if the address is >= the VMA start address;
use vma_lookup() instead.

Reviewed-by: Niklas Schnelle <schnelle@linux.ibm.com>
Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Fixes: dd2283f260 ("mm: mmap: zap pages with read mmap_sem in munmap")
Signed-off-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-09-26 14:08:55 +02:00
..
appldata s390/appldata: use struct_size() helper 2020-06-29 16:32:34 +02:00
boot s390/boot: fix use of expolines in the DMA code 2021-07-28 14:35:42 +02:00
configs s390: update defconfigs 2020-11-12 12:10:36 +01:00
crypto s390/archrandom: add parameter check for s390_arch_random_generate 2021-05-11 14:47:31 +02:00
hypfs fs_parse: fold fs_parameter_desc/fs_parameter_spec 2020-02-07 14:48:37 -05:00
include s390: make PCI mio support a machine flag 2021-09-18 13:40:22 +02:00
kernel s390: make PCI mio support a machine flag 2021-09-18 13:40:22 +02:00
kvm KVM: s390: index kvm->arch.idle_mask by vcpu_idx 2021-09-15 09:50:47 +02:00
lib s390/test_unwind: fix CALL_ON_STACK tests 2020-12-30 11:53:56 +01:00
mm s390/pv: fix the forcing of the swiotlb 2021-09-18 13:40:36 +02:00
net s390/bpf: Fix branch shortening during codegen pass 2021-09-22 12:28:02 +02:00
oprofile s390/unwind: introduce stack unwind API 2019-05-02 13:54:11 +02:00
pci s390/pci_mmio: fully validate the VMA before calling follow_pte() 2021-09-26 14:08:55 +02:00
purgatory s390: disable SSP when needed 2021-07-20 16:05:42 +02:00
tools .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
Kbuild s390/numa: move code to arch/s390/kernel 2020-08-11 18:16:55 +02:00
Kconfig s390: appldata depends on PROC_SYSCTL 2021-07-14 16:56:42 +02:00
Kconfig.debug s390/mm,ptdump: convert to generic page table dumper 2020-09-14 11:38:34 +02:00
Makefile s390: disable SSP when needed 2021-07-20 16:05:42 +02:00