Re: [PATCH 1/3] mm/vmalloc: fix size check for remap_vmalloc_range_partial()

From: Andrey Ryabinin
Date: Fri Jan 11 2019 - 14:19:02 EST

Next message: Andrey Ryabinin: "Re: [PATCH 3/3] mm/vmalloc: pass VM_USERMAP flags directly to __vmalloc_node_range()"
Previous message: Tri Vo: "[PATCH v2] x86_64: Add "-m elf_i386" when linking i386 object files."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/3/19 5:59 PM, Roman Penyaev wrote:
> area->size can include adjacent guard page but get_vm_area_size()
> returns actual size of the area.
>
> This fixes possible kernel crash when userspace tries to map area
> on 1 page bigger: size check passes but the following vmalloc_to_page()
> returns NULL on last guard (non-existing) page.
>
> Signed-off-by: Roman Penyaev <rpenyaev@xxxxxxx>
> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> Cc: Michal Hocko <mhocko@xxxxxxxx>
> Cc: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
> Cc: Joe Perches <joe@xxxxxxxxxxx>
> Cc: "Luis R. Rodriguez" <mcgrof@xxxxxxxxxx>
> Cc: linux-mm@xxxxxxxxx
> Cc: linux-kernel@xxxxxxxxxxxxxxx
> Cc: stable@xxxxxxxxxxxxxxx
> ---

Fixes: e69e9d4aee71 ("vmalloc: introduce remap_vmalloc_range_partial")
Acked-by: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>

Next message: Andrey Ryabinin: "Re: [PATCH 3/3] mm/vmalloc: pass VM_USERMAP flags directly to __vmalloc_node_range()"
Previous message: Tri Vo: "[PATCH v2] x86_64: Add "-m elf_i386" when linking i386 object files."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]