openkylin
/
linux
mirror of https://gitee.com/openkylin/linux.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
linux/drivers/char
History
Robin Murphy 488debb997 drivers: char: mem: Fix thinkos in kmem address checks 
When borrowing the pfn_valid() check from mmap_kmem(), somebody managed
to get physical and virtual addresses spectacularly muddled up, such
that we've ended up with checks for one being the other. Whilst this
does indeed prevent out-of-bounds accesses crashing, on most systems
it also prevents the more desirable use-case of working at all ever.

Check the *virtual* offset correctly for what it is. Furthermore, do
so in the right place - a read or write may span multiple pages, so a
single up-front check is insufficient. High memory accesses already
have a similar validity check just before the copy_to_user() call, so
just make the low memory path fully consistent with that.

Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
CC: stable@vger.kernel.org
Fixes: 148a1bc843 ("drivers: char: mem: Check {read,write}_kmem() addresses")
Signed-off-by: Robin Murphy <robin.murphy@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2017-01-11 08:02:18 +01:00
..
agp Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
hw_random Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
ipmi Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
mwave Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
pcmcia Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
tpm Merge branch 'akpm' (patches from Andrew) 2016-12-14 17:25:18 -08:00
xilinx_hwicap Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
xillybus char: xillybus: Fix spelling mistake and comment 2016-08-31 14:47:54 +02:00
Kconfig Char/Misc driver patches for 4.10-rc1 2016-12-13 12:11:01 -08:00
Makefile RTC for 4.8 2016-08-05 09:48:22 -04:00
apm-emulation.c apm-emulation: add hibernation APM events to support suspend2disk 2014-01-07 13:50:28 +01:00
applicom.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
applicom.h
bfin-otp.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
bsr.c bsr: avoid format string leaking into device name 2014-07-09 16:59:15 -07:00
ds1302.c
ds1620.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
dsp56k.c dsp56k: prevent a harmless underflow 2016-07-14 16:21:53 +09:00
dtlk.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
efirtc.c drivers/char: make efirtc.c driver explicitly non-modular 2015-09-20 19:32:35 -07:00
generic_nvram.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
hangcheck-timer.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
hpet.c clocksource: Use a plain u64 instead of cycle_t 2016-12-25 11:04:12 +01:00
lp.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
mbcs.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
mbcs.h
mem.c drivers: char: mem: Fix thinkos in kmem address checks 2017-01-11 08:02:18 +01:00
misc.c char: make misc_deregister a void function 2015-08-05 10:35:49 -07:00
mmtimer.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
mspec.c mm: use vmf->address instead of of vmf->virtual_address 2016-12-14 16:04:09 -08:00
nsc_gpio.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
nvram.c char/nvram: set array of const as const 2016-02-08 14:57:30 -08:00
nwbutton.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
nwbutton.h
nwflash.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
pc8736x_gpio.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
powernv-op-panel.c powerpc/powernv: Add driver for operator panel on FSP machines 2016-06-29 17:33:46 +10:00
ppdev.c ppdev: check before attaching port 2016-11-29 20:25:34 +01:00
ps3flash.c wrappers for ->i_mutex access 2016-01-22 18:04:28 -05:00
random.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
raw.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
rtc.c various char drivers: remove deprecated IRQF_DISABLED 2013-10-16 12:36:10 -07:00
scx200_gpio.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
snsc.c snsc: restore IRQs on error path in scdrv_write() 2016-11-29 20:25:34 +01:00
snsc.h
snsc_event.c various char drivers: remove deprecated IRQF_DISABLED 2013-10-16 12:36:10 -07:00
sonypi.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
tb0219.c mips: separate extable.h, switch module.h to it 2016-10-05 18:36:18 -04:00
tile-srom.c tile-srom: allow the driver to be built as a module 2016-11-10 15:18:56 +01:00
tlclk.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
toshiba.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
ttyprintk.c ttyprintk: Neaten and simplify printing 2016-09-13 17:30:17 +02:00
uv_mmtimer.c
virtio_console.c virtio_console: drop unused config fields 2016-12-15 06:59:15 +02:00