linux_old1/fs/proc
yonghua zheng 8c8296223f fs/proc/task_mmu.c: fix buffer overflow in add_page_map()
Recently we met quite a lot of random kernel panic issues after enabling
CONFIG_PROC_PAGE_MONITOR.  After debuggind we found this has something
to do with following bug in pagemap:

In struct pagemapread:

  struct pagemapread {
      int pos, len;
      pagemap_entry_t *buffer;
      bool v2;
  };

pos is number of PM_ENTRY_BYTES in buffer, but len is the size of
buffer, it is a mistake to compare pos and len in add_page_map() for
checking buffer is full or not, and this can lead to buffer overflow and
random kernel panic issue.

Correct len to be total number of PM_ENTRY_BYTES in buffer.

[akpm@linux-foundation.org: document pagemapread.pos and .len units, fix PM_ENTRY_BYTES definition]
Signed-off-by: Yonghua Zheng <younghua.zheng@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-08-13 17:57:50 -07:00
..
Kconfig kconfig: rename CONFIG_EMBEDDED to CONFIG_EXPERT 2011-01-20 17:02:05 -08:00
Makefile mm, vmalloc: move get_vmalloc_info() to vmalloc.c 2013-04-29 15:54:33 -07:00
array.c kthread: Prevent unpark race which puts threads on the wrong cpu 2013-04-12 14:18:43 +02:00
base.c proc_fill_cache(): clean up, get rid of pointless find_inode_number() use 2013-06-29 12:57:19 +04:00
cmdline.c
consoles.c console: rename acquire/release_console_sem() to console_lock/unlock() 2011-01-26 10:50:06 +10:00
cpuinfo.c
devices.c proc: use seq_puts()/seq_putc() where possible 2011-01-13 08:03:16 -08:00
fd.c proc_fill_cache(): just make instantiate_t return int 2013-06-29 12:57:18 +04:00
fd.h proc: Move proc_fd() to fs/proc/fd.h 2013-05-01 17:29:39 -04:00
generic.c [readdir] convert procfs 2013-06-29 12:56:32 +04:00
inode.c proc: Split the namespace stuff out into linux/proc_ns.h 2013-05-01 17:29:39 -04:00
internal.h proc_fill_cache(): just make instantiate_t return int 2013-06-29 12:57:18 +04:00
interrupts.c
kcore.c fs/proc/kcore.c: using strlcpy() instead of strncpy() 2013-07-03 16:08:02 -07:00
kmsg.c kmsg: honor dmesg_restrict sysctl on /dev/kmsg 2013-06-12 16:29:44 -07:00
loadavg.c sched, timers: cleanup avenrun users 2009-05-15 15:32:45 +02:00
meminfo.c mm, vmalloc: move get_vmalloc_info() to vmalloc.c 2013-04-29 15:54:33 -07:00
namespaces.c proc_fill_cache(): just make instantiate_t return int 2013-06-29 12:57:18 +04:00
nommu.c new helper: file_inode(file) 2013-02-22 23:31:31 -05:00
page.c kpageflags: fix wrong KPF_THP on non-huge compound pages 2012-10-09 16:23:00 +09:00
proc_devtree.c proc_devtree: Replace include linux/module.h with linux/export.h 2013-05-04 15:31:01 -04:00
proc_net.c [readdir] convert procfs 2013-06-29 12:56:32 +04:00
proc_sysctl.c Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
proc_tty.c proc: use seq_puts()/seq_putc() where possible 2011-01-13 08:03:16 -08:00
root.c [readdir] convert procfs 2013-06-29 12:56:32 +04:00
self.c Include missing linux/slab.h inclusions 2013-04-29 15:42:01 -04:00
softirqs.c proc: use seq_puts()/seq_putc() where possible 2011-01-13 08:03:16 -08:00
stat.c stat: Use size_t for sizes instead of unsigned 2013-02-01 12:32:08 +02:00
task_mmu.c fs/proc/task_mmu.c: fix buffer overflow in add_page_map() 2013-08-13 17:57:50 -07:00
task_nommu.c new helper: file_inode(file) 2013-02-22 23:31:31 -05:00
uptime.c fs/proc/uptime.c:uptime_proc_show(): use get_monotonic_boottime() 2013-07-03 16:08:02 -07:00
version.c
vmcore.c s390/kdump: Disable mmap for s390 2013-07-18 13:40:18 +02:00