Re: [PATCH] xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()

From: Boris Ostrovsky
Date: Thu Oct 26 2017 - 18:53:36 EST

Next message: Boris Ostrovsky: "Re: [PATCH v2] xen: fix booting ballooned down hvm guest"
Previous message: Thiago Jung Bauermann: "Re: [PATCH v5 12/18] MODSIGN: Export module signature definitions"
In reply to: Boris Ostrovsky: "Re: [PATCH] xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/25/2017 12:46 PM, Boris Ostrovsky wrote:
> On 10/25/2017 11:08 AM, Juergen Gross wrote:
>> In case gntdev_mmap() succeeds only partially in mapping grant pages
>> it will leave some vital information uninitialized needed later for
>> cleanup. This will lead to an out of bounds array access when unmapping
>> the already mapped pages.
>>
>> So just initialize the data needed for unmapping the pages a little bit
>> earlier.
>>
>> Cc: <stable@xxxxxxxxxxxxxxx>
>> Reported-by: Arthur Borsboom <arthurborsboom@xxxxxxxxx>
>> Signed-off-by: Juergen Gross <jgross@xxxxxxxx>
> Reviewed-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
>

Applied to for-linus-4.14c.

-boris

Next message: Boris Ostrovsky: "Re: [PATCH v2] xen: fix booting ballooned down hvm guest"
Previous message: Thiago Jung Bauermann: "Re: [PATCH v5 12/18] MODSIGN: Export module signature definitions"
In reply to: Boris Ostrovsky: "Re: [PATCH] xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]