Re: KASAN: slab-out-of-bounds Read in handle_vmptrld
From: Paolo Bonzini
Date: Fri Sep 13 2019 - 17:39:11 EST
On 13/09/19 17:32, Robin Murphy wrote:
> Oh, that bit of usbdev_mmap() is already known to be pretty much totally
> bogus for various reasons - there have been a few threads about it, of
> which I think  is both the most recent and the most informative.
> There was another patch, but that might have stalled (and might need
> reworking with additional hcd_uses_dma() checks anyway).
Neither is enough, see my reply to Alan. Memory from kmalloc just
*cannot* be passed down to remap_pfn_range, dma_mmap_coherent or
anything like that. It's a simple alignment issue.