Re: [PATCH] xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()

From: Boris Ostrovsky
Date: Wed Oct 25 2017 - 12:45:14 EST

Next message: Ulf Hansson: "Re: [PATCH 0/9] Enable dw-mmc multi-card support"
Previous message: Johannes Weiner: "Re: [PATCH] fs, mm: account filp and names caches to kmemcg"
In reply to: Juergen Gross: "[PATCH] xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()"
Next in thread: Boris Ostrovsky: "Re: [PATCH] xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/25/2017 11:08 AM, Juergen Gross wrote:
> In case gntdev_mmap() succeeds only partially in mapping grant pages
> it will leave some vital information uninitialized needed later for
> cleanup. This will lead to an out of bounds array access when unmapping
> the already mapped pages.
>
> So just initialize the data needed for unmapping the pages a little bit
> earlier.
>
> Cc: <stable@xxxxxxxxxxxxxxx>
> Reported-by: Arthur Borsboom <arthurborsboom@xxxxxxxxx>
> Signed-off-by: Juergen Gross <jgross@xxxxxxxx>

Reviewed-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>

Next message: Ulf Hansson: "Re: [PATCH 0/9] Enable dw-mmc multi-card support"
Previous message: Johannes Weiner: "Re: [PATCH] fs, mm: account filp and names caches to kmemcg"
In reply to: Juergen Gross: "[PATCH] xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()"
Next in thread: Boris Ostrovsky: "Re: [PATCH] xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]