[PATCH 3/4] mm/mempolicy: return EINVAL for illegal user memory range for mbind

From: Wupeng Ma
Date: Sun Dec 04 2022 - 22:41:32 EST


From: Ma Wupeng <mawupeng1@xxxxxxxxxx>

Add access_ok to check user memory range and return EINVAL if overflows for
mbind.

Signed-off-by: Ma Wupeng <mawupeng1@xxxxxxxxxx>
---
mm/mempolicy.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index e3a2c465fe8a..a6bddf454953 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -1272,6 +1272,9 @@ static long do_mbind(unsigned long start, unsigned long len,
if (start & ~PAGE_MASK)
return -EINVAL;

+ if (unlikely(!access_ok((void __user *)start, len)))
+ return -EINVAL;
+
if (mode == MPOL_DEFAULT)
flags &= ~MPOL_MF_STRICT;

--
2.25.1