| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210812073214.xwflqw7c6cpt3n7p@sirius.home.kraxel.org>
Date: Thu, 12 Aug 2021 09:32:14 +0200
From: Gerd Hoffmann <kraxel@...hat.com>
To: Pavel Skripkin <paskripkin@...il.com>
Cc: sumit.semwal@...aro.org, christian.koenig@....com,
dongwon.kim@...el.com, linux-media@...r.kernel.org,
linaro-mm-sig@...ts.linaro.org, linux-kernel@...r.kernel.org,
syzbot+e9cd3122a37c5d6c51e8@...kaller.appspotmail.com
Subject: Re: [PATCH next] udmabuf: fix general protection fault in
udmabuf_create
On Wed, Aug 11, 2021 at 08:50:52PM +0300, Pavel Skripkin wrote:
> Syzbot reported general protection fault in udmabuf_create. The problem
> was in wrong error handling.
>
> In commit 16c243e99d33 ("udmabuf: Add support for mapping hugepages (v4)")
> shmem_read_mapping_page() call was replaced with find_get_page_flags(),
> but find_get_page_flags() returns NULL on failure instead PTR_ERR().
>
> Wrong error checking was causing GPF in get_page(), since passed page
> was equal to NULL. Fix it by changing if (IS_ER(!hpage)) to if (!hpage)
>
> Reported-by: syzbot+e9cd3122a37c5d6c51e8@...kaller.appspotmail.com
> Fixes: 16c243e99d33 ("udmabuf: Add support for mapping hugepages (v4)")
> Signed-off-by: Pavel Skripkin <paskripkin@...il.com>
Pushed to drm-misc-next.
thanks,
Gerd
Powered by blists - more mailing lists