| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20211206145547.942588455@linuxfoundation.org>
Date: Mon, 6 Dec 2021 15:55:45 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-kernel@...r.kernel.org, lee.jones@...aro.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
stable@...r.kernel.org,
"devel@...verdev.osuosl.org, arve@...roid.com, stable@...r.kernel.org,
riandrews@...roid.com, labbott@...hat.com, sumit.semwal@...aro.org, Dan
Carpenter" <dan.carpenter@...cle.com>,
Dan Carpenter <dan.carpenter@...cle.com>
Subject: [PATCH 4.4 01/52] staging: ion: Prevent incorrect reference counting behavour
From: Lee Jones <lee.jones@...aro.org>
Supply additional checks in order to prevent unexpected results.
Fixes: b892bf75b2034 ("ion: Switch ion to use dma-buf")
Suggested-by: Dan Carpenter <dan.carpenter@...cle.com>
Signed-off-by: Lee Jones <lee.jones@...aro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
---
drivers/staging/android/ion/ion.c | 6 ++++++
1 file changed, 6 insertions(+)
--- a/drivers/staging/android/ion/ion.c
+++ b/drivers/staging/android/ion/ion.c
@@ -606,6 +606,9 @@ static void *ion_buffer_kmap_get(struct
void *vaddr;
if (buffer->kmap_cnt) {
+ if (buffer->kmap_cnt == INT_MAX)
+ return ERR_PTR(-EOVERFLOW);
+
buffer->kmap_cnt++;
return buffer->vaddr;
}
@@ -626,6 +629,9 @@ static void *ion_handle_kmap_get(struct
void *vaddr;
if (handle->kmap_cnt) {
+ if (handle->kmap_cnt == INT_MAX)
+ return ERR_PTR(-EOVERFLOW);
+
handle->kmap_cnt++;
return buffer->vaddr;
}
Powered by blists - more mailing lists