| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20211213094135.1798-4-mark-pk.tsai@mediatek.com>
Date: Mon, 13 Dec 2021 17:41:33 +0800
From: Mark-PK Tsai <mark-pk.tsai@...iatek.com>
To: <stable@...r.kernel.org>
CC: <rppt@...nel.org>, <akpm@...ux-foundation.org>,
<linux-arm-kernel@...ts.infradead.org>,
<linux-kernel@...r.kernel.org>, <linux-mm@...ck.org>,
<linux@...linux.org.uk>, <rppt@...ux.ibm.com>, <tony@...mide.com>,
<wangkefeng.wang@...wei.com>, <mark-pk.tsai@...iatek.com>,
<yj.chiang@...iatek.com>
Subject: [PATCH 5.10 3/5] memblock: ensure there is no overflow in memblock_overlaps_region()
From: Mike Rapoport <rppt@...ux.ibm.com>
[ Upstream commit 023accf5cdc1e504a9b04187ec23ff156fe53d90 ]
There maybe an overflow in memblock_overlaps_region() if it is called with
base and size such that
base + size > PHYS_ADDR_MAX
Make sure that memblock_overlaps_region() caps the size to prevent such
overflow and remove now duplicated call to memblock_cap_size() from
memblock_is_region_reserved().
Signed-off-by: Mike Rapoport <rppt@...ux.ibm.com>
Tested-by: Tony Lindgren <tony@...mide.com>
Link: https://lore.kernel.org/lkml/20210630071211.21011-1-rppt@kernel.org/
Signed-off-by: Mark-PK Tsai <mark-pk.tsai@...iatek.com>
---
mm/memblock.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mm/memblock.c b/mm/memblock.c
index c337df03b6a1..faa4de579b3d 100644
--- a/mm/memblock.c
+++ b/mm/memblock.c
@@ -182,6 +182,8 @@ bool __init_memblock memblock_overlaps_region(struct memblock_type *type,
{
unsigned long i;
+ memblock_cap_size(base, &size);
+
for (i = 0; i < type->cnt; i++)
if (memblock_addrs_overlap(base, size, type->regions[i].base,
type->regions[i].size))
@@ -1792,7 +1794,6 @@ bool __init_memblock memblock_is_region_memory(phys_addr_t base, phys_addr_t siz
*/
bool __init_memblock memblock_is_region_reserved(phys_addr_t base, phys_addr_t size)
{
- memblock_cap_size(base, &size);
return memblock_overlaps_region(&memblock.reserved, base, size);
}
--
2.18.0
Powered by blists - more mailing lists