| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250331081327.256412-2-bhe@redhat.com> Date: Mon, 31 Mar 2025 16:13:21 +0800 From: Baoquan He <bhe@...hat.com> To: akpm@...ux-foundation.org Cc: linux-mm@...ck.org, linux-kernel@...r.kernel.org, yanjun.zhu@...ux.dev, Baoquan He <bhe@...hat.com> Subject: [PATCH v2 1/7] mm/gup: fix wrongly calculated returned value in fault_in_safe_writeable() Not like fault_in_readable() or fault_in_writeable(), in fault_in_safe_writeable() local variable 'start' is increased page by page to loop till the whole address range is handled. However, it mistakenly calcalates the size of handled range with 'uaddr - start'. Fix it here. Signed-off-by: Baoquan He <bhe@...hat.com> --- v1->v2: - Fix a patch log typo caused by copy-and-paste error. Thanks to Yanjun. mm/gup.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mm/gup.c b/mm/gup.c index 855ab860f88b..73777b1de679 100644 --- a/mm/gup.c +++ b/mm/gup.c @@ -2207,8 +2207,8 @@ size_t fault_in_safe_writeable(const char __user *uaddr, size_t size) } while (start != end); mmap_read_unlock(mm); - if (size > (unsigned long)uaddr - start) - return size - ((unsigned long)uaddr - start); + if (size > start - (unsigned long)uaddr) + return size - (start - (unsigned long)uaddr); return 0; } EXPORT_SYMBOL(fault_in_safe_writeable); -- 2.41.0
Powered by blists - more mailing lists