diff options
author | Hauke Mehrtens <hauke@hauke-m.de> | 2019-06-17 20:25:56 +0200 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2019-07-07 17:35:23 +0200 |
commit | 418f826c2ccaab87e38de33985f512c97436fd37 (patch) | |
tree | 894d6d37329c8e07bc9a72d3519704b1ba540b29 /target | |
parent | d5a38725f84f52618a7c4cb17e8bfac40a17854a (diff) | |
download | upstream-418f826c2ccaab87e38de33985f512c97436fd37.tar.gz upstream-418f826c2ccaab87e38de33985f512c97436fd37.tar.bz2 upstream-418f826c2ccaab87e38de33985f512c97436fd37.zip |
kernel: Fix MIPS bounds check virt_addr_valid
This is pending to get into the upstream kernel.
This fixes a bug in the upstream kernel which was added to stable some
time ago.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'target')
-rw-r--r-- | target/linux/generic/pending-4.14/303-MIPS-Fix-bounds-check-virt_addr_valid.patch | 33 | ||||
-rw-r--r-- | target/linux/generic/pending-4.19/303-MIPS-Fix-bounds-check-virt_addr_valid.patch | 33 |
2 files changed, 66 insertions, 0 deletions
diff --git a/target/linux/generic/pending-4.14/303-MIPS-Fix-bounds-check-virt_addr_valid.patch b/target/linux/generic/pending-4.14/303-MIPS-Fix-bounds-check-virt_addr_valid.patch new file mode 100644 index 0000000000..d4c3e66105 --- /dev/null +++ b/target/linux/generic/pending-4.14/303-MIPS-Fix-bounds-check-virt_addr_valid.patch @@ -0,0 +1,33 @@ +From 415e0feec4f927af0059f72a6831f6c5a104f0fc Mon Sep 17 00:00:00 2001 +From: Hauke Mehrtens <hauke@hauke-m.de> +Date: Mon, 17 Jun 2019 00:13:08 +0200 +Subject: [PATCH] MIPS: Fix bounds check virt_addr_valid + +The bounds check used the uninitialized variable vaddr, it should use +the given parameter kaddr instead. When using the uninitialized value +the compiler assumed it to be 0 and optimized this function to just +return 0 in all cases. + +This should make the function check the range of the given address and +only do the page map check in case it is in the expected range of +virtual addresses. + +Fixes: 074a1e1167af ("MIPS: Bounds check virt_addr_valid") +Cc: stable@vger.kernel.org # v4.12+ +Cc: Paul Burton <paul.burton@mips.com> +Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> +--- + arch/mips/mm/mmap.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/mips/mm/mmap.c ++++ b/arch/mips/mm/mmap.c +@@ -203,7 +203,7 @@ unsigned long arch_randomize_brk(struct + + int __virt_addr_valid(const volatile void *kaddr) + { +- unsigned long vaddr = (unsigned long)vaddr; ++ unsigned long vaddr = (unsigned long)kaddr; + + if ((vaddr < PAGE_OFFSET) || (vaddr >= MAP_BASE)) + return 0; diff --git a/target/linux/generic/pending-4.19/303-MIPS-Fix-bounds-check-virt_addr_valid.patch b/target/linux/generic/pending-4.19/303-MIPS-Fix-bounds-check-virt_addr_valid.patch new file mode 100644 index 0000000000..d4c3e66105 --- /dev/null +++ b/target/linux/generic/pending-4.19/303-MIPS-Fix-bounds-check-virt_addr_valid.patch @@ -0,0 +1,33 @@ +From 415e0feec4f927af0059f72a6831f6c5a104f0fc Mon Sep 17 00:00:00 2001 +From: Hauke Mehrtens <hauke@hauke-m.de> +Date: Mon, 17 Jun 2019 00:13:08 +0200 +Subject: [PATCH] MIPS: Fix bounds check virt_addr_valid + +The bounds check used the uninitialized variable vaddr, it should use +the given parameter kaddr instead. When using the uninitialized value +the compiler assumed it to be 0 and optimized this function to just +return 0 in all cases. + +This should make the function check the range of the given address and +only do the page map check in case it is in the expected range of +virtual addresses. + +Fixes: 074a1e1167af ("MIPS: Bounds check virt_addr_valid") +Cc: stable@vger.kernel.org # v4.12+ +Cc: Paul Burton <paul.burton@mips.com> +Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> +--- + arch/mips/mm/mmap.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/mips/mm/mmap.c ++++ b/arch/mips/mm/mmap.c +@@ -203,7 +203,7 @@ unsigned long arch_randomize_brk(struct + + int __virt_addr_valid(const volatile void *kaddr) + { +- unsigned long vaddr = (unsigned long)vaddr; ++ unsigned long vaddr = (unsigned long)kaddr; + + if ((vaddr < PAGE_OFFSET) || (vaddr >= MAP_BASE)) + return 0; |