subject:"\[PATCH\] udmabuf\: validate ubuf\->pagecount"

Re: [PATCH] udmabuf: validate ubuf->pagecount

2022-01-17 Thread Gerd Hoffmann

On Thu, Dec 30, 2021 at 05:26:49PM +0300, Pavel Skripkin wrote: > Syzbot has reported GPF in sg_alloc_append_table_from_pages(). The > problem was in ubuf->pages == ZERO_PTR. > > ubuf->pagecount is calculated from arguments passed from user-space. If > user creates udmabuf with list.size == 0 then

Re: [PATCH] udmabuf: validate ubuf->pagecount

2022-01-14 Thread Daniel Vetter

On Wed, Jan 12, 2022 at 09:08:46PM +0300, Pavel Skripkin wrote: > On 12/30/21 17:26, Pavel Skripkin wrote: > > Syzbot has reported GPF in sg_alloc_append_table_from_pages(). The > > problem was in ubuf->pages == ZERO_PTR. > > > > ubuf->pagecount is calculated from arguments passed from user-space.

Re: [PATCH] udmabuf: validate ubuf->pagecount

2022-01-12 Thread Pavel Skripkin

On 12/30/21 17:26, Pavel Skripkin wrote: Syzbot has reported GPF in sg_alloc_append_table_from_pages(). The problem was in ubuf->pages == ZERO_PTR. ubuf->pagecount is calculated from arguments passed from user-space. If user creates udmabuf with list.size == 0 then ubuf->pagecount will be also e

[PATCH] udmabuf: validate ubuf->pagecount

2021-12-30 Thread Pavel Skripkin

Syzbot has reported GPF in sg_alloc_append_table_from_pages(). The problem was in ubuf->pages == ZERO_PTR. ubuf->pagecount is calculated from arguments passed from user-space. If user creates udmabuf with list.size == 0 then ubuf->pagecount will be also equal to zero; it causes kmalloc_array() to

Re: [PATCH] udmabuf: validate ubuf->pagecount

Re: [PATCH] udmabuf: validate ubuf->pagecount

Re: [PATCH] udmabuf: validate ubuf->pagecount

[PATCH] udmabuf: validate ubuf->pagecount

4 matches

Site Navigation

Mail list logo

Footer information