projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 99beae6) | patch
xen/gntdev: fix unsafe vma access
authorDaniel De Graaf <dgdegra@tycho.nsa.gov>
Wed, 2 Jan 2013 22:57:11 +0000 (22:57 +0000)
committerKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Tue, 15 Jan 2013 21:01:06 +0000 (16:01 -0500)
commit2512f298cb9886e06938e761c9e924c8448d9ab8
tree959938beb9ef789e72217844d159c95604817ac5tree | snapshot (tar.gz zip)
parent99beae6cb8f4dd5dab81a370b79c3b1085848d89commit | diff
xen/gntdev: fix unsafe vma access

In gntdev_ioctl_get_offset_for_vaddr, we need to hold mmap_sem while
calling find_vma() to avoid potentially having the result freed out from
under us.  Similarly, the MMU notifier functions need to synchronize with
gntdev_vma_close to avoid map->vma being freed during their iteration.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Reported-by: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
drivers/xen/gntdev.c diff | blob | blame | history