From: Richard Weinberger Date: Sun, 20 Jul 2014 11:09:15 +0000 (+0200) Subject: um: Ensure that a stub page cannot get unmapped X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=284e6d39516cc7f9fbceebb259849fcb41559a7b;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git um: Ensure that a stub page cannot get unmapped Trinity discovered an execution path such that a task can unmap his stub page. Reported-by: Toralf Förster Signed-off-by: Richard Weinberger --- diff --git a/arch/um/kernel/tlb.c b/arch/um/kernel/tlb.c index 9472079471bb..1fc619e5dfe9 100644 --- a/arch/um/kernel/tlb.c +++ b/arch/um/kernel/tlb.c @@ -124,6 +124,9 @@ static int add_munmap(unsigned long addr, unsigned long len, struct host_vm_op *last; int ret = 0; + if ((addr >= STUB_START) && (addr < STUB_END)) + return -EINVAL; + if (hvc->index != 0) { last = &hvc->ops[hvc->index - 1]; if ((last->type == MUNMAP) &&