On Thu, Apr 16, 2020 at 7:02 AM Hillf Danton <hdanton@xxxxxxxx> wrote:
> On Thu, 16 Apr 2020 00:23:12 +0200 Jann Horn wrote:
> > remap_vmalloc_range() has had various issues with the bounds checks it
> > promises to perform ("This function checks that addr is a valid vmalloc'ed
> > area, and that it is big enough to cover the vma") over time, e.g.:
[...]
> > @@ -3082,8 +3090,10 @@ int remap_vmalloc_range_partial(struct vm_area_struct *vma, unsigned long uaddr,
> > if (!(area->flags & (VM_USERMAP | VM_DMA_COHERENT)))
> > return -EINVAL;
> >
> The current kaddr is checked valid by finding area with it despite
> there is room for adding change in checking its boundary in a valid
> area.
I have no idea what you're trying to say. Could you rephrase, please?
