From: Jareer Abdel-Qader <jareer.h.abdel-qader@xxxxxxxxx> Driver does not verify userid for shared context assignments, allowing malicious user access. Reviewed by: Mike Marciniszyn <mike.marciniszyn@xxxxxxxxx> Signed-off-by: Jareer H Abdel-Qader <jareer.h.abdel-qader@xxxxxxxxx> Signed-off-by: Ira Weiny <ira.weiny@xxxxxxxxx> --- drivers/staging/rdma/hfi1/file_ops.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/staging/rdma/hfi1/file_ops.c b/drivers/staging/rdma/hfi1/file_ops.c index 7d2868050981..3c9cae6f64a3 100644 --- a/drivers/staging/rdma/hfi1/file_ops.c +++ b/drivers/staging/rdma/hfi1/file_ops.c @@ -948,6 +948,7 @@ static int find_shared_ctxt(struct file *fp, /* Skip ctxt if it doesn't match the requested one */ if (memcmp(uctxt->uuid, uinfo->uuid, sizeof(uctxt->uuid)) || + uctxt->jkey != generate_jkey(current_uid()) || uctxt->subctxt_id != uinfo->subctxt_id || uctxt->subctxt_cnt != uinfo->subctxt_cnt) continue; -- 1.8.2 _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
