Patch "memblock: ensure there is no overflow in memblock_overlaps_region()" has been added to the 5.10-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    memblock: ensure there is no overflow in memblock_overlaps_region()

to the 5.10-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     memblock-ensure-there-is-no-overflow-in-memblock_overlaps_region.patch
and it can be found in the queue-5.10 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From foo@baz Wed Dec 15 03:01:20 PM CET 2021
From: Mark-PK Tsai <mark-pk.tsai@xxxxxxxxxxxx>
Date: Mon, 13 Dec 2021 17:41:33 +0800
Subject: memblock: ensure there is no overflow in memblock_overlaps_region()
To: <stable@xxxxxxxxxxxxxxx>
Cc: <rppt@xxxxxxxxxx>, <akpm@xxxxxxxxxxxxxxxxxxxx>, <linux-arm-kernel@xxxxxxxxxxxxxxxxxxx>, <linux-kernel@xxxxxxxxxxxxxxx>, <linux-mm@xxxxxxxxx>, <linux@xxxxxxxxxxxxxxx>, <rppt@xxxxxxxxxxxxx>, <tony@xxxxxxxxxxx>, <wangkefeng.wang@xxxxxxxxxx>, <mark-pk.tsai@xxxxxxxxxxxx>, <yj.chiang@xxxxxxxxxxxx>
Message-ID: <20211213094135.1798-4-mark-pk.tsai@xxxxxxxxxxxx>

From: Mike Rapoport <rppt@xxxxxxxxxxxxx>

[ Upstream commit 023accf5cdc1e504a9b04187ec23ff156fe53d90 ]

There maybe an overflow in memblock_overlaps_region() if it is called with
base and size such that

	base + size > PHYS_ADDR_MAX

Make sure that memblock_overlaps_region() caps the size to prevent such
overflow and remove now duplicated call to memblock_cap_size() from
memblock_is_region_reserved().

Signed-off-by: Mike Rapoport <rppt@xxxxxxxxxxxxx>
Tested-by: Tony Lindgren <tony@xxxxxxxxxxx>
Link: https://lore.kernel.org/lkml/20210630071211.21011-1-rppt@xxxxxxxxxx/
Signed-off-by: Mark-PK Tsai <mark-pk.tsai@xxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 mm/memblock.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/mm/memblock.c
+++ b/mm/memblock.c
@@ -182,6 +182,8 @@ bool __init_memblock memblock_overlaps_r
 {
 	unsigned long i;
 
+	memblock_cap_size(base, &size);
+
 	for (i = 0; i < type->cnt; i++)
 		if (memblock_addrs_overlap(base, size, type->regions[i].base,
 					   type->regions[i].size))
@@ -1792,7 +1794,6 @@ bool __init_memblock memblock_is_region_
  */
 bool __init_memblock memblock_is_region_reserved(phys_addr_t base, phys_addr_t size)
 {
-	memblock_cap_size(base, &size);
 	return memblock_overlaps_region(&memblock.reserved, base, size);
 }
 


Patches currently in stable-queue which might be from mark-pk.tsai@xxxxxxxxxxxx are

queue-5.10/arm-extend-pfn_valid-to-take-into-account-freed-memory-map-alignment.patch
queue-5.10/arm-ioremap-don-t-abuse-pfn_valid-to-check-if-pfn-is-in-ram.patch
queue-5.10/memblock-free_unused_memmap-use-pageblock-units-instead-of-max_order.patch
queue-5.10/memblock-align-freed-memory-map-on-pageblock-boundaries-with-sparsemem.patch
queue-5.10/memblock-ensure-there-is-no-overflow-in-memblock_overlaps_region.patch





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux