[PATCH v1 0/2] Fix an mmap exploit and remove push in i40iw

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



i40iw_mmap is vulnerable to an mmap exploit due to its manipulation on
vma->vm_pgoff done for the push feature, and its subsequent use in
remap_pfn_range without validation.

Patch #1 fixes the mmap exploit in i40iw_mmap and can be backported to stable if acceptable.

Patch #2 removes the push feature from the driver

v0-->v1:
* Add missing cc and reported by tags in Patch #1

Shiraz Saleem (2):
  RDMA/i40iw: Address an mmap handler exploit in i40iw
  RDMA/i40iw: Remove push code from i40iw

 drivers/infiniband/hw/i40iw/i40iw.h        |    1 -
 drivers/infiniband/hw/i40iw/i40iw_ctrl.c   |   52 +------------
 drivers/infiniband/hw/i40iw/i40iw_d.h      |   35 +++-----
 drivers/infiniband/hw/i40iw/i40iw_main.c   |    5 -
 drivers/infiniband/hw/i40iw/i40iw_status.h |    1 -
 drivers/infiniband/hw/i40iw/i40iw_type.h   |   18 ----
 drivers/infiniband/hw/i40iw/i40iw_uk.c     |   41 +--------
 drivers/infiniband/hw/i40iw/i40iw_user.h   |    8 --
 drivers/infiniband/hw/i40iw/i40iw_verbs.c  |  123 ++--------------------------
 9 files changed, 25 insertions(+), 259 deletions(-)




[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Photo]     [Yosemite News]     [Yosemite Photos]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux