[PATCH RESEND 0/2] Fixes on top of CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical memory access

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



[Re-sent patch set with correct Cc: <stable@xxxxxxxxxxxxxxx>]

Hi,

Please find one patch to prevent a possible issue partially
addressed by commit 8494057ab5e4 ("IB/uverbs: Prevent integer
overflow in ib_umem_get address arithmetic") (see discussions
in [1]) and another one to add back the possibility of registering
memory mapped at 0 (which is probably not something to be allowed,
but it's not up to ib_umem_get() to prevent it).

[1] "Re: CVE-2014-8159 kernel: infiniband: uverbs: unprotected physical
 memory access"

 http://mid.gmane.org/1428497043.22575.176.camel@xxxxxxxxxx
 http://marc.info/?i=1428497043.22575.176.camel@xxxxxxxxxx

Regards.

Yann Droneaud (2):
  IB/core: disallow registering 0-sized memory region
  IB/core: don't disallow registering region starting at 0x0

 drivers/infiniband/core/umem.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

-- 
2.1.0

--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]