linux

iv/linux

History

Arnd Bergmann 222ca305c9 uaccess: fix integer overflow on access_ok() Three architectures check the end of a user access against the address limit without taking a possible overflow into account. Passing a negative length or another overflow in here returns success when it should not. Use the most common correct implementation here, which optimizes for a constant 'size' argument, and turns the common case into a single comparison. Cc: stable@vger.kernel.org Fixes: `da55128194` ("csky: User access") Fixes: `f663b60f52` ("microblaze: Fix uaccess_ok macro") Fixes: `7567746e1c` ("Hexagon: Add user access functions") Reported-by: David Laight <David.Laight@aculab.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Arnd Bergmann <arnd@arndb.de>	2022-02-14 22:30:53 +01:00
..
asm	uaccess: fix integer overflow on access_ok()	2022-02-14 22:30:53 +01:00
uapi/asm	treewide: Add SPDX license identifier - Kbuild	2019-05-30 11:32:33 -07:00

Arnd Bergmann 222ca305c9 uaccess: fix integer overflow on access_ok()

Three architectures check the end of a user access against the
address limit without taking a possible overflow into account.
Passing a negative length or another overflow in here returns
success when it should not.

Use the most common correct implementation here, which optimizes
for a constant 'size' argument, and turns the common case into a
single comparison.

Cc: stable@vger.kernel.org
Fixes: da55128194 ("csky: User access")
Fixes: f663b60f52 ("microblaze: Fix uaccess_ok macro")
Fixes: 7567746e1c ("Hexagon: Add user access functions")
Reported-by: David Laight <David.Laight@aculab.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>

2022-02-14 22:30:53 +01:00

asm uaccess: fix integer overflow on access_ok() 2022-02-14 22:30:53 +01:00

uapi/asm treewide: Add SPDX license identifier - Kbuild 2019-05-30 11:32:33 -07:00