uaccess: fix integer overflow on access_ok() - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	Arnd Bergmann <arnd@arndb.de>	2022-02-10 16:24:30 +0100
committer	Arnd Bergmann <arnd@arndb.de>	2022-02-14 22:30:53 +0100
commit	222ca305c9fd39e5ed8104da25c09b2b79a516a8 (patch)
tree	226513c6b142c9fab9582d776f77d00e2cbee47c /Documentation/sh/booting.rst
parent	dfd42facf1e4ada021b939b4e19c935dcdd55566 (diff)
download	linux-222ca305c9fd39e5ed8104da25c09b2b79a516a8.tar.bz2

uaccess: fix integer overflow on access_ok()

Three architectures check the end of a user access against the address limit without taking a possible overflow into account. Passing a negative length or another overflow in here returns success when it should not. Use the most common correct implementation here, which optimizes for a constant 'size' argument, and turns the common case into a single comparison. Cc: stable@vger.kernel.org Fixes: da551281947c ("csky: User access") Fixes: f663b60f5215 ("microblaze: Fix uaccess_ok macro") Fixes: 7567746e1c0d ("Hexagon: Add user access functions") Reported-by: David Laight <David.Laight@aculab.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Arnd Bergmann <arnd@arndb.de>

Diffstat (limited to 'Documentation/sh/booting.rst')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: