On Mon, 2015-10-26 at 16:26 +0000, Luck, Tony wrote:
> - pfn = PFN_DOWN(param1 & param2);
> - if (!page_is_ram(pfn) || ((param2 & PAGE_MASK) != PAGE_MASK))
> + base_addr = param1 & param2;
> + size = (~param2) + 1;
>
> We expect the user will supply us with param2 in the form
> 0xffffffff[fec8]00000
> with various numbers of leading 'f' and trailing '0' ... but I don't think we
> actually
> check that anywhere. But we have a bunch of places that assume it is OK,
> including
> this new one.
>
> It's time to fix that. Maybe even provide a default 0xfffffffffffff000 so I
> can save
> myself some typing?
+ if (((region_intersects_ram(base_addr, size) != REGION_INTERSECTS) &&
+ (region_intersects_pmem(base_addr, size) != REGION_INTERSECTS)) ||
+ ((param2 & PAGE_MASK) != PAGE_MASK))
return -EINVAL;
The 3rd condition check makes sure that the param2 mask is the page size or
less. So, I
think we are OK on this.
Thanks,
-Toshi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
