VFIO fix for v5.12-rc8/final

- Verify mmap region within range (Christian A. Ehrhardt)
 -----BEGIN PGP SIGNATURE-----
 
 iQJPBAABCAA5FiEEQvbATlQL0amee4qQI5ubbjuwiyIFAmB3AoEbHGFsZXgud2ls
 bGlhbXNvbkByZWRoYXQuY29tAAoJECObm247sIsiXWQP/RwBkdxgM7vwFXVpzTKi
 o2IDWOJphP8Z/hqE8j8NMoMl7anUJXW+Gg8vjTmGTiA5e1Q44tSIKgJD06ECwyXf
 T7Eqww9DIUKmi1OEyka6rNl6q+WBgVP49iLg7XQb3fs20K4vcCVjzBU7DHoojxKw
 eBuhTFqh+OBF7vZI3OJARS6gGdc8zXubnqPc9QX/rKbpVzEEiUMMlM87hRsohJZd
 VYvxguG1fnT1LDMKXg8JoJzYaUD13oXxJIzoz7FcR5inGDGSAphiGTb7HQTzL92m
 g86lrF1Mnh9paYjF8GzM23RErGPwrXWL2GZxmwbrDzYEACH4xQrO7b45cdyVg1yi
 CwStudQxFF4ZupvCX6n0k2umRB3Lgn1p4u74nclQCJZjl8opUSKFv+4H14qrf8Rn
 47cCeLQEo9M6tuRknveKliINHx5GDaqVPfeUNYEusPIBHxZso4qLOX0j3nSo7vIp
 4msXNqAzZqePYyFMOrX4B5Lk+99ieRm9y4lyONCO02m4xQimxjXaOjgOs8EedqPt
 ok2/U9SxBWEYneWNnwWc+SoejJv+PFaurB62Qo2hldGjkAQpgMFbX7LRCjhD6Ndu
 My8W4h13cWYtWrtjzqm0na2U09O9wS2as0dUX2PTVTnd6jeKr7R7WkZhKTRanccy
 buW+mb21Qq74GzM3a8FXa6h0
 =3Ohj
 -----END PGP SIGNATURE-----

Merge tag 'vfio-v5.12-rc8' of git://github.com/awilliam/linux-vfio

Pull VFIO fix from Alex Williamson:
 "Verify mmap region within range (Christian A. Ehrhardt)"

* tag 'vfio-v5.12-rc8' of git://github.com/awilliam/linux-vfio:
  vfio/pci: Add missing range check in vfio_pci_mmap
This commit is contained in:
Linus Torvalds 2021-04-14 09:10:54 -07:00
commit e70b911acc

View File

@ -1656,6 +1656,8 @@ static int vfio_pci_mmap(void *device_data, struct vm_area_struct *vma)
index = vma->vm_pgoff >> (VFIO_PCI_OFFSET_SHIFT - PAGE_SHIFT); index = vma->vm_pgoff >> (VFIO_PCI_OFFSET_SHIFT - PAGE_SHIFT);
if (index >= VFIO_PCI_NUM_REGIONS + vdev->num_regions)
return -EINVAL;
if (vma->vm_end < vma->vm_start) if (vma->vm_end < vma->vm_start)
return -EINVAL; return -EINVAL;
if ((vma->vm_flags & VM_SHARED) == 0) if ((vma->vm_flags & VM_SHARED) == 0)
@ -1664,7 +1666,7 @@ static int vfio_pci_mmap(void *device_data, struct vm_area_struct *vma)
int regnum = index - VFIO_PCI_NUM_REGIONS; int regnum = index - VFIO_PCI_NUM_REGIONS;
struct vfio_pci_region *region = vdev->region + regnum; struct vfio_pci_region *region = vdev->region + regnum;
if (region && region->ops && region->ops->mmap && if (region->ops && region->ops->mmap &&
(region->flags & VFIO_REGION_INFO_FLAG_MMAP)) (region->flags & VFIO_REGION_INFO_FLAG_MMAP))
return region->ops->mmap(vdev, region, vma); return region->ops->mmap(vdev, region, vma);
return -EINVAL; return -EINVAL;