[1/2] cxl: Fix off by one error allowing subsequent mmap page to be accessed
Michael Ellerman
mpe at ellerman.id.au
Wed Jul 8 20:54:07 AEST 2015
On Tue, 2015-07-07 at 05:45:45 UTC, Ian Munsie wrote:
> From: Ian Munsie <imunsie at au1.ibm.com>
>
> It was discovered that if a process mmaped their problem state area they
> were able to access one page more than expected, potentially allowing
> them to access the problem state area of an unrelated process.
>
> This was due to a simple off by one error in the mmap fault handler
> introduced in 0712dc7e73e59d79bcead5d5520acf4e9e917e87 ("cxl: Fix issues
> when unmapping contexts"), which is fixed in this patch.
>
> Cc: stable at vger.kernel.org
> Fixes: 0712dc7e73e5 ("cxl: Fix issues when unmapping contexts")
> Signed-off-by: Ian Munsie <imunsie at au1.ibm.com>
Applied to powerpc fixes, thanks.
https://git.kernel.org/cgit/linux/kernel/git/powerpc/linux.git/commit/?h=fixes&id=10a5894f2dedd8a26b3132497445b314c0d952c4
cheers
More information about the Linuxppc-dev
mailing list