On Fri, Feb 03, 2023 at 08:06:32PM -0800, Ira Weiny wrote:
is_kmap_addr() is only looking at the kmap() address range which may cause check_heap_object() to miss checking an overflow on a kmap_local_page() page.
Add a check for the kmap_local_page() address range to is_kmap_addr().
Cc: Matthew Wilcox willy@infradead.org Cc: Al Viro viro@zeniv.linux.org.uk Cc: "Fabio M. De Francesco" fmdefrancesco@gmail.com Cc: Thomas Gleixner tglx@linutronix.de Cc: Christoph Hellwig hch@lst.de Cc: Andrew Morton akpm@linux-foundation.org Signed-off-by: Ira Weiny ira.weiny@intel.com
include/linux/highmem-internal.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
Added to https://git.linaro.org/people/jens.wiklander/linux-tee.git/log/?h=get_kernel...
Thanks, Jens
diff --git a/include/linux/highmem-internal.h b/include/linux/highmem-internal.h index e098f38422af..a3028e400a9c 100644 --- a/include/linux/highmem-internal.h +++ b/include/linux/highmem-internal.h @@ -152,7 +152,10 @@ static inline void totalhigh_pages_add(long count) static inline bool is_kmap_addr(const void *x) { unsigned long addr = (unsigned long)x;
- return addr >= PKMAP_ADDR(0) && addr < PKMAP_ADDR(LAST_PKMAP);
- return (addr >= PKMAP_ADDR(0) && addr < PKMAP_ADDR(LAST_PKMAP)) ||
(addr >= __fix_to_virt(FIX_KMAP_END) &&addr < __fix_to_virt(FIX_KMAP_BEGIN));} #else /* CONFIG_HIGHMEM */
-- 2.39.1