2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2025-01-20 19:43:58 +08:00
linux-next/arch
Tianyu Lan 4030b4c585 x86/hyper-v: Fix overflow bug in fill_gva_list()
When the 'start' parameter is >=  0xFF000000 on 32-bit
systems, or >= 0xFFFFFFFF'FF000000 on 64-bit systems,
fill_gva_list() gets into an infinite loop.

With such inputs, 'cur' overflows after adding HV_TLB_FLUSH_UNIT
and always compares as less than end.  Memory is filled with
guest virtual addresses until the system crashes.

Fix this by never incrementing 'cur' to be larger than 'end'.

Reported-by: Jong Hyun Park <park.jonghyun@yonsei.ac.kr>
Signed-off-by: Tianyu Lan <Tianyu.Lan@microsoft.com>
Reviewed-by: Michael Kelley <mikelley@microsoft.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Fixes: 2ffd9e33ce ("x86/hyper-v: Use hypercall for remote TLB flush")
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-09-02 19:57:19 +02:00
..
alpha Merge branch 'akpm' (patches from Andrew) 2019-07-17 08:58:04 -07:00
arc Merge branch 'akpm' (patches from Andrew) 2019-07-17 08:58:04 -07:00
arm Wimplicit-fallthrough patches for 5.3-rc4 2019-08-10 10:10:33 -07:00
arm64 Bugfixes (arm and x86) and cleanups. 2019-08-09 15:46:29 -07:00
c6x Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu 2019-07-10 21:42:03 -07:00
csky treewide: add "WITH Linux-syscall-note" to SPDX tag of uapi headers 2019-07-25 11:05:10 +02:00
h8300 h8300 update for 5.3 2019-07-17 09:36:38 -07:00
hexagon hexagon: switch to generic version of pte allocation 2019-07-21 09:53:00 -07:00
ia64 Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
m68k arch: mark syscall number 435 reserved for clone3 2019-07-15 00:39:33 +02:00
microblaze clone3-v5.3 2019-07-11 10:09:44 -07:00
mips Bugfixes (arm and x86) and cleanups. 2019-08-09 15:46:29 -07:00
nds32 treewide: add "WITH Linux-syscall-note" to SPDX tag of uapi headers 2019-07-25 11:05:10 +02:00
nios2 nios2 update for v5.3-rc1 2019-07-12 15:38:05 -07:00
openrisc dma-mapping updates for Linux 5.3 2019-07-12 15:13:55 -07:00
parisc Makefile: Convert -Wimplicit-fallthrough=3 to just -Wimplicit-fallthrough for clang 2019-08-10 12:45:37 -07:00
powerpc powerpc fixes for 5.3 2019-08-10 10:17:19 -07:00
riscv RISC-V: Remove udivdi3 2019-08-08 16:05:38 -07:00
s390 Bugfixes (arm and x86) and cleanups. 2019-08-09 15:46:29 -07:00
sh treewide: add "WITH Linux-syscall-note" to SPDX tag of uapi headers 2019-07-25 11:05:10 +02:00
sparc treewide: add "WITH Linux-syscall-note" to SPDX tag of uapi headers 2019-07-25 11:05:10 +02:00
um This pull request contains the following changes for UML: 2019-07-14 17:17:34 -07:00
unicore32 Kconfig updates for v5.3 2019-07-12 16:06:27 -07:00
x86 x86/hyper-v: Fix overflow bug in fill_gva_list() 2019-09-02 19:57:19 +02:00
xtensa xtensa: fix build for cores with coprocessors 2019-07-24 17:44:42 -07:00
.gitignore
Kconfig Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-07-20 10:33:44 -07:00