mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-11-01 08:58:07 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/vfio/pci
History
Vlad Tsyrklevich 05692d7005 vfio/pci: Fix integer overflows, bitmask check 
The VFIO_DEVICE_SET_IRQS ioctl did not sufficiently sanitize
user-supplied integers, potentially allowing memory corruption. This
patch adds appropriate integer overflow checks, checks the range bounds
for VFIO_IRQ_SET_DATA_NONE, and also verifies that only single element
in the VFIO_IRQ_SET_DATA_TYPE_MASK bitmask is set.
VFIO_IRQ_SET_ACTION_TYPE_MASK is already correctly checked later in
vfio_pci_set_irqs_ioctl().

Furthermore, a kzalloc is changed to a kcalloc because the use of a
kzalloc with an integer multiplication allowed an integer overflow
condition to be reached without this patch. kcalloc checks for overflow
and should prevent a similar occurrence.

Signed-off-by: Vlad Tsyrklevich <vlad@tsyrklevich.net>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2016-10-26 13:49:29 -06:00
..
Kconfig vfio/pci: Intel IGD OpRegion support 2016-02-22 16:10:09 -07:00
Makefile vfio/pci: Intel IGD OpRegion support 2016-02-22 16:10:09 -07:00
vfio_pci.c vfio/pci: Fix integer overflows, bitmask check 2016-10-26 13:49:29 -06:00
vfio_pci_config.c vfio-pci: Virtualize PCIe & AF FLR 2016-09-26 13:52:16 -06:00
vfio_pci_igd.c vfio/pci: Intel IGD host and LCP bridge config space access 2016-02-22 16:10:09 -07:00
vfio_pci_intrs.c vfio/pci: Fix integer overflows, bitmask check 2016-10-26 13:49:29 -06:00
vfio_pci_private.h vfio_pci: use pci_alloc_irq_vectors 2016-09-29 13:36:38 -06:00
vfio_pci_rdwr.c vfio/pci: Expose shadow ROM as PCI option ROM 2016-02-22 16:10:09 -07:00