David Hildenbrand a8b92b8c1e s390/pci_mmio: fully validate the VMA before calling follow_pte() ... We should not walk/touch page tables outside of VMA boundaries when holding only the mmap sem in read mode. Evil user space can modify the VMA layout just before this function runs and e.g., trigger races with page table removal code since commit dd2283f260 ("mm: mmap: zap pages with read mmap_sem in munmap"). find_vma() does not check if the address is >= the VMA start address; use vma_lookup() instead. Reviewed-by: Niklas Schnelle <schnelle@linux.ibm.com> Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com> Fixes: dd2283f260 ("mm: mmap: zap pages with read mmap_sem in munmap") Signed-off-by: David Hildenbrand <david@redhat.com> Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>		2021-09-15 14:29:21 +02:00
..
Makefile	s390/pci: consolidate SR-IOV specific code	2020-09-14 11:38:34 +02:00
pci.c	s390 updates for 5.15 merge window	2021-08-30 13:07:15 -07:00
pci_bus.c	s390/pci: improve DMA translation init and exit	2021-08-25 11:03:34 +02:00
pci_bus.h	s390/pci: fix use after free of zpci_dev	2021-08-18 10:12:42 +02:00
pci_clp.c	s390/pci: read clp_list_pci_req only once	2021-09-07 13:38:42 +02:00
pci_debug.c	locking/atomic, s390/pci: Remove redundant casts	2019-06-03 12:32:57 +02:00
pci_dma.c	dma-mapping updates for Linux 5.15	2021-09-02 10:32:06 -07:00
pci_event.c	s390/pci: improve DMA translation init and exit	2021-08-25 11:03:34 +02:00
pci_insn.c	s390/pci: use register pair instead of register asm	2021-06-18 16:41:23 +02:00
pci_iov.c	s390/pci: add missing pci_iov.h include	2020-09-16 14:08:47 +02:00
pci_iov.h	s390/pci: consolidate SR-IOV specific code	2020-09-14 11:38:34 +02:00
pci_irq.c	s390/pci: Do not mask MSI[-X] entries on teardown	2021-08-10 11:03:29 +02:00
pci_mmio.c	s390/pci_mmio: fully validate the VMA before calling follow_pte()	2021-09-15 14:29:21 +02:00
pci_sysfs.c	s390/pci: improve DMA translation init and exit	2021-08-25 11:03:34 +02:00