Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 3f3a6bbe6f9f5e895d8945494173594ee51632da
commit3f3a6bbe6f9f5e895d8945494173594ee51632da[log] [tgz]
authorAl Viro <viro@zeniv.linux.org.uk>Fri Dec 16 13:42:06 2016 -0500
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Mon Jan 09 08:32:25 2017 +0100
tree07d69582b4b05fe1b7cf99dc58ab907eb4d0113a
parentd024532a97db32db4b0fc4cd27c7a9ac15b84e5b [diff]
sg_write()/bsg_write() is not fit to be called under KERNEL_DS

commit 128394eff343fc6d2f32172f03e24829539c5835 upstream.

Both damn things interpret userland pointers embedded into the payload;
worse, they are actually traversing those.  Leaving aside the bad
API design, this is very much _not_ safe to call with KERNEL_DS.
Bail out early if that happens.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2 files changed
tree: 07d69582b4b05fe1b7cf99dc58ab907eb4d0113a
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README
  35. REPORTING-BUGS