Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / afedbf63c6150bf6db0a5ab591076948edc32239
commitafedbf63c6150bf6db0a5ab591076948edc32239[log] [tgz]
authorAl Viro <viro@zeniv.linux.org.uk>Fri Dec 16 13:42:06 2016 -0500
committerchrmhoffmann <chrmhoffmann@gmail.com>Sat Aug 12 18:28:04 2017 +0200
tree24a3a8c8c258242c247658774e630df578570046
parent2a8cc1937deb561c508d21525dcdf1b418476ff5 [diff]
sg_write()/bsg_write() is not fit to be called under KERNEL_DS

Both damn things interpret userland pointers embedded into the payload;
worse, they are actually traversing those.  Leaving aside the bad
API design, this is very much _not_ safe to call with KERNEL_DS.
Bail out early if that happens.

Change-Id: I74658c269c42a4f2023e829a1c8e0ec0804cef9b
Cc: stable@vger.kernel.org
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2 files changed
tree: 24a3a8c8c258242c247658774e630df578570046
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. AndroidKernel.mk
  25. COPYING
  26. CREDITS
  27. Kbuild
  28. Kconfig
  29. MAINTAINERS
  30. Makefile
  31. README
  32. REPORTING-BUGS