summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHarshit Mogalapalli <harshit.m.mogalapalli@oracle.com>2022-11-25 21:07:45 -0800
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2022-12-31 13:31:59 +0100
commit4da411086f5ab32f811a89ef804980ec106ebb65 (patch)
treecb3b6feb604ded2388f8a31f7d414f3c399658e7
parentb44457b83a034efef58ffa5f3131d4615f1a9837 (diff)
downloadlinux-stable-4da411086f5ab32f811a89ef804980ec106ebb65.tar.gz
linux-stable-4da411086f5ab32f811a89ef804980ec106ebb65.tar.bz2
linux-stable-4da411086f5ab32f811a89ef804980ec106ebb65.zip
xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
[ Upstream commit 8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79 ] As 'kdata.num' is user-controlled data, if user tries to allocate memory larger than(>=) MAX_ORDER, then kcalloc() will fail, it creates a stack trace and messes up dmesg with a warning. Call trace: -> privcmd_ioctl --> privcmd_ioctl_mmap_resource Add __GFP_NOWARN in order to avoid too large allocation warning. This is detected by static analysis using smatch. Fixes: 3ad0876554ca ("xen/privcmd: add IOCTL_PRIVCMD_MMAP_RESOURCE") Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> Reviewed-by: Juergen Gross <jgross@suse.com> Link: https://lore.kernel.org/r/20221126050745.778967-1-harshit.m.mogalapalli@oracle.com Signed-off-by: Juergen Gross <jgross@suse.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
-rw-r--r--drivers/xen/privcmd.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/xen/privcmd.c b/drivers/xen/privcmd.c
index fae50a24630b..1edf45ee9890 100644
--- a/drivers/xen/privcmd.c
+++ b/drivers/xen/privcmd.c
@@ -760,7 +760,7 @@ static long privcmd_ioctl_mmap_resource(struct file *file,
goto out;
}
- pfns = kcalloc(kdata.num, sizeof(*pfns), GFP_KERNEL);
+ pfns = kcalloc(kdata.num, sizeof(*pfns), GFP_KERNEL | __GFP_NOWARN);
if (!pfns) {
rc = -ENOMEM;
goto out;