diff options
author | Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> | 2022-11-25 21:07:45 -0800 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2022-12-31 13:31:59 +0100 |
commit | 4da411086f5ab32f811a89ef804980ec106ebb65 (patch) | |
tree | cb3b6feb604ded2388f8a31f7d414f3c399658e7 | |
parent | b44457b83a034efef58ffa5f3131d4615f1a9837 (diff) | |
download | linux-stable-4da411086f5ab32f811a89ef804980ec106ebb65.tar.gz linux-stable-4da411086f5ab32f811a89ef804980ec106ebb65.tar.bz2 linux-stable-4da411086f5ab32f811a89ef804980ec106ebb65.zip |
xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
[ Upstream commit 8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79 ]
As 'kdata.num' is user-controlled data, if user tries to allocate
memory larger than(>=) MAX_ORDER, then kcalloc() will fail, it
creates a stack trace and messes up dmesg with a warning.
Call trace:
-> privcmd_ioctl
--> privcmd_ioctl_mmap_resource
Add __GFP_NOWARN in order to avoid too large allocation warning.
This is detected by static analysis using smatch.
Fixes: 3ad0876554ca ("xen/privcmd: add IOCTL_PRIVCMD_MMAP_RESOURCE")
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Link: https://lore.kernel.org/r/20221126050745.778967-1-harshit.m.mogalapalli@oracle.com
Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-rw-r--r-- | drivers/xen/privcmd.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/xen/privcmd.c b/drivers/xen/privcmd.c index fae50a24630b..1edf45ee9890 100644 --- a/drivers/xen/privcmd.c +++ b/drivers/xen/privcmd.c @@ -760,7 +760,7 @@ static long privcmd_ioctl_mmap_resource(struct file *file, goto out; } - pfns = kcalloc(kdata.num, sizeof(*pfns), GFP_KERNEL); + pfns = kcalloc(kdata.num, sizeof(*pfns), GFP_KERNEL | __GFP_NOWARN); if (!pfns) { rc = -ENOMEM; goto out; |