]> git.baikalelectronics.ru Git - kernel.git/commitdiff
xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
authorHarshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Sat, 26 Nov 2022 05:07:45 +0000 (21:07 -0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 18 Jan 2023 10:40:57 +0000 (11:40 +0100)
[ Upstream commit 8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79 ]

As 'kdata.num' is user-controlled data, if user tries to allocate
memory larger than(>=) MAX_ORDER, then kcalloc() will fail, it
creates a stack trace and messes up dmesg with a warning.

Call trace:
-> privcmd_ioctl
--> privcmd_ioctl_mmap_resource

Add __GFP_NOWARN in order to avoid too large allocation warning.
This is detected by static analysis using smatch.

Fixes: 128527def25f ("xen/privcmd: add IOCTL_PRIVCMD_MMAP_RESOURCE")
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Link: https://lore.kernel.org/r/20221126050745.778967-1-harshit.m.mogalapalli@oracle.com
Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/xen/privcmd.c

index d4ff944cd16e11a11e776ceecfa7001a45f69058..c4b0de4a542b57e76b4f14b59109cbda8ae6ded6 100644 (file)
@@ -766,7 +766,7 @@ static long privcmd_ioctl_mmap_resource(struct file *file,
                goto out;
        }
 
-       pfns = kcalloc(kdata.num, sizeof(*pfns), GFP_KERNEL);
+       pfns = kcalloc(kdata.num, sizeof(*pfns), GFP_KERNEL | __GFP_NOWARN);
        if (!pfns) {
                rc = -ENOMEM;
                goto out;