NothingOSS/android_kernel_msm-6.1_nothing_sm7635
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_msm-6.1_noth.../include
History
Ruihan Li df9bc25d13 mm: page_table_check: Ensure user pages are not slab pages 
commit 44d0fb387b53e56c8a050bac5c7d460e21eb226f upstream.

The current uses of PageAnon in page table check functions can lead to
type confusion bugs between struct page and slab [1], if slab pages are
accidentally mapped into the user space. This is because slab reuses the
bits in struct page to store its internal states, which renders PageAnon
ineffective on slab pages.

Since slab pages are not expected to be mapped into the user space, this
patch adds BUG_ON(PageSlab(page)) checks to make sure that slab pages
are not inadvertently mapped. Otherwise, there must be some bugs in the
kernel.

Reported-by: syzbot+fcf1a817ceb50935ce99@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/lkml/000000000000258e5e05fae79fc1@google.com/ [1]
Fixes: df4e817b71 ("mm: page table check")
Cc: <stable@vger.kernel.org> # 5.17
Signed-off-by: Ruihan Li <lrh2000@pku.edu.cn>
Acked-by: Pasha Tatashin <pasha.tatashin@soleen.com>
Link: https://lore.kernel.org/r/20230515130958.32471-5-lrh2000@pku.edu.cn
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-06-14 11:15:29 +02:00
..
acpi ACPI: video: Add auto_detect arg to __acpi_video_get_backlight_type() 2023-04-13 16:55:33 +02:00
asm-generic asm-generic/io.h: suppress endianness warnings for readq() and writeq() 2023-05-11 23:02:58 +09:00
clocksource
crypto crypto: api - Add scaffolding to change completion function signature 2023-05-17 11:53:40 +02:00
drm drm: fix drmm_mutex_init() 2023-05-30 14:03:20 +01:00
dt-bindings dt-bindings: clocks: imx8mp: Add ID for usb suspend clock 2022-12-31 13:33:09 +01:00
keys
kunit kunit: fix kunit_test_init_section_suites(...) 2023-02-09 11:28:08 +01:00
kvm KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode 2023-04-13 16:55:17 +02:00
linux mm: page_table_check: Ensure user pages are not slab pages 2023-06-14 11:15:29 +02:00
math-emu
media media: dvb-core: Fix use-after-free due to race at dvb_register_device() 2023-06-09 10:34:12 +02:00
memory memory: renesas-rpc-if: Split-off private data from struct rpcif 2023-03-11 13:55:17 +01:00
misc
net Bluetooth: fix debugfs registration 2023-06-14 11:15:28 +02:00
pcmcia
ras
rdma
rv
scsi scsi: libsas: Add sas_ata_device_link_abort() 2023-05-11 23:03:20 +09:00
soc ARM: at91: pm: avoid soft resetting AC DLL 2022-11-01 12:25:19 +02:00
sound ASoC: amd: fix ACP version typo mistake 2023-05-11 23:02:59 +09:00
target scsi: target: Fix multiple LUN_RESET handling 2023-05-11 23:03:19 +09:00
trace f2fs: refactor extent_cache to support for read and more 2023-05-17 11:53:52 +02:00
uapi ipv{4,6}/raw: fix output xfrm lookup wrt protocol 2023-06-05 09:26:16 +02:00
ufs scsi: ufs: exynos: Fix DMA alignment for PAGE_SIZE != 4096 2023-03-10 09:33:15 +01:00
vdso
video
xen ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 2023-05-11 23:03:11 +09:00