summaryrefslogtreecommitdiff
path: root/drivers/md/dm-log-userspace-transfer.c
diff options
context:
space:
mode:
authorRalph Campbell <rcampbell@nvidia.com>2019-08-24 01:17:52 +0300
committerJason Gunthorpe <jgg@mellanox.com>2019-08-28 01:27:07 +0300
commit6c64f2bbe79cf3b770ac60ae79442322bd76d55e (patch)
tree79acd2366e34348b704a425f07b34e55ebd1ce40 /drivers/md/dm-log-userspace-transfer.c
parente3fe8e555dd05cf74168d18555c44320ed50a0e1 (diff)
downloadlinux-6c64f2bbe79cf3b770ac60ae79442322bd76d55e.tar.xz
mm/hmm: hmm_range_fault() NULL pointer bug
Although hmm_range_fault() calls find_vma() to make sure that a vma exists before calling walk_page_range(), hmm_vma_walk_hole() can still be called with walk->vma == NULL if the start and end address are not contained within the vma range. hmm_range_fault() /* calls find_vma() but no range check */ walk_page_range() /* calls find_vma(), sets walk->vma = NULL */ __walk_page_range() walk_pgd_range() walk_p4d_range() walk_pud_range() hmm_vma_walk_hole() hmm_vma_walk_hole_() hmm_vma_do_fault() handle_mm_fault(vma=0) Link: https://lore.kernel.org/r/20190823221753.2514-2-rcampbell@nvidia.com Signed-off-by: Ralph Campbell <rcampbell@nvidia.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
Diffstat (limited to 'drivers/md/dm-log-userspace-transfer.c')
0 files changed, 0 insertions, 0 deletions