diff options
author | Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> | 2022-11-26 06:07:45 +0100 |
---|---|---|
committer | Juergen Gross <jgross@suse.com> | 2022-12-05 13:54:29 +0100 |
commit | 8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79 (patch) | |
tree | f309026b6174a2fa4399b370c6169e44fb9ecb74 | |
parent | x86/xen: Fix memory leak in xen_init_lock_cpu() (diff) | |
download | linux-8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79.tar.xz linux-8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79.zip |
xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
As 'kdata.num' is user-controlled data, if user tries to allocate
memory larger than(>=) MAX_ORDER, then kcalloc() will fail, it
creates a stack trace and messes up dmesg with a warning.
Call trace:
-> privcmd_ioctl
--> privcmd_ioctl_mmap_resource
Add __GFP_NOWARN in order to avoid too large allocation warning.
This is detected by static analysis using smatch.
Fixes: 3ad0876554ca ("xen/privcmd: add IOCTL_PRIVCMD_MMAP_RESOURCE")
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Link: https://lore.kernel.org/r/20221126050745.778967-1-harshit.m.mogalapalli@oracle.com
Signed-off-by: Juergen Gross <jgross@suse.com>
-rw-r--r-- | drivers/xen/privcmd.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/xen/privcmd.c b/drivers/xen/privcmd.c index fae50a24630b..1edf45ee9890 100644 --- a/drivers/xen/privcmd.c +++ b/drivers/xen/privcmd.c @@ -760,7 +760,7 @@ static long privcmd_ioctl_mmap_resource(struct file *file, goto out; } - pfns = kcalloc(kdata.num, sizeof(*pfns), GFP_KERNEL); + pfns = kcalloc(kdata.num, sizeof(*pfns), GFP_KERNEL | __GFP_NOWARN); if (!pfns) { rc = -ENOMEM; goto out; |