diff options
| author | Yuntao Wang <[email protected]> | 2023-12-17 11:35:26 +0800 |
|---|---|---|
| committer | Andrew Morton <[email protected]> | 2023-12-29 12:22:25 -0800 |
| commit | 816d334afa85c836080b41bb6238aea845615ad9 (patch) | |
| tree | cb7d14fad85392bf6a2f319498ad9594d04edbe3 /lib/test_fortify/write_overflow-strncpy.c | |
| parent | 5c28913ed04b29efb75c4ddd6a13469952351858 (diff) | |
kexec: modify the meaning of the end parameter in kimage_is_destination_range()
The end parameter received by kimage_is_destination_range() should be the
last valid byte address of the target memory segment plus 1. However, in
the locate_mem_hole_bottom_up() and locate_mem_hole_top_down() functions,
the corresponding value passed to kimage_is_destination_range() is the
last valid byte address of the target memory segment, which is 1 less.
There are two ways to fix this bug. We can either correct the logic of
the locate_mem_hole_bottom_up() and locate_mem_hole_top_down() functions,
or we can fix kimage_is_destination_range() by making the end parameter
represent the last valid byte address of the target memory segment. Here,
we choose the second approach.
Due to the modification to kimage_is_destination_range(), we also need to
adjust its callers, such as kimage_alloc_normal_control_pages() and
kimage_alloc_page().
Link: https://lkml.kernel.org/r/[email protected]
Signed-off-by: Yuntao Wang <[email protected]>
Acked-by: Baoquan He <[email protected]>
Cc: Borislav Petkov (AMD) <[email protected]>
Cc: Dave Hansen <[email protected]>
Cc: "Eric W. Biederman" <[email protected]>
Cc: "H. Peter Anvin" <[email protected]>
Cc: Ingo Molnar <[email protected]>
Cc: Jonathan Corbet <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Diffstat (limited to 'lib/test_fortify/write_overflow-strncpy.c')
0 files changed, 0 insertions, 0 deletions