Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp7149509ybi; Mon, 8 Jul 2019 15:38:20 -0700 (PDT) X-Google-Smtp-Source: APXvYqx6K5P79n3+i9gFU6VN051Xzfp1/j9nb8QJod08sUZakm6gi6g7YP19bAuy50iDP5V6DZS4 X-Received: by 2002:a17:902:70c3:: with SMTP id l3mr20682840plt.92.1562625500390; Mon, 08 Jul 2019 15:38:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562625500; cv=none; d=google.com; s=arc-20160816; b=Qo4DHwZAowb5i8gDFXNGUOEiCSwczwcE5uIlwJLEAj2Kt92tOSBY4tYQqIkziolI7m Mf0oDbiuQHMQyphQt6U8dQzcgULWLm2tl0yJz90SxdWLpO8uW1xNXxWs8a0GDPMceB4Y zNeZ+b+MOtje/fUGTkFcT1C7jtOWRdYlTBPltCRiNs3GNcLPNuJDS8nWqcoQ0StdQO3v jOo3Hy3K1xkAmqcG4gNUeDbb3oC14kKs8fkvlmc6y5reA+fiMjLo3gK0LKm7woYPSOL1 BpP6ZlXKytL1zUHPiwYedM9sRiS43z89sBCiNICgb9pYgAy9s37v6k/rNGC1cEvV9Cwm tThg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=bhE0ZQgABc4HM6IRJKrwWIxuBrs2Zy6Xp6UrSQ4Jn20=; b=I/BeVWpwFtnGfxvH1nisnlrwi7A5tjTWDgMY7tDonfoEyvXv1A9ILbfZGyyVuyYFbt BIGalA3V0R0z3DOYuUzmS7z/iqYcu8yMNx42FRGBhlN3Gb/giJykA9AISwrpiuTacAT8 9yXT0Yq07yzhcp34s2IXfavqfhzQJimFK0L2SV7WIKWUtMFOD2WWx22f5/6TL3SJbOh0 wN9k3nod78INGZFvI77xtmhJ5koWjKqiLHhD4Q/Fto3zP1xWQUtqf5o5Zv5J6A4NEqir frYfYv7h+2v9pFMZQCqA14TkX/u6V3WrwK/5zA0BneRncy8zWLeZs7vGA46X0+TvKaqd pIWQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=o4zefNNd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e65si20017640pgc.454.2019.07.08.15.38.05; Mon, 08 Jul 2019 15:38:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=o4zefNNd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388769AbfGHP0M (ORCPT + 99 others); Mon, 8 Jul 2019 11:26:12 -0400 Received: from mail.kernel.org ([198.145.29.99]:53834 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388757AbfGHP0I (ORCPT ); Mon, 8 Jul 2019 11:26:08 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id E029520665; Mon, 8 Jul 2019 15:26:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1562599568; bh=oqJOOPIzXqtL84WhyP7K9dTw3vqk5/8dazpQ8iRpGL4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=o4zefNNd4Uc9X3GYRiX/z9t5CSr2Q0CkqIYcJup9u55UCdIO1vca9vJ1m+actuUuN O9RKsmONijNGtSdzN2Gw3QgZdTYog5FoBeu4Xq+DW/nNe5ZM5GqGmIKcdcO/rBjTWZ UJHUrXjOJpOATT9eHmRef1xSAjY9ndedp9jqlZlc= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Paul Burton , Hauke Mehrtens , ralf@linux-mips.org, jhogan@kernel.org, f4bug@amsat.org, linux-mips@vger.kernel.org, ysu@wavecomp.com, jcristau@debian.org Subject: [PATCH 4.14 53/56] MIPS: Fix bounds check virt_addr_valid Date: Mon, 8 Jul 2019 17:13:45 +0200 Message-Id: <20190708150524.194818214@linuxfoundation.org> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20190708150514.376317156@linuxfoundation.org> References: <20190708150514.376317156@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Hauke Mehrtens commit d6ed083f5cc621e15c15b56c3b585fd524dbcb0f upstream. The bounds check used the uninitialized variable vaddr, it should use the given parameter kaddr instead. When using the uninitialized value the compiler assumed it to be 0 and optimized this function to just return 0 in all cases. This should make the function check the range of the given address and only do the page map check in case it is in the expected range of virtual addresses. Fixes: 074a1e1167af ("MIPS: Bounds check virt_addr_valid") Cc: stable@vger.kernel.org # v4.12+ Cc: Paul Burton Signed-off-by: Hauke Mehrtens Signed-off-by: Paul Burton Cc: ralf@linux-mips.org Cc: jhogan@kernel.org Cc: f4bug@amsat.org Cc: linux-mips@vger.kernel.org Cc: ysu@wavecomp.com Cc: jcristau@debian.org Signed-off-by: Greg Kroah-Hartman --- arch/mips/mm/mmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/arch/mips/mm/mmap.c +++ b/arch/mips/mm/mmap.c @@ -203,7 +203,7 @@ unsigned long arch_randomize_brk(struct int __virt_addr_valid(const volatile void *kaddr) { - unsigned long vaddr = (unsigned long)vaddr; + unsigned long vaddr = (unsigned long)kaddr; if ((vaddr < PAGE_OFFSET) || (vaddr >= MAP_BASE)) return 0;