summaryrefslogtreecommitdiff
path: root/drivers/xen
diff options
context:
space:
mode:
authorJuergen Gross <jgross@suse.com>2022-03-07 11:48:55 +0300
committerJuergen Gross <jgross@suse.com>2022-03-07 11:48:55 +0300
commitb0576cc9c6b843d99c6982888d59a56209341888 (patch)
treea1d13c5d27cdcfa83e148bfde177ee9a37e054bb /drivers/xen
parent5cadd4bb1d7fc9ab201ac14620d1a478357e4ebd (diff)
downloadlinux-b0576cc9c6b843d99c6982888d59a56209341888.tar.xz
xen/pvcalls: use alloc/free_pages_exact()
Instead of __get_free_pages() and free_pages() use alloc_pages_exact() and free_pages_exact(). This is in preparation of a change of gnttab_end_foreign_access() which will prohibit use of high-order pages. This is part of CVE-2022-23041 / XSA-396. Reported-by: Simon Gaiser <simon@invisiblethingslab.com> Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> --- V4: - new patch
Diffstat (limited to 'drivers/xen')
-rw-r--r--drivers/xen/pvcalls-front.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/drivers/xen/pvcalls-front.c b/drivers/xen/pvcalls-front.c
index 3c9ae156b597..0ca351f30a6d 100644
--- a/drivers/xen/pvcalls-front.c
+++ b/drivers/xen/pvcalls-front.c
@@ -337,8 +337,8 @@ static void free_active_ring(struct sock_mapping *map)
if (!map->active.ring)
return;
- free_pages((unsigned long)map->active.data.in,
- map->active.ring->ring_order);
+ free_pages_exact(map->active.data.in,
+ PAGE_SIZE << map->active.ring->ring_order);
free_page((unsigned long)map->active.ring);
}
@@ -352,8 +352,8 @@ static int alloc_active_ring(struct sock_mapping *map)
goto out;
map->active.ring->ring_order = PVCALLS_RING_ORDER;
- bytes = (void *)__get_free_pages(GFP_KERNEL | __GFP_ZERO,
- PVCALLS_RING_ORDER);
+ bytes = alloc_pages_exact(PAGE_SIZE << PVCALLS_RING_ORDER,
+ GFP_KERNEL | __GFP_ZERO);
if (!bytes)
goto out;