diff options
author | Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com> | 2022-11-26 08:07:45 +0300 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2023-01-14 12:15:21 +0300 |
commit | 46026bb057c35f5bb111bf95e00cd8366d2e34d4 (patch) | |
tree | 227c1c72d647795063d98062df24d0ddb513074c /drivers | |
parent | 70e7f308d7a8e915c7fbc0f1d959968eab8000cd (diff) | |
download | linux-46026bb057c35f5bb111bf95e00cd8366d2e34d4.tar.xz |
xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
[ Upstream commit 8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79 ]
As 'kdata.num' is user-controlled data, if user tries to allocate
memory larger than(>=) MAX_ORDER, then kcalloc() will fail, it
creates a stack trace and messes up dmesg with a warning.
Call trace:
-> privcmd_ioctl
--> privcmd_ioctl_mmap_resource
Add __GFP_NOWARN in order to avoid too large allocation warning.
This is detected by static analysis using smatch.
Fixes: 3ad0876554ca ("xen/privcmd: add IOCTL_PRIVCMD_MMAP_RESOURCE")
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Link: https://lore.kernel.org/r/20221126050745.778967-1-harshit.m.mogalapalli@oracle.com
Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'drivers')
-rw-r--r-- | drivers/xen/privcmd.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/xen/privcmd.c b/drivers/xen/privcmd.c index cd5f2f09468e..28537a1a0e0b 100644 --- a/drivers/xen/privcmd.c +++ b/drivers/xen/privcmd.c @@ -760,7 +760,7 @@ static long privcmd_ioctl_mmap_resource(struct file *file, goto out; } - pfns = kcalloc(kdata.num, sizeof(*pfns), GFP_KERNEL); + pfns = kcalloc(kdata.num, sizeof(*pfns), GFP_KERNEL | __GFP_NOWARN); if (!pfns) { rc = -ENOMEM; goto out; |