git.openwrt.org Git - openwrt/staging/blogic.git/commit

projects / openwrt / staging / blogic.git / commit

author	Daniel De Graaf <[email protected]>
	Wed, 2 Jan 2013 22:57:11 +0000 (22:57 +0000)
committer	Konrad Rzeszutek Wilk <[email protected]>
	Tue, 15 Jan 2013 21:01:06 +0000 (16:01 -0500)
commit	2512f298cb9886e06938e761c9e924c8448d9ab8
tree	959938beb9ef789e72217844d159c95604817ac5	tree \| snapshot
parent	99beae6cb8f4dd5dab81a370b79c3b1085848d89	commit \| diff

xen/gntdev: fix unsafe vma access

In gntdev_ioctl_get_offset_for_vaddr, we need to hold mmap_sem while
calling find_vma() to avoid potentially having the result freed out from
under us. Similarly, the MMU notifier functions need to synchronize with
gntdev_vma_close to avoid map->vma being freed during their iteration.

Signed-off-by: Daniel De Graaf <[email protected]>
Reported-by: Al Viro <[email protected]>
Signed-off-by: Konrad Rzeszutek Wilk <[email protected]>

drivers/xen/gntdev.c

diff | blob | history

John Crispins staging tree

RSS Atom