kernel: watch_queue: copy user-array safely
JIRA: https://issues.redhat.com/browse/RHEL-38238
CVE: CVE-2023-52824
Build Info: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=61430154
Tested: Did sanity boot testing Intel (intel-arrowlake-s-02) system.
commit ca0776571d3163bd03b3e8c9e3da936abfaecbf6
Author: Philipp Stanner pstanner@redhat.com
Date: Wed Sep 20 14:36:11 2023 +0200
kernel: watch_queue: copy user-array safely
Currently, there is no overflow-check with memdup_user().
Use the new function memdup_array_user() instead of memdup_user() for
duplicating the user-space array safely.
Suggested-by: David Airlie <airlied@redhat.com>
Signed-off-by: Philipp Stanner <pstanner@redhat.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Zack Rusin <zackr@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20230920123612.16914-5-pstanner@redhat.com
Signed-off-by: Steve Best sbest@redhat.com