Btw, I've looked at this some more and I'm 99% sure there is no way to exploit it. The "if (PAGE_ALIGN(size) == 0)" prevents the integer overflow in __vgem_gem_create() that I was worried about.
regards, dan carpenter _______________________________________________ dri-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/dri-devel
