No description
Find a file
Ping-Ke Shih 03ed236480 rtw89: cfo: check mac_id to avoid out-of-bounds
[ Upstream commit 97df85871a ]

Somehow, hardware reports incorrect mac_id and pollute memory. Check index
before we access the array.

  UBSAN: array-index-out-of-bounds in rtw89/phy.c:2517:23
  index 188 is out of range for type 's32 [64]'
  CPU: 1 PID: 51550 Comm: irq/35-rtw89_pc Tainted: G           OE
  Call Trace:
   <IRQ>
   show_stack+0x52/0x58
   dump_stack_lvl+0x4c/0x63
   dump_stack+0x10/0x12
   ubsan_epilogue+0x9/0x45
   __ubsan_handle_out_of_bounds.cold+0x44/0x49
   ? __alloc_skb+0x92/0x1d0
   rtw89_phy_cfo_parse+0x44/0x7f [rtw89_core]
   rtw89_core_rx+0x261/0x871 [rtw89_core]
   ? __alloc_skb+0xee/0x1d0
   rtw89_pci_napi_poll+0x3fa/0x4ea [rtw89_pci]
   __napi_poll+0x33/0x1a0
   net_rx_action+0x126/0x260
   ? __queue_work+0x217/0x4c0
   __do_softirq+0xd9/0x315
   ? disable_irq_nosync+0x10/0x10
   do_softirq.part.0+0x6d/0x90
   </IRQ>
   <TASK>
   __local_bh_enable_ip+0x62/0x70
   rtw89_pci_interrupt_threadfn+0x182/0x1a6 [rtw89_pci]
   irq_thread_fn+0x28/0x60
   irq_thread+0xc8/0x190
   ? irq_thread_fn+0x60/0x60
   kthread+0x16b/0x190
   ? irq_thread_check_affinity+0xe0/0xe0
   ? set_kthread_struct+0x50/0x50
   ret_from_fork+0x22/0x30
   </TASK>

Signed-off-by: Ping-Ke Shih <pkshih@realtek.com>
Signed-off-by: Kalle Valo <kvalo@kernel.org>
Link: https://lore.kernel.org/r/20220516005215.5878-4-pkshih@realtek.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-06-09 10:25:29 +02:00
arch openrisc: start CPU timer early in boot 2022-06-09 10:25:28 +02:00
block block/mq-deadline: Set the fifo_time member also if inserting at head 2022-05-25 09:59:06 +02:00
certs certs: Fix build error when CONFIG_MODULE_SIG_KEY is empty 2022-01-23 00:08:44 +09:00
crypto crypto: ecrdsa - Fix incorrect use of vli_cmp 2022-06-06 08:47:53 +02:00
Documentation regulator: mt6315: Enforce regulator-compatible, not name 2022-06-09 10:25:24 +02:00
drivers rtw89: cfo: check mac_id to avoid out-of-bounds 2022-06-09 10:25:29 +02:00
fs btrfs: fix anon_dev leak in create_subvol() 2022-06-09 10:25:28 +02:00
include Bluetooth: HCI: Add HCI_QUIRK_BROKEN_ENHANCED_SETUP_SYNC_CONN quirk 2022-06-09 10:25:27 +02:00
init kthread: Don't allocate kthread_struct for init and umh 2022-06-09 10:25:16 +02:00
ipc ipc/sem: do not sleep with a spin lock held 2022-02-04 09:25:05 -08:00
kernel dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC 2022-06-09 10:25:26 +02:00
lib kunit: bail out of test filtering logic quicker if OOM 2022-06-09 10:25:26 +02:00
LICENSES LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers 2021-12-16 14:33:10 +01:00
mm zsmalloc: fix races between asynchronous zspage free and page migration 2022-06-06 08:47:53 +02:00
net Bluetooth: HCI: Add HCI_QUIRK_BROKEN_ENHANCED_SETUP_SYNC_CONN quirk 2022-06-09 10:25:27 +02:00
samples samples/bpf, xdpsock: Fix race when running for fix duration of time 2022-04-08 13:58:18 +02:00
scripts kconfig: add fflush() before ferror() check 2022-05-25 09:58:59 +02:00
security lockdown: also lock down previous kgdb use 2022-05-25 09:59:10 +02:00
sound ASoC: rt5645: Fix errorenous cleanup order 2022-06-09 10:25:28 +02:00
tools kunit: tool: make parser stop overwriting status of suites w/ no_tests 2022-06-09 10:25:28 +02:00
usr kbuild: remove include/linux/cyclades.h from header file check 2022-01-27 08:51:08 +01:00
virt KVM: Free new dirty bitmap if creating a new memslot fails 2022-05-25 09:59:03 +02:00
.clang-format genirq/msi: Make interrupt allocation less convoluted 2021-12-16 22:22:20 +01:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore .gitignore: ignore only top-level modules.builtin 2021-05-02 00:43:35 +09:00
.mailmap MAINTAINERS: Update Jisheng's email address 2022-03-08 17:30:32 +01:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: replace a Microchip AT91 maintainer 2022-02-09 11:30:01 +01:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS net: dsa: realtek-smi: move to subdirectory 2022-04-08 13:58:12 +02:00
Makefile Linux 5.17.13 2022-06-06 08:47:57 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.