mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-08 17:49:45 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/staging
History
Yisheng Xie 23081c335d staging: android: ashmem: Fix possible deadlock in ashmem_ioctl 
commit 740a5759bf upstream.

ashmem_mutex may create a chain of dependencies like:

CPU0                                    CPU1
 mmap syscall                           ioctl syscall
 -> mmap_sem (acquired)                 -> ashmem_ioctl
 -> ashmem_mmap                            -> ashmem_mutex (acquired)
    -> ashmem_mutex (try to acquire)       -> copy_from_user
                                              -> mmap_sem (try to acquire)

There is a lock odering problem between mmap_sem and ashmem_mutex causing
a lockdep splat[1] during a syzcaller test. This patch fixes the problem
by move copy_from_user out of ashmem_mutex.

[1] https://www.spinics.net/lists/kernel/msg2733200.html

Fixes: ce8a3a9e76 (staging: android: ashmem: Fix a race condition in pin ioctls)
Reported-by: syzbot+d7a918a7a8e1c952bc36@syzkaller.appspotmail.com
Signed-off-by: Yisheng Xie <xieyisheng1@huawei.com>
Cc: "Joel Fernandes (Google)" <joel.opensrc@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-03-24 11:01:21 +01:00
..
android staging: android: ashmem: Fix possible deadlock in ashmem_ioctl 2018-03-24 11:01:21 +01:00
board License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ccree staging: ccree: Uninitialized return in ssi_ahash_import() 2018-02-25 11:08:02 +01:00
clocking-wizard
comedi staging: comedi: fix comedi_nsamples_left. 2018-03-19 08:42:45 +01:00
dgnc License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
emxx_udc
fbtft License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fsl-dpaa2 staging: fsl-dpaa2/eth: Account for Rx FD buffers on error path 2017-12-10 13:40:41 +01:00
fsl-mc staging: fsl-mc: fix build testing on x86 2018-02-25 11:07:52 +01:00
fwserial License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gdm724x License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
goldfish staging: goldfish: (Coding Style) Fixed parenthesis alignment. 2017-08-31 18:21:37 +02:00
greybus staging: greybus: light: Release memory obtained by kasprintf 2017-12-25 14:26:30 +01:00
gs_fpgaboot staging: gs_fpgaboot: return valid error codes 2017-07-28 17:07:37 -07:00
iio staging: iio: ad5933: switch buffer mode to software 2018-02-25 11:07:53 +01:00
irda staging: irda: fix init level for irda core 2017-08-30 10:15:12 -07:00
ks7010 License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
lustre crypto: hash - annotate algorithms taking optional key 2018-02-16 20:23:00 +01:00
media License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
most License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mt29f_spinand staging: mt29f_spinand: Enable the read ECC before program the page 2017-09-18 12:25:31 +02:00
netlogic
nvec License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
octeon staging: octeon: fix line over 80 characters 2017-08-18 15:57:17 -07:00
octeon-usb
olpc_dcon License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pi433 staging: pi433: Move limit check to switch default to kill warning 2017-09-18 12:25:31 +02:00
rtl8188eu staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID 2018-02-03 17:39:17 +01:00
rtl8192e License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rtl8192u License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rtl8712 License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rtl8723bs License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rtlwifi staging: rtl8822be: fix missing null check on dev_alloc_skb return 2018-03-19 08:42:48 +01:00
rts5208 License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
skein License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sm750fb staging: sm750fb: Fix parameter mistake in poke32 2017-11-21 09:49:24 +01:00
speakup License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
typec typec: tcpm: fusb302: Resolve out of order messaging events 2018-03-19 08:42:48 +01:00
unisys License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vboxvideo staging: vboxvideo: Fix reporting invalid suggested-offset-properties 2017-11-21 09:49:24 +01:00
vc04_services License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vme License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vt6655 vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend 2017-12-20 10:10:35 +01:00
vt6656 License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
wilc1000 staging: wilc1000: Fix bssid buffer offset in Txq 2017-11-21 09:49:23 +01:00
wlan-ng License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xgifb License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2017-09-06 14:45:08 -07:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00