mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-13 14:14:37 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/misc
History
Zheng Wang 643a16a0eb misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os 
In some bad situation, the gts may be freed gru_check_chiplet_assignment.
The call chain can be gru_unload_context->gru_free_gru_context->gts_drop
and kfree finally. However, the caller didn't know if the gts is freed
or not and use it afterwards. This will trigger a Use after Free bug.

Fix it by introducing a return value to see if it's in error path or not.
Free the gts in caller if gru_check_chiplet_assignment check failed.

Fixes: 55484c45db ("gru: allow users to specify gru chiplet 2")
Signed-off-by: Zheng Wang <zyytlz.wz@163.com>
Acked-by: Dimitri Sivanich <sivanich@hpe.com>
Link: https://lore.kernel.org/r/20221110035033.19498-1-zyytlz.wz@163.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-11-23 19:55:48 +01:00
..
altera-stapl misc: move from strlcpy with unused retval to strscpy 2022-09-01 16:29:42 +02:00
bcm-vk misc: bcm_vk: Remove usage of deprecated functions 2022-09-01 16:29:32 +02:00
c2port
cardreader Merge 5.19-rc6 into char-misc-next 2022-07-11 08:32:58 +02:00
cb710
cxl cxl: remove vma linked list walk 2022-09-26 19:46:20 -07:00
echo
eeprom Char/Misc and other driver changes for 6.1-rc1 2022-10-08 08:56:37 -07:00
genwqe misc: genwqe: card_base: Fix some kernel-doc warnings 2022-11-10 18:38:40 +01:00
habanalabs treewide: use get_random_u32() when possible 2022-10-11 17:42:58 -06:00
ibmasm
lis3lv02d i2c: Make remove callback return void 2022-08-16 12:46:26 +02:00
lkdtm hardening updates for v6.1-rc1 2022-10-03 17:24:22 -07:00
mchp_pci1xxxx misc: microchip: pci1xxxx: Fix a memory leak in the error handling of gp_aux_bus_probe() 2022-09-22 16:54:35 +02:00
mei mei: bus-fixup: change pxp mode only if message was sent 2022-11-23 19:43:33 +01:00
ocxl ocxl: fix pci device refcount leak when calling get_function_0() 2022-11-23 19:49:22 +01:00
pvpanic misc/pvpanic: Convert regular spinlock into trylock on panic path 2022-04-29 16:54:59 +02:00
sgi-gru misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os 2022-11-23 19:55:48 +01:00
sgi-xp drivers/misc/sgi-xp: Remove orphan declarations from drivers/misc/sgi-xp/xp.h 2022-09-24 14:57:19 +02:00
ti-st
uacce uacce: Handle parent device removal or parent driver module rmmod 2022-07-01 10:35:08 +02:00
vmw_vmci misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() 2022-11-09 15:40:03 +01:00
ad525x_dpot-i2c.c i2c: Make remove callback return void 2022-08-16 12:46:26 +02:00
ad525x_dpot-spi.c
ad525x_dpot.c
ad525x_dpot.h
apds990x.c i2c: Make remove callback return void 2022-08-16 12:46:26 +02:00
apds9802als.c i2c: Make remove callback return void 2022-08-16 12:46:26 +02:00
atmel-ssc.c misc: update maintainer email address and description for atmel-ssc 2022-08-03 11:03:03 +02:00
bh1770glc.c i2c: Make remove callback return void 2022-08-16 12:46:26 +02:00
cs5535-mfgpt.c
ds1682.c i2c: Make remove callback return void 2022-08-16 12:46:26 +02:00
dummy-irq.c
dw-xdata-pcie.c
enclosure.c
fastrpc.c Merge 6.0-rc4 into char-misc-next 2022-09-05 07:53:56 +02:00
gehc-achc.c
hi6421v600-irq.c misc: hi6421-spmi-pmic: Use generic_handle_irq_safe(). 2022-03-02 22:28:50 +01:00
hisi_hikey_usb.c
hmc6352.c i2c: Make remove callback return void 2022-08-16 12:46:26 +02:00
hpilo.c
hpilo.h
ibmvmc.c ibmvmc: don't open-code file_inode() 2022-09-01 17:42:27 -04:00
ibmvmc.h
ics932s401.c Char/Misc and other driver changes for 6.1-rc1 2022-10-08 08:56:37 -07:00
isl29003.c i2c: Make remove callback return void 2022-08-16 12:46:26 +02:00
isl29020.c i2c: Make remove callback return void 2022-08-16 12:46:26 +02:00
Kconfig misc: smpro-misc: Add Ampere's Altra SMpro misc driver 2022-11-10 19:03:03 +01:00
kgdbts.c kgdbts: fix return value of __setup handler 2022-03-18 14:17:56 +01:00
lattice-ecp3-config.c
Makefile misc: smpro-misc: Add Ampere's Altra SMpro misc driver 2022-11-10 19:03:03 +01:00
open-dice.c
pch_phub.c
pci_endpoint_test.c misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic 2022-09-09 10:24:12 +02:00
phantom.c
qcom-coincell.c
smpro-errmon.c misc: smpro-errmon: Add Ampere's SMpro error monitor driver 2022-11-10 19:02:43 +01:00
smpro-misc.c misc: smpro-misc: Add Ampere's Altra SMpro misc driver 2022-11-10 19:03:03 +01:00
sram-exec.c treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_320.RULE 2022-06-10 14:51:36 +02:00
sram.c
sram.h
tifm_7xx1.c misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() 2022-11-23 19:55:26 +01:00
tifm_core.c
tsl2550.c i2c: Make remove callback return void 2022-08-16 12:46:26 +02:00
vcpu_stall_detector.c misc: Add a mechanism to detect stalls on guest vCPUs 2022-07-14 16:54:17 +02:00
vmw_balloon.c - The usual batches of cleanups from Baoquan He, Muchun Song, Miaohe 2022-08-05 16:32:45 -07:00
xilinx_sdfec.c misc/xilinx_sdfec: Replace kmap() with kmap_local_page() 2022-09-09 10:22:36 +02:00