mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-02 23:27:06 +00:00
Code Issues Releases Wiki Activity
No description
793436 commits 105 branches 5103 tags 5.5 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Find a file
Jan Kara 6ce317fdc2 audit: Embed key into chunk 
[ Upstream commit 8d20d6e930 ]

Currently chunk hash key (which is in fact pointer to the inode) is
derived as chunk->mark.conn->obj. It is tricky to make this dereference
reliable for hash table lookups only under RCU as mark can get detached
from the connector and connector gets freed independently of the
running lookup. Thus there is a possible use after free / NULL ptr
dereference issue:

CPU1					CPU2
					untag_chunk()
					  ...
audit_tree_lookup()
  list_for_each_entry_rcu(p, list, hash) {
					  list_del_rcu(&chunk->hash);
					  fsnotify_destroy_mark(entry);
					  fsnotify_put_mark(entry)
    chunk_to_key(p)
      if (!chunk->mark.connector)
					    ...
					    hlist_del_init_rcu(&mark->obj_list);
					    if (hlist_empty(&conn->list)) {
					      inode = fsnotify_detach_connector_from_object(conn);
					    mark->connector = NULL;
					    ...
					    frees connector from workqueue
      chunk->mark.connector->obj

This race is probably impossible to hit in practice as the race window
on CPU1 is very narrow and CPU2 has a lot of code to execute. Still it's
better to have this fixed. Since the inode the chunk is attached to is
constant during chunk's lifetime it is easy to cache the key in the
chunk itself and thus avoid these issues.

Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-12-13 08:51:11 +01:00
arch ARM: 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+ 2019-12-13 08:51:10 +01:00
block block: call rq_qos_exit() after queue is frozen 2019-12-01 09:17:06 +01:00
certs export.h: remove VMLINUX_SYMBOL() and VMLINUX_SYMBOL_STR() 2018-08-22 23:21:44 +09:00
crypto crypto: user - support incremental algorithm dumps 2019-12-05 09:20:04 +01:00
Documentation HID: doc: fix wrong data structure reference for UHID_OUTPUT 2019-12-05 09:20:36 +01:00
drivers iwlwifi: mvm: Send non offchannel traffic via AP sta 2019-12-13 08:51:09 +01:00
firmware kbuild: remove all dummy assignments to obj- 2017-11-18 11:46:06 +09:00
fs exportfs_decode_fh(): negative pinned may become positive without the parent locked 2019-12-13 08:51:02 +01:00
include serial: core: Allow processing sysrq at port unlock time 2019-12-13 08:51:07 +01:00
init fork: fix some -Wmissing-prototypes warnings 2019-12-05 09:21:04 +01:00
ipc ipc/mqueue.c: only perform resource calculation if user valid 2019-08-06 19:06:52 +02:00
kernel audit: Embed key into chunk 2019-12-13 08:51:11 +01:00
lib lib/genalloc.c: include vmalloc.h 2019-12-05 09:21:05 +01:00
LICENSES LICENSES: Remove CC-BY-SA-4.0 license text 2018-10-18 11:28:50 +02:00
mm mm/page_alloc.c: deduplicate __memblock_free_early() and memblock_free() 2019-12-05 09:20:58 +01:00
net xfrm: release device reference for invalid state 2019-12-13 08:51:03 +01:00
samples vfio-mdev/samples: Use u8 instead of char for handle functions 2019-12-05 09:20:28 +01:00
scripts scripts/gdb: fix debugging modules compiled with hot/cold partitioning 2019-12-05 09:19:44 +01:00
security apparmor: delete the dentry in aafs_remove() to avoid a leak 2019-12-05 09:21:19 +01:00
sound ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() 2019-12-13 08:51:05 +01:00
tools selftests: kvm: fix build with glibc >= 2.30 2019-12-13 08:51:05 +01:00
usr kbuild: clean compressed initramfs image 2019-10-07 18:57:16 +02:00
virt kvm: properly check debugfs dentry before using it 2019-12-05 09:21:14 +01:00
.clang-format clang-format: Set IndentWrappedFunctionNames false 2018-08-01 18:38:51 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore Kbuild updates for v4.17 (2nd) 2018-04-15 17:21:30 -07:00
.mailmap libnvdimm-for-4.19_misc 2018-08-25 18:13:10 -07:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS 9p: remove Ron Minnich from MAINTAINERS 2018-08-17 16:20:26 -07:00
Kbuild Kbuild updates for v4.15 2017-11-17 17:45:29 -08:00
Kconfig kconfig: move the "Executable file formats" menu to fs/Kconfig.binfmt 2018-08-02 08:06:55 +09:00
MAINTAINERS USB: rio500: Remove Rio 500 kernel driver 2019-10-17 13:44:47 -07:00
Makefile Linux 4.19.88 2019-12-05 09:21:36 +01:00
README Docs: Added a pointer to the formatted docs to README 2018-03-21 09:02:53 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.