mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-27 21:03:32 +00:00
Code Issues Releases Wiki Activity
No description
1153534 commits 105 branches 5097 tags 5.5 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Find a file
Kees Cook 7ab734fc75 scsi: aacraid: Allocate cmd_priv with scsicmd 
The aac_priv() helper assumes that the private cmd area immediately follows
struct scsi_cmnd. Allocate this space as part of scsicmd, else there is a
risk of heap overflow. Seen with GCC 13:

../drivers/scsi/aacraid/aachba.c: In function 'aac_probe_container':
../drivers/scsi/aacraid/aachba.c:841:26: warning: array subscript 16 is outside array bounds of 'void[392]' [-Warray-bounds=]
  841 |         status = cmd_priv->status;
      |                          ^~
In file included from ../include/linux/resource_ext.h:11,
                 from ../include/linux/pci.h:40,
                 from ../drivers/scsi/aacraid/aachba.c:22:
In function 'kmalloc',
    inlined from 'kzalloc' at ../include/linux/slab.h:720:9,
    inlined from 'aac_probe_container' at ../drivers/scsi/aacraid/aachba.c:821:30:
../include/linux/slab.h:580:24: note: at offset 392 into object of size 392 allocated by 'kmalloc_trace'
  580 |                 return kmalloc_trace(
      |                        ^~~~~~~~~~~~~~
  581 |                                 kmalloc_caches[kmalloc_type(flags)][index],
      |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  582 |                                 flags, size);
      |                                 ~~~~~~~~~~~~

Fixes: 76a3451b64 ("scsi: aacraid: Move the SCSI pointer to private command data")
Link: https://lore.kernel.org/r/20230128000409.never.976-kees@kernel.org
Cc: Bart Van Assche <bvanassche@acm.org>
Cc: Hannes Reinecke <hare@suse.de>
Cc: Himanshu Madhani <himanshu.madhani@oracle.com>
Cc: Adaptec OEM Raid Solutions <aacraid@microsemi.com>
Cc: "James E.J. Bottomley" <jejb@linux.ibm.com>
Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
Cc: linux-scsi@vger.kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Vegard Nossum <vegard.nossum@oracle.com>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2023-02-08 18:49:48 -05:00
arch treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
block treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
certs certs: make system keyring depend on built-in x509 parser 2022-09-24 04:31:18 +09:00
crypto This update includes the following changes: 2022-12-14 12:31:09 -08:00
Documentation scsi: ufs: qcom: dt-bindings: Add SM8550 compatible string 2023-02-08 18:05:23 -05:00
drivers scsi: aacraid: Allocate cmd_priv with scsicmd 2023-02-08 18:49:48 -05:00
fs treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
include scsi: ufs: exynos: Fix DMA alignment for PAGE_SIZE != 4096 2023-01-23 21:35:54 -05:00
init Kbuild updates for v6.2 2022-12-19 12:33:32 -06:00
io_uring io_uring/net: fix cleanup after recycle 2022-12-19 08:28:28 -07:00
ipc Non-MM patches for 6.2-rc1. 2022-12-12 17:28:58 -08:00
kernel kernel hardening fixes for v6.2-rc1 2022-12-23 12:00:24 -08:00
lib test_maple_tree: add test for mas_spanning_rebalance() on insufficient data 2022-12-21 14:31:52 -08:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
mm hugetlb: really allocate vma lock for all sharable vmas 2022-12-21 14:31:52 -08:00
net treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
rust rust: types: add Opaque type 2022-12-04 01:59:16 +01:00
samples Char/Misc driver changes for 6.2-rc1 2022-12-16 03:49:24 -08:00
scripts modernize use of grep in coccicheck 2022-12-23 13:56:41 -08:00
security kernel hardening fixes for v6.2-rc1 2022-12-23 12:00:24 -08:00
sound treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
tools perf tools fixes and improvements for v6.2: 2nd batch 2022-12-22 11:07:29 -08:00
usr usr/gen_init_cpio.c: remove unnecessary -1 values from int file 2022-10-03 14:21:44 -07:00
virt ARM64: 2022-12-15 11:12:21 -08:00
.clang-format iommufd for 6.2 2022-12-14 09:15:43 -08:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore kbuild: Cleanup DT Overlay intermediate files as appropriate 2022-11-18 14:45:30 -06:00
.mailmap Non-MM patches for 6.2-rc1. 2022-12-12 17:28:58 -08:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: zram: zsmalloc: Add an additional co-maintainer 2022-12-15 16:37:49 -08:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS scsi: MAINTAINERS: Add entry for Exynos UFS driver 2023-01-18 18:25:53 -05:00
Makefile Linux 6.2-rc1 2022-12-25 13:41:39 -08:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.