linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-19 09:04:57 +00:00

History

Vincent Whitchurch 837ba18dfc spi: spi-loopback-test: Fix out-of-bounds read The "tx/rx-transfer - crossing PAGE_SIZE" test always fails when len=131071 and rx_offset >= 5: spi-loopback-test spi0.0: Running test tx/rx-transfer - crossing PAGE_SIZE ... with iteration values: len = 131071, tx_off = 0, rx_off = 3 with iteration values: len = 131071, tx_off = 0, rx_off = 4 with iteration values: len = 131071, tx_off = 0, rx_off = 5 loopback strangeness - rx changed outside of allowed range at: ...a4321000 spi_msg@ffffffd5a4157690 frame_length: 131071 actual_length: 131071 spi_transfer@ffffffd5a41576f8 len: 131071 tx_buf: ffffffd5a4340ffc Note that rx_offset > 3 can only occur if the SPI controller driver sets ->dma_alignment to a higher value than 4, so most SPI controller drivers are not affect. The allocated Rx buffer is of size SPI_TEST_MAX_SIZE_PLUS, which is 132 KiB (assuming 4 KiB pages). This test uses an initial offset into the rx_buf of PAGE_SIZE - 4, and a len of 131071, so the range expected to be written in this transfer ends at (4096 - 4) + 5 + 131071 == 132 KiB, which is also the end of the allocated buffer. But the code which verifies the content of the buffer reads a byte beyond the allocated buffer and spuriously fails because this out-of-bounds read doesn't return the expected value. Fix this by using ITERATE_LEN instead of ITERATE_MAX_LEN to avoid testing sizes which cause out-of-bounds reads. Signed-off-by: Vincent Whitchurch <vincent.whitchurch@axis.com> Link: https://lore.kernel.org/r/20200902132341.7079-1-vincent.whitchurch@axis.com Signed-off-by: Mark Brown <broonie@kernel.org>		2020-09-02 19:38:24 +01:00
..
accessibility	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
acpi	libnvdimm for 5.8	2020-06-13 13:04:36 -07:00
amba
android	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
ata	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
atm	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
auxdisplay	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
base	linux-kselftest-kunit-5.8-rc1	2020-06-09 10:04:47 -07:00
bcma
block	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
bluetooth
bus	Char/Misc driver patches for 5.8-rc1	2020-06-07 10:59:32 -07:00
cdrom	Merge branch 'work.sysctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2020-06-10 16:05:54 -07:00
char	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
clk	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
clocksource	clocksource/drivers/timer-riscv: Use per-CPU timer interrupt	2020-06-09 19:11:22 -07:00
connector	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
counter
cpufreq	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
cpuidle	- Add the hwmon support on the i.MX SC (Anson Huang)	2020-06-12 14:10:21 -07:00
crypto	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2020-06-13 16:27:13 -07:00
dax
dca
devfreq
dio
dma	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
dma-buf	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
edac	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
eisa	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
extcon
firewire
firmware	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
fpga	Char/Misc driver patches for 5.8-rc1	2020-06-07 10:59:32 -07:00
fsi	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
gnss	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
gpio	spi: ppc4xx: Convert to use GPIO descriptors	2020-07-22 01:55:52 +01:00
gpu	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
greybus	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
hid	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
hsi	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
hv
hwmon	Merge branch 'x86/entry' into ras/core	2020-06-11 15:17:57 +02:00
hwspinlock
hwtracing	Char/Misc driver patches for 5.8-rc1	2020-06-07 10:59:32 -07:00
i2c	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
i3c
ide	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
idle
iio	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
infiniband	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
input	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
interconnect	More power management updates for 5.8-rc1	2020-06-10 14:04:39 -07:00
iommu	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
ipack	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
irqchip	clocksource/drivers/timer-riscv: Use per-CPU timer interrupt	2020-06-09 19:11:22 -07:00
isdn	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
leds
lightnvm
macintosh	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
mailbox	mailbox: qcom: Add ipq6018 apcs compatible	2020-06-10 22:43:57 -05:00
mcb
md	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
media	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
memory	memory: add Renesas RPC-IF driver	2020-07-01 22:45:14 +01:00
memstick
message	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
mfd	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
misc	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
mmc	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
most
mtd	spi: Move cadence-quadspi driver to drivers/spi/	2020-06-19 14:26:54 +01:00
mux
net	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2020-06-13 16:27:13 -07:00
nfc	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
ntb
nubus
nvdimm	libnvdimm for 5.8	2020-06-13 13:04:36 -07:00
nvme	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
nvmem
of	Driver core patches for 5.8-rc1	2020-06-07 10:53:36 -07:00
opp	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
oprofile	mmap locking API: convert mmap_sem comments	2020-06-09 09:39:14 -07:00
parisc
parport	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
pci	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
pcmcia	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
perf	arm64 merge window fixes for -rc1	2020-06-11 12:53:23 -07:00
phy
pinctrl	This is the bulk of pin control changes for the v5.8	2020-06-07 16:13:43 -07:00
platform	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
pnp	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
power	power supply and reset changes for the v5.8 series	2020-06-10 11:28:35 -07:00
powercap	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
pps	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
ps3
ptp	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
pwm
rapidio	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
ras
regulator
remoteproc	remoteproc updates for v5.8	2020-06-08 13:01:08 -07:00
reset	Char/Misc driver patches for 5.8-rc1	2020-06-07 10:59:32 -07:00
rpmsg	remoteproc updates for v5.8	2020-06-08 13:01:08 -07:00
rtc	RTC for 5.8	2020-06-07 16:11:23 -07:00
s390	s390 updates for the 5.8 merge window	2020-06-08 12:05:31 -07:00
sbus	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
scsi	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
sfi	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
sh
siox
slimbus
soc	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
soundwire
spi	spi: spi-loopback-test: Fix out-of-bounds read	2020-09-02 19:38:24 +01:00
spmi
ssb
staging	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
target	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
tc
tee	mmap locking API: use coccinelle to convert mmap_sem rwsem call sites	2020-06-09 09:39:14 -07:00
thermal	- Add the hwmon support on the i.MX SC (Anson Huang)	2020-06-12 14:10:21 -07:00
thunderbolt	USB/PHY driver updates for 5.8-rc1	2020-06-07 09:42:16 -07:00
tty	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
uio
usb	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
vdpa
vfio	kernel: better document the use_mm/unuse_mm API contract	2020-06-10 19:14:18 -07:00
vhost	Kbuild updates for v5.8 (2nd)	2020-06-13 13:29:16 -07:00
video	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
virt	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
virtio	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
visorbus	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
vlynq
vme	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
w1	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
watchdog	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
xen	The X86 entry, exception and interrupt code rework	2020-06-13 10:05:47 -07:00
zorro	treewide: replace '---help---' in Kconfig files with 'help'	2020-06-14 01:57:21 +09:00
Kconfig
Makefile