mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-29 13:53:33 +00:00
Code Issues Releases Wiki Activity
linux-stable/lib
History
Andrzej Hajda b3ae38966d debugobjects: Stop accessing objects after releasing hash bucket lock 
[ Upstream commit 9bb6362652 ]

After release of the hashbucket lock the tracking object can be modified or
freed by a concurrent thread.  Using it in such a case is error prone, even
for printing the object state:

    1. T1 tries to deactivate destroyed object, debugobjects detects it,
       hash bucket lock is released.

    2. T2 preempts T1 and frees the tracking object.

    3. The freed tracking object is allocated and initialized for a
       different to be tracked kernel object.

    4. T1 resumes and reports error for wrong kernel object.

Create a local copy of the tracking object before releasing the hash bucket
lock and use the local copy for reporting and fixups to prevent this.

Signed-off-by: Andrzej Hajda <andrzej.hajda@intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lore.kernel.org/r/20231025-debugobjects_fix-v3-1-2bc3bf7084c2@intel.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-02-05 20:12:47 +00:00
..
842
crypto
dim linux/dim: Do nothing if no time delta between samples 2023-05-24 17:32:31 +01:00
fonts
kunit kunit: debugfs: Fix unchecked dereference in debugfs_print_results() 2024-01-25 15:27:21 -08:00
livepatch
lz4
lzo
math
mpi crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() 2023-09-23 11:11:02 +02:00
pldmfw
raid6
reed_solomon
test_fortify
vdso
xz
zlib_deflate
zlib_dfltcc
zlib_inflate
zstd zstd: Fix array-index-out-of-bounds UBSAN warning 2023-12-13 18:39:04 +01:00
.gitignore
argv_split.c
ashldi3.c
ashrdi3.c
asn1_decoder.c
asn1_encoder.c
assoc_array.c
atomic64.c
atomic64_test.c
audit.c
base64.c
bcd.c
bch.c
bitfield_kunit.c
bitmap.c lib/bitmap: drop optimization of bitmap_{from,to}_arr64 2023-07-19 16:21:58 +02:00
bitrev.c
bootconfig-data.S
bootconfig.c
bsearch.c
btree.c
bucket_locks.c
bug.c cpuidle: lib/bug: Disable rcu_is_watching() during WARN/BUG 2023-03-10 09:33:47 +01:00
build_OID_registry
buildid.c
bust_spinlocks.c
check_signature.c
checksum.c
clz_ctz.c lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels 2023-08-30 16:11:08 +02:00
clz_tab.c
cmdline.c
cmdline_kunit.c
cmpdi2.c
compat_audit.c
cpu_rmap.c lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release() 2023-06-14 11:15:22 +02:00
cpumask.c
cpumask_kunit.c
crc-ccitt.c
crc-itu-t.c
crc-t10dif.c
crc4.c
crc7.c
crc8.c
crc16.c
crc32.c
crc32defs.h
crc32test.c
crc64-rocksoft.c
crc64.c
ctype.c
debug_info.c
debug_locks.c
debugobjects.c debugobjects: Stop accessing objects after releasing hash bucket lock 2024-02-05 20:12:47 +00:00
dec_and_lock.c
decompress.c
decompress_bunzip2.c
decompress_inflate.c
decompress_unlz4.c
decompress_unlzma.c
decompress_unlzo.c
decompress_unxz.c
decompress_unzstd.c
devmem_is_allowed.c
devres.c
digsig.c
dump_stack.c
dynamic_debug.c
dynamic_queue_limits.c
earlycpio.c
errname.c parisc: Drop the HP-UX ENOSYM and EREMOTERELEASE error codes 2023-12-08 08:51:15 +01:00
error-inject.c
errseq.c
extable.c
fault-inject-usercopy.c
fault-inject.c
fdt.c
fdt_addresses.c
fdt_empty_tree.c
fdt_ro.c
fdt_rw.c
fdt_strerror.c
fdt_sw.c
fdt_wip.c
find_bit.c
find_bit_benchmark.c
flex_proportions.c
fortify_kunit.c
gen_crc32table.c
gen_crc64table.c
genalloc.c
generic-radix-tree.c lib/generic-radix-tree.c: Don't overflow in peek() 2023-11-28 17:06:54 +00:00
glob.c
globtest.c
group_cpus.c genirq/affinity: Only build SMP-only helper functions on SMP kernels 2024-01-10 17:10:36 +01:00
hexdump.c
hweight.c
idr.c ida: Fix crash in ida_free when the bitmap is empty 2024-01-20 11:50:09 +01:00
inflate.c
interval_tree.c
interval_tree_test.c
iomap.c
iomap_copy.c
iommu-helper.c
iov_iter.c
irq_poll.c
irq_regs.c
is_signed_type_kunit.c
is_single_threaded.c
kasprintf.c
Kconfig
Kconfig.debug btf, scripts: Exclude Rust CUs with pahole 2024-01-20 11:50:10 +01:00
Kconfig.kasan
Kconfig.kcsan
Kconfig.kfence
Kconfig.kgdb
Kconfig.kmsan
Kconfig.ubsan
kfifo.c
klist.c
kobject.c kobject: Add sanity check for kset->kobj.ktype in kset_register() 2023-09-23 11:11:07 +02:00
kobject_uevent.c
kstrtox.c
kstrtox.h
libcrc32c.c
linear_ranges.c
list-test.c
list_debug.c
list_sort.c
llist.c
locking-selftest-hardirq.h
locking-selftest-mutex.h
locking-selftest-rlock-hardirq.h
locking-selftest-rlock-softirq.h
locking-selftest-rlock.h
locking-selftest-rsem.h
locking-selftest-rtmutex.h
locking-selftest-softirq.h
locking-selftest-spin-hardirq.h
locking-selftest-spin-softirq.h
locking-selftest-spin.h
locking-selftest-wlock-hardirq.h
locking-selftest-wlock-softirq.h
locking-selftest-wlock.h
locking-selftest-wsem.h
locking-selftest.c
lockref.c
logic_iomem.c
logic_pio.c
lru_cache.c
lshrdi3.c
Makefile genirq/affinity: Move group_cpus_evenly() into lib/ 2024-01-10 17:10:33 +01:00
maple_tree.c maple_tree: add GFP_KERNEL to allocations in mas_expected_entries() 2023-11-02 09:35:24 +01:00
memcat_p.c
memcpy_kunit.c
memory-notifier-error-inject.c
memregion.c
memweight.c
muldi3.c
net_utils.c
netdev-notifier-error-inject.c
nlattr.c
nmi_backtrace.c
notifier-error-inject.c
notifier-error-inject.h
objagg.c
of-reconfig-notifier-error-inject.c
oid_registry.c
once.c
overflow_kunit.c
packing.c
parman.c
parser.c
pci_iomap.c
percpu-refcount.c
percpu_counter.c
percpu_test.c
plist.c
pm-notifier-error-inject.c
polynomial.c
radix-tree.c radix tree: remove unused variable 2023-08-30 16:11:08 +02:00
random32.c
ratelimit.c
rbtree.c
rbtree_test.c
ref_tracker.c
refcount.c
rhashtable.c
sbitmap.c sbitmap: Try each queue to wake up at least one waiter 2023-03-10 09:34:34 +01:00
scatterlist.c
seq_buf.c
sg_pool.c
sg_split.c
show_mem.c
siphash.c
slub_kunit.c
smp_processor_id.c
sort.c
stackdepot.c
stackinit_kunit.c
stmp_device.c
string.c
string_helpers.c
strncpy_from_user.c
strnlen_user.c
syscall.c
test-kstrtox.c
test-string_helpers.c
test_bitmap.c lib/bitmap: workaround const_eval test build failure 2023-08-11 12:08:10 +02:00
test_bitops.c
test_bits.c
test_blackhole_dev.c
test_bpf.c
test_debug_virtual.c
test_dynamic_debug.c
test_firmware.c test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation 2023-08-03 10:24:19 +02:00
test_fprobe.c fprobe: Pass entry_data to handlers 2023-10-25 12:03:12 +02:00
test_fpu.c
test_free_pages.c
test_hash.c
test_hexdump.c
test_hmm.c
test_hmm_uapi.h
test_ida.c ida: Fix crash in ida_free when the bitmap is empty 2024-01-20 11:50:09 +01:00
test_kmod.c
test_kprobes.c
test_linear_ranges.c
test_list_sort.c
test_lockup.c
test_maple_tree.c maple_tree: add GFP_KERNEL to allocations in mas_expected_entries() 2023-11-02 09:35:24 +01:00
test_memcat_p.c
test_meminit.c lib/test_meminit: fix off-by-one error in test_pages() 2023-10-15 18:32:41 +02:00
test_min_heap.c
test_module.c
test_objagg.c
test_parman.c
test_printf.c
test_ref_tracker.c
test_rhashtable.c
test_scanf.c lib: test_scanf: Add explicit type cast to result initialization in test_number_prefix() 2023-09-19 12:28:05 +02:00
test_siphash.c
test_sort.c
test_static_key_base.c
test_static_keys.c
test_string.c
test_strscpy.c
test_sysctl.c
test_ubsan.c
test_user_copy.c
test_uuid.c
test_vmalloc.c
test_xarray.c
textsearch.c
timerqueue.c
trace_readwrite.c
ts_bm.c lib/ts_bm: reset initial match offset for every block of text 2023-07-19 16:21:13 +02:00
ts_fsm.c
ts_kmp.c
ubsan.c
ubsan.h
ucmpdi2.c
ucs2_string.c
usercopy.c
uuid.c
vsprintf.c lib/vsprintf: Fix %pfwf when current node refcount == 0 2024-01-01 12:39:07 +00:00
win_minmax.c
xarray.c XArray: Do not return sibling entries from xa_load() 2023-09-13 09:43:00 +02:00
xxhash.c