linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-10 10:39:26 +00:00

No description

Find a file

Dmitry Torokhov 9eadcebe8c tty: vt: keyboard: reject invalid keycodes commit `b2b2dd71e0` upstream. Do not try to handle keycodes that are too big, otherwise we risk doing out-of-bounds writes: BUG: KASAN: global-out-of-bounds in clear_bit include/asm-generic/bitops-instrumented.h:56 [inline] BUG: KASAN: global-out-of-bounds in kbd_keycode drivers/tty/vt/keyboard.c:1411 [inline] BUG: KASAN: global-out-of-bounds in kbd_event+0xe6b/0x3790 drivers/tty/vt/keyboard.c:1495 Write of size 8 at addr ffffffff89a1b2d8 by task syz-executor108/1722 ... kbd_keycode drivers/tty/vt/keyboard.c:1411 [inline] kbd_event+0xe6b/0x3790 drivers/tty/vt/keyboard.c:1495 input_to_handler+0x3b6/0x4c0 drivers/input/input.c:118 input_pass_values.part.0+0x2e3/0x720 drivers/input/input.c:145 input_pass_values drivers/input/input.c:949 [inline] input_set_keycode+0x290/0x320 drivers/input/input.c:954 evdev_handle_set_keycode_v2+0xc4/0x120 drivers/input/evdev.c:882 evdev_do_ioctl drivers/input/evdev.c:1150 [inline] In this case we were dealing with a fuzzed HID device that declared over 12K buttons, and while HID layer should not be reporting to us such big keycodes, we should also be defensive and reject invalid data ourselves as well. Reported-by: syzbot+19340dff067c2d3835c0@syzkaller.appspotmail.com Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com> Cc: stable <stable@vger.kernel.org> Link: https://lore.kernel.org/r/20191122204220.GA129459@dtor-ws Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2019-12-13 08:52:43 +01:00
arch	x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect	2019-12-13 08:52:40 +01:00
block	block: call rq_qos_exit() after queue is frozen	2019-12-01 09:17:06 +01:00
certs	export.h: remove VMLINUX_SYMBOL() and VMLINUX_SYMBOL_STR()	2018-08-22 23:21:44 +09:00
crypto	crypto: ecc - check for invalid values in the key verification test	2019-12-13 08:51:24 +01:00
Documentation	rtc: dt-binding: abx80x: fix resistance scale	2019-12-13 08:51:36 +01:00
drivers	tty: vt: keyboard: reject invalid keycodes	2019-12-13 08:52:43 +01:00
firmware	kbuild: remove all dummy assignments to obj-	2017-11-18 11:46:06 +09:00
fs	CIFS: Fix SMB2 oplock break processing	2019-12-13 08:52:42 +01:00
include	xfrm interface: fix management of phydev	2019-12-13 08:52:42 +01:00
init	fork: fix some -Wmissing-prototypes warnings	2019-12-05 09:21:04 +01:00
ipc	ipc/mqueue.c: only perform resource calculation if user valid	2019-08-06 19:06:52 +02:00
kernel	sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision	2019-12-13 08:52:35 +01:00
lib	lib/genalloc.c: include vmalloc.h	2019-12-05 09:21:05 +01:00
LICENSES	LICENSES: Remove CC-BY-SA-4.0 license text	2018-10-18 11:28:50 +02:00
mm	mm/vmstat.c: fix NUMA statistics updates	2019-12-13 08:51:27 +01:00
net	xfrm interface: fix management of phydev	2019-12-13 08:52:42 +01:00
samples	vfio-mdev/samples: Use u8 instead of char for handle functions	2019-12-05 09:20:28 +01:00
scripts	modpost: skip ELF local symbols during section mismatch check	2019-12-13 08:52:20 +01:00
security	apparmor: delete the dentry in aafs_remove() to avoid a leak	2019-12-05 09:21:19 +01:00
sound	ALSA: hda - Add mute led support for HP ProBook 645 G4	2019-12-13 08:52:38 +01:00
tools	tools/bpf: make libbpf _GNU_SOURCE friendly	2019-12-13 08:52:15 +01:00
usr	kbuild: clean compressed initramfs image	2019-10-07 18:57:16 +02:00
virt	kvm: properly check debugfs dentry before using it	2019-12-05 09:21:14 +01:00
.clang-format	clang-format: Set IndentWrappedFunctionNames false	2018-08-01 18:38:51 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes	.gitattributes: set git diff driver for C source code files	2016-10-07 18:46:30 -07:00
.gitignore	Kbuild updates for v4.17 (2nd)	2018-04-15 17:21:30 -07:00
.mailmap	libnvdimm-for-4.19_misc	2018-08-25 18:13:10 -07:00
COPYING	COPYING: use the new text with points to the license files	2018-03-23 12:41:45 -06:00
CREDITS	9p: remove Ron Minnich from MAINTAINERS	2018-08-17 16:20:26 -07:00
Kbuild	Kbuild updates for v4.15	2017-11-17 17:45:29 -08:00
Kconfig	kconfig: move the "Executable file formats" menu to fs/Kconfig.binfmt	2018-08-02 08:06:55 +09:00
MAINTAINERS	USB: rio500: Remove Rio 500 kernel driver	2019-10-17 13:44:47 -07:00
Makefile	kbuild: fix single target build for external module	2019-12-13 08:52:21 +01:00
README	Docs: Added a pointer to the formatted docs to README	2018-03-21 09:02:53 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.