linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-29 22:02:02 +00:00

No description

Find a file

Kuniyuki Iwashima a74c566334 af_unix: Read sk->sk_hash under bindlock during bind(). [ Upstream commit `51d1b25a72` ] syzkaller reported data-race of sk->sk_hash in unix_autobind() [0], and the same ones exist in unix_bind_bsd() and unix_bind_abstract(). The three bind() functions prefetch sk->sk_hash locklessly and use it later after validating that unix_sk(sk)->addr is NULL under unix_sk(sk)->bindlock. The prefetched sk->sk_hash is the hash value of unbound socket set in unix_create1() and does not change until bind() completes. There could be a chance that sk->sk_hash changes after the lockless read. However, in such a case, non-NULL unix_sk(sk)->addr is visible under unix_sk(sk)->bindlock, and bind() returns -EINVAL without using the prefetched value. The KCSAN splat is false-positive, but let's silence it by reading sk->sk_hash under unix_sk(sk)->bindlock. [0]: BUG: KCSAN: data-race in unix_autobind / unix_autobind write to 0xffff888034a9fb88 of 4 bytes by task 4468 on cpu 0: __unix_set_addr_hash net/unix/af_unix.c:331 [inline] unix_autobind+0x47a/0x7d0 net/unix/af_unix.c:1185 unix_dgram_connect+0x7e3/0x890 net/unix/af_unix.c:1373 __sys_connect_file+0xd7/0xe0 net/socket.c:2048 __sys_connect+0x114/0x140 net/socket.c:2065 __do_sys_connect net/socket.c:2075 [inline] __se_sys_connect net/socket.c:2072 [inline] __x64_sys_connect+0x40/0x50 net/socket.c:2072 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x4f/0x110 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x46/0x4e read to 0xffff888034a9fb88 of 4 bytes by task 4465 on cpu 1: unix_autobind+0x28/0x7d0 net/unix/af_unix.c:1134 unix_dgram_connect+0x7e3/0x890 net/unix/af_unix.c:1373 __sys_connect_file+0xd7/0xe0 net/socket.c:2048 __sys_connect+0x114/0x140 net/socket.c:2065 __do_sys_connect net/socket.c:2075 [inline] __se_sys_connect net/socket.c:2072 [inline] __x64_sys_connect+0x40/0x50 net/socket.c:2072 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x4f/0x110 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x46/0x4e value changed: 0x000000e4 -> 0x000001e3 Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 4465 Comm: syz-executor.0 Not tainted 6.8.0-12822-gcd51db110a7e #12 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 Fixes: `afd20b9290` ("af_unix: Replace the big lock with small locks.") Reported-by: syzkaller <syzkaller@googlegroups.com> Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com> Link: https://lore.kernel.org/r/20240522154218.78088-1-kuniyu@amazon.com Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Sasha Levin <sashal@kernel.org>		2024-06-12 11:39:49 +02:00
arch	riscv: stacktrace: fixed walk_stackframe()	2024-06-12 11:39:42 +02:00
block	blk-cgroup: Properly propagate the iostat update up the hierarchy	2024-06-12 11:39:37 +02:00
certs	This update includes the following changes:	2023-11-02 16:15:30 -10:00
crypto	KEYS: asymmetric: Add missing dependencies of FIPS_SIGNATURE_SELFTEST	2024-05-30 09:44:03 +02:00
Documentation	dt-bindings: PCI: rockchip,rk3399-pcie: Add missing maxItems to ep-gpios	2024-06-12 11:39:25 +02:00
drivers	enic: Validate length of nl attributes in enic_set_vf_port	2024-06-12 11:39:49 +02:00
fs	cifs: Fix missing set of remote_i_size	2024-06-12 11:39:44 +02:00
include	netkit: Fix pkt_type override upon netkit pass verdict	2024-06-12 11:39:48 +02:00
init	printk: Fix LOG_CPU_MAX_BUF_SHIFT when BASE_SMALL is enabled	2024-06-12 11:39:35 +02:00
io_uring	io_uring/net: fix sendzc lazy wake polling	2024-05-30 09:44:09 +02:00
ipc	sysctl changes for v6.9-rc1	2024-03-18 14:59:13 -07:00
kernel	dma-mapping: benchmark: handle NUMA_NO_NODE correctly	2024-06-12 11:39:46 +02:00
lib	ubsan: Restore dependency on ARCH_HAS_UBSAN	2024-06-12 11:39:38 +02:00
LICENSES	LICENSES: Add the copyleft-next-0.3.1 license	2022-11-08 15:44:01 +01:00
mm	mm/userfaultfd: Do not place zeropages when zeropages are disallowed	2024-05-30 09:44:07 +02:00
net	af_unix: Read sk->sk_hash under bindlock during bind().	2024-06-12 11:39:49 +02:00
rust	rust: remove `params` from `module` macro example	2024-04-25 17:34:33 +02:00
samples	samples/landlock: Fix incorrect free in populate_ruleset_net	2024-05-30 09:45:01 +02:00
scripts	s390/vdso: Create .build-id links for unstripped vdso files	2024-06-12 11:39:23 +02:00
security	KEYS: trusted: Do not use WARN when encode fails	2024-05-25 16:30:55 +02:00
sound	ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp	2024-06-12 11:39:49 +02:00
tools	bpf: Fix potential integer overflow in resolve_btfids	2024-06-12 11:39:48 +02:00
usr	Kbuild updates for v6.8	2024-01-18 17:57:07 -08:00
virt	KVM: Drop unused @may_block param from gfn_to_pfn_cache_invalidate_start()	2024-04-11 12:58:53 -07:00
.clang-format	clang-format: Update with v6.7-rc4's `for_each` macro list	2023-12-08 23:54:38 +01:00
.cocciconfig
.editorconfig	Add .editorconfig file for basic formatting	2023-12-28 16:22:47 +09:00
.get_maintainer.ignore	Add Jeff Kirsher to .get_maintainer.ignore	2024-03-08 11:36:54 +00:00
.gitattributes	.gitattributes: set diff driver for Rust source code files	2023-05-31 17:48:25 +02:00
.gitignore	kbuild: create a list of all built DTB files	2024-02-19 18:20:39 +09:00
.mailmap	18 hotfixes, 7 of which are cc:stable.	2024-05-10 14:16:03 -07:00
.rustfmt.toml	rust: add `.rustfmt.toml`	2022-09-28 09:02:20 +02:00
COPYING
CREDITS	MAINTAINERS: Drop Gustavo Pimentel as PCI DWC Maintainer	2024-03-27 13:41:02 -05:00
Kbuild	Kbuild updates for v6.1	2022-10-10 12:00:45 -07:00
Kconfig
MAINTAINERS	18 hotfixes, 7 of which are cc:stable.	2024-05-10 14:16:03 -07:00
Makefile	Linux 6.9.3	2024-05-30 09:45:04 +02:00
README	README: Fix spelling	2024-03-18 03:36:32 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the reStructuredText markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.