linux-stable/drivers
George Kennedy c9ee8144e4 libata: if T_LENGTH is zero, dma direction should be DMA_NONE
commit 5da5231bb4 upstream.

Avoid data corruption by rejecting pass-through commands where
T_LENGTH is zero (No data is transferred) and the dma direction
is not DMA_NONE.

Cc: <stable@vger.kernel.org>
Reported-by: syzkaller<syzkaller@googlegroups.com>
Signed-off-by: George Kennedy<george.kennedy@oracle.com>
Signed-off-by: Damien Le Moal <damien.lemoal@opensource.wdc.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-12-22 09:29:39 +01:00
..
accessibility
acpi ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses 2021-11-17 09:48:47 +01:00
amba ARM: 9120/1: Revert "amba: make use of -1 IRQs warn" 2021-11-06 13:59:45 +01:00
android binder: use wake_up_pollfree() 2021-12-14 14:49:02 +01:00
ata libata: if T_LENGTH is zero, dma direction should be DMA_NONE 2021-12-22 09:29:39 +01:00
atm atm: nicstar: register the interrupt handler in the right place 2021-07-19 08:53:12 +02:00
auxdisplay auxdisplay: ht16k33: Fix frame buffer device blanking 2021-11-17 09:48:45 +01:00
base firmware_loader: fix pre-allocated buf built-in firmware use 2021-11-26 10:47:15 +01:00
bcma bcma: Fix memory leak for internally-handled cores 2021-09-15 09:47:37 +02:00
block xen/blkfront: don't trust the backend response data blindly 2021-12-01 09:23:35 +01:00
bluetooth Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync 2021-11-17 09:48:34 +01:00
bus bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893 2021-10-13 10:08:19 +02:00
cdrom cdrom: gdrom: initialize global variable at init time 2021-05-26 12:05:19 +02:00
char parisc/agp: Annotate parisc agp init functions with __init 2021-12-17 10:12:23 +01:00
clk clk: Don't parent clks until the parent is fully registered 2021-12-22 09:29:36 +01:00
clocksource clocksource/drivers/timer-ti-dm: Select TIMER_OF 2021-11-17 09:48:39 +01:00
connector
counter counter: 104-quad-8: Return error when invalid mode during ceiling_write 2021-09-15 09:47:34 +02:00
cpufreq cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink() 2021-12-08 09:01:11 +01:00
cpuidle cpuidle: Fix kobject memory leaks in error paths 2021-11-17 09:48:36 +01:00
crypto crypto: qat - disregard spurious PFVF interrupts 2021-11-17 09:48:36 +01:00
dax
dca
devfreq
dio
dma dmaengine: st_fdma: fix MODULE_ALIAS 2021-12-22 09:29:36 +01:00
dma-buf dma-buf: WARN on dmabuf release with pending attachments 2021-11-17 09:48:27 +01:00
edac EDAC/amd64: Handle three rank interleaving mode 2021-11-17 09:48:36 +01:00
eisa
extcon extcon: intel-mrfld: Sync hardware and software state on init 2021-07-19 08:53:16 +02:00
firewire
firmware firmware: arm_scpi: Fix string overflow in SCPI genpd driver 2021-12-22 09:29:34 +01:00
fpga fpga: machxo2-spi: Fix missing error code in machxo2_write_complete() 2021-09-30 10:09:23 +02:00
fsi fsi/sbefifo: Fix reset timeout 2021-07-14 16:53:42 +02:00
gnss
gpio gpio: pca953x: Improve bias setting 2021-10-20 11:40:15 +02:00
gpu drm/amd/display: add connector type check for CRC source set 2021-12-17 10:12:24 +01:00
greybus
hid HID: check for valid USB device for many HID drivers 2021-12-14 14:48:59 +01:00
hsi
hv hyperv/vmbus: include linux/bitops.h 2021-11-17 09:48:20 +01:00
hwmon hwmon: (dell-smm) Fix warning on /proc/i8k creation error 2021-12-17 10:12:24 +01:00
hwspinlock
hwtracing intel_th: Wait until port is in reset before programming it 2021-07-20 16:10:46 +02:00
i2c i2c: rk3x: Handle a spurious start completion interrupt flag 2021-12-17 10:12:23 +01:00
i3c
ide
idle
iio iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda 2021-12-22 09:29:35 +01:00
infiniband IB/hfi1: Correct guard on eager buffer deallocation 2021-12-14 14:49:00 +01:00
input Input: i8042 - Add quirk for Fujitsu Lifebook T725 2021-11-17 09:48:17 +01:00
interconnect
iommu iommu: Check if group is NULL before remove device 2021-08-26 08:36:15 -04:00
ipack ipack: ipoctal: fix module reference leak 2021-10-06 15:42:36 +02:00
irqchip irqchip: nvic: Fix offset for Interrupt Priority Offsets 2021-12-14 14:49:06 +01:00
isdn isdn: mISDN: Fix sleeping function called from invalid context 2021-10-27 09:54:29 +02:00
leds leds: trigger: audio: Add an activate callback to ensure the initial brightness is set 2021-09-15 09:47:33 +02:00
lightnvm
macintosh
mailbox
mcb mcb: fix error handling in mcb_alloc_bus() 2021-09-30 10:09:22 +02:00
md dm btree remove: fix use after free in rebalance_children() 2021-12-22 09:29:35 +01:00
media media: cec: copy sequence field for the reply 2021-12-01 09:23:28 +01:00
memory memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe 2021-11-17 09:48:42 +01:00
memstick memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() 2021-11-17 09:48:37 +01:00
message
mfd mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set 2021-09-22 12:26:44 +02:00
misc misc: fastrpc: fix improper packet size calculation 2021-12-14 14:49:06 +01:00
mmc mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB 2021-12-01 09:23:29 +01:00
mtd mtd: rawnand: fsmc: Fix timing computation 2021-12-14 14:49:03 +01:00
mux
net net: systemport: Add global locking for descriptor lifecycle 2021-12-22 09:29:38 +01:00
nfc nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails 2021-11-17 09:48:47 +01:00
ntb NTB: perf: Fix an error code in perf_setup_inbuf() 2021-09-22 12:26:44 +02:00
nubus
nvdimm libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind 2021-10-06 15:42:38 +02:00
nvme nvmet: use IOCB_NOWAIT only if the filesystem supports it 2021-12-01 09:23:33 +01:00
nvmem nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells 2021-10-20 11:40:14 +02:00
of of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS 2021-09-22 12:26:34 +02:00
opp opp: Fix return in _opp_add_static_v2() 2021-11-17 09:48:44 +01:00
oprofile
parisc parisc: Move pci_dev_is_behind_card_dino to where it is used 2021-09-26 14:07:10 +02:00
parport parport: remove non-zero check on count 2021-09-22 12:26:36 +02:00
pci PCI/MSI: Mask MSI-X vectors only on success 2021-12-22 09:29:38 +01:00
pcmcia pcmcia: i82092: fix a null pointer dereference bug 2021-08-12 13:21:03 +02:00
perf drivers/perf: fix the missed ida_simple_remove() in ddr_perf_probe() 2021-07-14 16:53:14 +02:00
phy phy: qcom-qusb2: Fix a memory leak on probe 2021-11-17 09:48:43 +01:00
pinctrl pinctrl: armada-37xx: Correct PWM pins definitions 2021-12-01 09:23:31 +01:00
platform platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep 2021-12-08 09:01:09 +01:00
pnp
power power: supply: bq27xxx: Fix kernel crash on IRQ handler register error 2021-11-17 09:48:44 +01:00
powercap
pps
ps3
ptp ptp_pch: Load module automatically if ID matches 2021-10-13 10:08:19 +02:00
pwm pwm: stm32-lp: Don't modify HW state in .remove() callback 2021-09-26 14:07:13 +02:00
rapidio rapidio: handle create_workqueue() failure 2021-05-26 12:05:17 +02:00
ras
regulator regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled 2021-11-17 09:48:22 +01:00
remoteproc
reset reset: socfpga: add empty driver allowing consumers to probe 2021-11-17 09:48:20 +01:00
rpmsg
rtc rtc: rx8010: select REGMAP_I2C 2021-09-26 14:07:14 +02:00
s390 s390/cio: make ccw_device_dma_* more robust 2021-11-17 09:48:50 +01:00
sbus
scsi scsi: iscsi: Unblock session then wake up error handler 2021-12-08 09:01:09 +01:00
sfi
sh maple: fix wrong return value of maple_bus_init(). 2021-11-26 10:47:17 +01:00
siox
slimbus slimbus: ngd: reset dma setup during runtime pm 2021-08-26 08:36:21 -04:00
soc soc/tegra: fuse: Fix bitwise vs. logical OR warning 2021-12-22 09:29:37 +01:00
soundwire soundwire: stream: Fix test for DP prepare complete 2021-07-14 16:53:45 +02:00
spi spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in bcm_qspi_probe() 2021-11-17 09:48:33 +01:00
spmi
ssb ssb: Fix error return code in ssb_bus_scan() 2021-07-14 16:53:29 +02:00
staging staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() 2021-12-01 09:23:28 +01:00
target scsi: target: Fix alua_tg_pt_gps_count tracking 2021-11-26 10:47:16 +01:00
tc
tee tee: optee: Fix missing devices unregister during optee_remove 2021-10-27 09:54:25 +02:00
thermal thermal: core: Reset previous low and high trip during thermal zone init 2021-12-08 09:01:09 +01:00
thunderbolt thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue 2021-06-03 08:59:03 +02:00
tty serial: tegra: Change lower tolerance baud rate limit for tegra20 and tegra30 2021-12-14 14:48:58 +01:00
uio uio_hv_generic: Fix a memory leak in error handling paths 2021-05-26 12:05:17 +02:00
usb USB: serial: option: add Telit FN990 compositions 2021-12-22 09:29:39 +01:00
vfio vfio: Use config not menuconfig for VFIO_NOIOMMU 2021-09-22 12:26:23 +02:00
vhost vhost/vsock: fix incorrect used length reported to the guest 2021-12-01 09:23:34 +01:00
video vgacon: Propagate console boot parameters before calling `vc_resize' 2021-12-08 09:01:13 +01:00
virt
virtio virtio_ring: Fix querying of maximum DMA mapping size for virtio device 2021-12-22 09:29:34 +01:00
visorbus visorbus: fix error return code in visorchipset_init() 2021-07-14 16:53:42 +02:00
vlynq
vme
w1 w1: ds2438: fixing bug that would always get page0 2021-07-20 16:10:41 +02:00
watchdog ar7: fix kernel builds for compiler test 2021-11-17 09:48:46 +01:00
xen xen: detect uninitialized xenbus in xenbus_init 2021-12-01 09:23:28 +01:00
zorro
Kconfig
Makefile