linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-27 12:57:53 +00:00

No description

Find a file

Edward Adam Davis de6a91aed1 jfs: fix array-index-out-of-bounds in diNewExt [ Upstream commit `49f9637aaf` ] [Syz report] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_imap.c:2360:2 index -878706688 is out of range for type 'struct iagctl[128]' CPU: 1 PID: 5065 Comm: syz-executor282 Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106 ubsan_epilogue lib/ubsan.c:217 [inline] __ubsan_handle_out_of_bounds+0x11c/0x150 lib/ubsan.c:348 diNewExt+0x3cf3/0x4000 fs/jfs/jfs_imap.c:2360 diAllocExt fs/jfs/jfs_imap.c:1949 [inline] diAllocAG+0xbe8/0x1e50 fs/jfs/jfs_imap.c:1666 diAlloc+0x1d3/0x1760 fs/jfs/jfs_imap.c:1587 ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56 jfs_mkdir+0x1c5/0xb90 fs/jfs/namei.c:225 vfs_mkdir+0x2f1/0x4b0 fs/namei.c:4106 do_mkdirat+0x264/0x3a0 fs/namei.c:4129 __do_sys_mkdir fs/namei.c:4149 [inline] __se_sys_mkdir fs/namei.c:4147 [inline] __x64_sys_mkdir+0x6e/0x80 fs/namei.c:4147 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x45/0x110 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x63/0x6b RIP: 0033:0x7fcb7e6a0b57 Code: ff ff 77 07 31 c0 c3 0f 1f 40 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffd83023038 EFLAGS: 00000286 ORIG_RAX: 0000000000000053 RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007fcb7e6a0b57 RDX: 00000000000a1020 RSI: 00000000000001ff RDI: 0000000020000140 RBP: 0000000020000140 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000286 R12: 00007ffd830230d0 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [Analysis] When the agstart is too large, it can cause agno overflow. [Fix] After obtaining agno, if the value is invalid, exit the subsequent process. Reported-and-tested-by: syzbot+553d90297e6d2f50dbc7@syzkaller.appspotmail.com Signed-off-by: Edward Adam Davis <eadavis@qq.com> Modified the test from agno > MAXAG to agno >= MAXAG based on linux-next report by kernel test robot (Dan Carpenter). Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com> Signed-off-by: Sasha Levin <sashal@kernel.org>		2024-02-23 08:24:55 +01:00
arch	x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel	2024-02-23 08:24:54 +01:00
block	block: Remove special-casing of compound pages	2024-02-23 08:24:49 +01:00
certs	certs/blacklist_hashes.c: fix const confusion in certs blacklist	2022-06-22 14:11:22 +02:00
crypto	crypto: api - Disallow identical driver names	2024-02-23 08:24:48 +01:00
Documentation	rename(): fix the locking of subdirectories	2024-02-23 08:24:49 +01:00
drivers	crypto: stm32/crc32 - fix parsing list of devices	2024-02-23 08:24:55 +01:00
fs	jfs: fix array-index-out-of-bounds in diNewExt	2024-02-23 08:24:55 +01:00
include	x86/entry/ia32: Ensure s32 is sign extended to s64	2024-02-23 08:24:53 +01:00
init	rootfs: Fix support for rootfstype= when root= is given	2024-01-25 14:34:30 -08:00
ipc	ipc/sem: Fix dangling sem_array access in semtimedop race	2022-12-08 11:23:06 +01:00
kernel	audit: Send netlink ACK before setting connection in auditd_set	2024-02-23 08:24:54 +01:00
lib	ida: Fix crash in ida_free when the bitmap is empty	2024-01-25 14:34:21 -08:00
LICENSES	LICENSES: Rename other to deprecated	2019-05-03 06:34:32 -06:00
mm	mm: fix unmap_mapping_range high bits shift bug	2024-01-15 18:25:28 +01:00
net	rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock()	2024-02-23 08:24:55 +01:00
samples	samples/bpf: Fix buffer overflow in tcp_basertt	2023-07-27 08:37:07 +02:00
scripts	sign-file: Fix incorrect return values check	2023-12-20 15:41:17 +01:00
security	apparmor: avoid crash when parsed profile name is empty	2024-01-25 14:34:31 -08:00
sound	ALSA: oxygen: Fix right channel of capture volume mixer	2024-01-25 14:34:30 -08:00
tools	perf top: Skip side-band event setup if HAVE_LIBBPF_SUPPORT is not set	2024-01-25 14:34:33 -08:00
usr	initramfs: restore default compression behavior	2020-04-08 09:08:38 +02:00
virt	KVM: Destroy target device if coalesced MMIO unregistration fails	2023-03-11 16:44:01 +01:00
.clang-format	clang-format: Update with the latest for_each macro list	2019-08-31 10:00:51 +02:00
.cocciconfig
.get_maintainer.ignore	Opt out of scripts/get_maintainer.pl	2019-05-16 10:53:40 -07:00
.gitattributes
.gitignore	Modules updates for v5.4	2019-09-22 10:34:46 -07:00
.mailmap	ARM: SoC fixes	2019-11-10 13:41:59 -08:00
COPYING	COPYING: use the new text with points to the license files	2018-03-23 12:41:45 -06:00
CREDITS	MAINTAINERS: Remove Simon as Renesas SoC Co-Maintainer	2019-10-10 08:12:51 -07:00
Kbuild	kbuild: do not descend to ./Kbuild when cleaning	2019-08-21 21:03:58 +09:00
Kconfig	docs: kbuild: convert docs to ReST and rename to *.rst	2019-06-14 14:21:21 -06:00
MAINTAINERS	iio: stx104: Move to addac subdirectory	2023-08-30 16:27:12 +02:00
Makefile	Linux 5.4.268	2024-01-25 14:34:33 -08:00
README	Drop all 00-INDEX files from Documentation/	2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.