mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,249,662 Commits 103 Branches 4,992 Tags 5.4 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Go to file
Chao Yu eb70d5a6c9 f2fs: fix to avoid use-after-free issue in f2fs_filemap_fault 
syzbot reports a f2fs bug as below:

BUG: KASAN: slab-use-after-free in f2fs_filemap_fault+0xd1/0x2c0 fs/f2fs/file.c:49
Read of size 8 at addr ffff88807bb22680 by task syz-executor184/5058

CPU: 0 PID: 5058 Comm: syz-executor184 Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106
 print_address_description mm/kasan/report.c:377 [inline]
 print_report+0x163/0x540 mm/kasan/report.c:488
 kasan_report+0x142/0x170 mm/kasan/report.c:601
 f2fs_filemap_fault+0xd1/0x2c0 fs/f2fs/file.c:49
 __do_fault+0x131/0x450 mm/memory.c:4376
 do_shared_fault mm/memory.c:4798 [inline]
 do_fault mm/memory.c:4872 [inline]
 do_pte_missing mm/memory.c:3745 [inline]
 handle_pte_fault mm/memory.c:5144 [inline]
 __handle_mm_fault+0x23b7/0x72b0 mm/memory.c:5285
 handle_mm_fault+0x27e/0x770 mm/memory.c:5450
 do_user_addr_fault arch/x86/mm/fault.c:1364 [inline]
 handle_page_fault arch/x86/mm/fault.c:1507 [inline]
 exc_page_fault+0x456/0x870 arch/x86/mm/fault.c:1563
 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:570

The root cause is: in f2fs_filemap_fault(), vmf->vma may be not alive after
filemap_fault(), so it may cause use-after-free issue when accessing
vmf->vma->vm_flags in trace_f2fs_filemap_fault(). So it needs to keep vm_flags
in separated temporary variable for tracepoint use.

Fixes: 87f3afd366 ("f2fs: add tracepoint for f2fs_vm_page_mkwrite()")
Reported-and-tested-by: syzbot+763afad57075d3f862f2@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/lkml/000000000000e8222b060f00db3b@google.com
Cc: Ed Tsai <Ed.Tsai@mediatek.com>
Suggested-by: Hillf Danton <hdanton@sina.com>
Signed-off-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
 		2024-03-14 09:14:53 -07:00
Documentation f2fs: introduce FAULT_NO_SEGMENT 2024-02-29 08:34:34 -08:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
arch IOMMU Fixes for Linux v6.8-rc2 2024-02-02 12:43:51 -08:00
block block: Fix where bio IO priority gets set 2024-02-01 11:00:06 -07:00
certs This update includes the following changes: 2023-11-02 16:15:30 -10:00
crypto crypto: scomp - fix req->dst buffer overflow 2023-12-29 11:25:56 +08:00
drivers Char/Misc driver fixes for 6.8-rc3 2024-02-04 07:01:39 +00:00
fs f2fs: fix to avoid use-after-free issue in f2fs_filemap_fault 2024-03-14 09:14:53 -07:00
include f2fs: fix to truncate meta inode pages forcely 2024-03-12 18:25:17 -07:00
init Kconfig: Disable -Wstringop-overflow for GCC globally 2024-02-01 14:57:17 -08:00
io_uring io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers 2024-02-01 06:42:36 -07:00
ipc shm: Slim down dependencies 2023-12-20 19:26:31 -05:00
kernel Tracing and eventfs fixes for v6.8: 2024-02-02 15:32:58 -08:00
lib linux_kselftest-kunit-fixes-6.8-rc3 2024-01-30 15:12:58 -08:00
mm 22 hotfixes. 11 are cc:stable and the remainder address post-6.7 issues 2024-01-29 17:12:16 -08:00
net Including fixes from netfilter. 2024-02-01 12:39:54 -08:00
rust Rust changes for v6.8 2024-01-11 13:05:41 -08:00
samples samples/cgroup: add .gitignore file for generated samples 2024-01-24 11:52:40 -08:00
scripts Kbuild fixes for v6.8 2024-02-01 11:57:42 -08:00
security lsm/stable-6.8 PR 20240131 2024-02-01 10:00:28 -08:00
sound ASoC: Fixes for v6.8 2024-02-01 19:40:42 +01:00
tools perf tools fixes for v6.8: 2024-02-03 12:52:36 +00:00
usr Kbuild updates for v6.8 2024-01-18 17:57:07 -08:00
virt Generic: 2024-01-17 13:03:37 -08:00
.clang-format clang-format: Update with v6.7-rc4's `for_each` macro list 2023-12-08 23:54:38 +01:00
.cocciconfig
.editorconfig Add .editorconfig file for basic formatting 2023-12-28 16:22:47 +09:00
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore Add .editorconfig file for basic formatting 2023-12-28 16:22:47 +09:00
.mailmap Char/Misc and other Driver changes for 6.8-rc1 2024-01-17 16:47:17 -08:00
.rustfmt.toml rust: add `.rustfmt.toml` 2022-09-28 09:02:20 +02:00
COPYING
CREDITS MAINTAINERS: supplement of zswap maintainers update 2024-01-25 23:52:21 -08:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS MAINTAINERS update to point people to the new tree for i2c host driver 2024-02-04 06:47:45 +00:00
Makefile Linux 6.8-rc3 2024-02-04 12:20:36 +00:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.