Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/drivers
History
Vasily Gorbik ea298e6ee8 s390/cio: avoid calling strlen on null pointer 
Fix the following kasan finding:
BUG: KASAN: global-out-of-bounds in ccwgroup_create_dev+0x850/0x1140
Read of size 1 at addr 0000000000000000 by task systemd-udevd.r/561

CPU: 30 PID: 561 Comm: systemd-udevd.r Tainted: G    B
Hardware name: IBM 3906 M04 704 (LPAR)
Call Trace:
([<0000000231b3db7e>] show_stack+0x14e/0x1a8)
 [<0000000233826410>] dump_stack+0x1d0/0x218
 [<000000023216fac4>] print_address_description+0x64/0x380
 [<000000023216f5a8>] __kasan_report+0x138/0x168
 [<00000002331b8378>] ccwgroup_create_dev+0x850/0x1140
 [<00000002332b618a>] group_store+0x3a/0x50
 [<00000002323ac706>] kernfs_fop_write+0x246/0x3b8
 [<00000002321d409a>] vfs_write+0x132/0x450
 [<00000002321d47da>] ksys_write+0x122/0x208
 [<0000000233877102>] system_call+0x2a6/0x2c8

Triggered by:
openat(AT_FDCWD, "/sys/bus/ccwgroup/drivers/qeth/group",
		O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0666) = 16
write(16, "0.0.bd00,0.0.bd01,0.0.bd02", 26) = 26

The problem is that __get_next_id in ccwgroup_create_dev might set "buf"
buffer pointer to NULL and explicit check for that is required.

Cc: stable@vger.kernel.org
Reviewed-by: Sebastian Ott <sebott@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
 		2019-09-23 23:27:52 +02:00
..
accessibility
acpi Merge branch 'x86-cpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-16 18:47:53 -07:00
amba
android binder: prevent transactions to context manager from its own process. 2019-07-24 11:02:28 +02:00
ata libata: add SG safety checks in SFF pio transfers 2019-08-07 12:23:57 -06:00
atm Kconfig: Fix the reference to the IDT77105 Phy driver in the description of ATM_NICSTAR_USE_IDT77105 2019-08-19 18:15:18 -07:00
auxdisplay auxdisplay: ht16k33: Make ht16k33_fb_fix and ht16k33_fb_var constant 2019-08-20 11:48:54 +02:00
base Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-16 16:28:19 -07:00
bcma
block rbd: restore zeroing past the overlap when reading from parent 2019-08-28 12:34:11 +02:00
bluetooth Bluetooth: bpa10x: change return value 2019-09-04 16:11:46 +02:00
bus ARM: SoC driver updates for v5.4 2019-09-16 15:52:38 -07:00
cdrom
char ia64 for v5.4 - big change here is removal of support for SGI Altix 2019-09-16 15:32:01 -07:00
clk ARM: DT updates for v5.4 2019-09-16 15:56:22 -07:00
clocksource Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-17 12:35:15 -07:00
connector connector: remove redundant input callback from cn_dev 2019-07-21 13:31:14 -07:00
counter
cpufreq x86/intel: Aggregate microserver naming 2019-08-28 11:29:32 +02:00
cpuidle PSCI: cpuidle: Refactor CPU suspend power_state parameter handling 2019-08-09 17:51:39 +01:00
crypto s390 updates for the 5.4 merge window 2019-09-17 14:04:43 -07:00
dax
dca
devfreq
dio
dma ARM: SoC platform updates for v5.4 2019-09-16 15:48:14 -07:00
dma-buf
edac Merge branch 'x86-cpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-16 18:47:53 -07:00
eisa
extcon
firewire firewire: mark expected switch fall-throughs 2019-07-25 20:09:37 -05:00
firmware Merge branch 'efi-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-16 16:47:38 -07:00
fpga FPGA Manager fixes for 5.3 2019-08-28 22:26:47 +02:00
fsi fsi: scom: Don't abort operations for minor errors 2019-08-28 22:59:18 +02:00
gnss
gpio ARM: SoC driver updates for v5.4 2019-09-16 15:52:38 -07:00
gpu Merge branch 'x86-vmware-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-16 19:40:24 -07:00
hid HID: wacom: correct misreported EKR ring values 2019-08-20 10:40:40 +02:00
hsi
hv Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-17 12:35:15 -07:00
hwmon ARM: SoC driver updates for v5.4 2019-09-16 15:52:38 -07:00
hwspinlock
hwtracing intel_th: pci: Add Tiger Lake support 2019-08-28 22:29:02 +02:00
i2c ARM: SoC platform updates for v5.4 2019-09-16 15:48:14 -07:00
i3c i3c: master: Use dev_to_i3cmaster() 2019-08-27 09:43:59 +02:00
ide ide: remove the sgiioc4 driver 2019-08-16 11:33:56 -07:00
idle x86/intel: Aggregate microserver naming 2019-08-28 11:29:32 +02:00
iio hwmon: Remove ads1015 driver 2019-09-03 12:47:17 -07:00
infiniband RDMA/siw: Fix IPv6 addr_list locking 2019-08-28 10:29:19 -04:00
input input/vmmouse: Update the backdoor call with support for new instructions 2019-08-28 13:43:01 +02:00
interconnect
iommu ia64 for v5.4 - big change here is removal of support for SGI Altix 2019-09-16 15:32:01 -07:00
ipack
irqchip Merge branch 'irq-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-17 11:42:15 -07:00
isdn isdn/capi: check message length in capi_write() 2019-09-07 17:44:25 +02:00
leds
lightnvm
macintosh drivers/macintosh/smu.c: Mark expected switch fall-through 2019-07-31 21:44:45 +10:00
mailbox
mcb
md dm table: fix invalid memory accesses with too high sector number 2019-08-23 10:11:42 -04:00
media dmaengine fixes for v5.3-rc5 2019-08-16 08:59:33 -07:00
memory iommu/mediatek: Clean up struct mtk_smi_iommu 2019-08-30 15:57:27 +02:00
memstick
message
mfd - Bug Fixes 2019-08-27 10:47:01 -07:00
misc ia64 for v5.4 - big change here is removal of support for SGI Altix 2019-09-16 15:32:01 -07:00
mmc mmc: tmio: Fixup runtime PM management during remove 2019-09-13 13:49:09 +02:00
mtd mtd: hyperbus: fix dependency and build error 2019-08-29 14:31:23 +02:00
mux
net ARM: SoC driver updates for v5.4 2019-09-16 15:52:38 -07:00
nfc NFC: st95hf: fix spelling mistake "receieve" -> "receive" 2019-09-11 15:07:07 +01:00
ntb NTB/msi: remove incorrect MODULE defines 2019-08-05 15:42:27 -04:00
nubus
nvdimm libnvdimm/pfn: Fix namespace creation on misaligned addresses 2019-08-28 10:33:13 -07:00
nvme nvme: Add quirk for LiteON CL1 devices running FW 22301111 2019-08-20 11:02:10 -06:00
nvmem nvmem: Use the same permissions for eeprom as for nvmem 2019-07-30 18:22:20 +02:00
of arm64 updates for 5.4: 2019-09-16 14:31:40 -07:00
opp
oprofile
parisc parisc: Disable HP HSC-PCI Cards to prevent kernel crash 2019-09-08 15:43:04 +02:00
parport
pci Merge branch 'irq-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-17 11:42:15 -07:00
pcmcia pcmcia: db1xxx_ss: Mark expected switch fall-throughs 2019-08-09 19:53:04 -05:00
perf Merge branches 'for-next/52-bit-kva', 'for-next/cpu-topology', 'for-next/error-injection', 'for-next/perf', 'for-next/psci-cpuidle', 'for-next/rng', 'for-next/smpboot', 'for-next/tbi' and 'for-next/tlbi' into for-next/core 2019-08-30 12:46:12 +01:00
phy
pinctrl This is the bulk of changes in the GPIO subsystem for the 2019-09-16 14:06:50 -07:00
platform platform-drivers-x86 for v5.4-1 2019-09-16 19:59:10 -07:00
pnp
power power: supply: ab8500_charger: Mark expected switch fall-through 2019-08-20 19:43:33 -05:00
powercap x86/intel: Aggregate microserver naming 2019-08-28 11:29:32 +02:00
pps
ps3
ptp
pwm pwm: Fallback to the static lookup-list when acpi_pwm_get fails 2019-08-08 13:17:38 +02:00
rapidio
ras RAS: Build debugfs.o only when enabled in Kconfig 2019-08-08 17:44:02 +02:00
regulator regulator: core: Fix error return for /sys access 2019-09-11 11:17:23 +01:00
remoteproc
reset ARM SCMI updates/fixes for v5.4 2019-08-14 20:46:38 +02:00
rpmsg
rtc
s390 s390/cio: avoid calling strlen on null pointer 2019-09-23 23:27:52 +02:00
sbus
scsi ia64 for v5.4 - big change here is removal of support for SGI Altix 2019-09-16 15:32:01 -07:00
sfi
sh
siox
slimbus
soc ARM: SoC driver updates for v5.4 2019-09-16 15:52:38 -07:00
soundwire soundwire: fix regmap dependencies and align with other serial links 2019-08-09 10:20:40 +05:30
spi ARM: SoC driver updates for v5.4 2019-09-16 15:52:38 -07:00
spmi
ssb
staging Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-09-17 12:35:15 -07:00
target scsi: target: tcmu: avoid use-after-free after command timeout 2019-08-14 21:58:55 -04:00
tc
tee
thermal int340X/processor_thermal_device: Fix proc_thermal_rapl_remove() 2019-07-23 09:36:07 +02:00
thunderbolt
tty ARM: SoC platform updates for v5.4 2019-09-16 15:48:14 -07:00
uio
usb ARM: SoC platform updates for v5.4 2019-09-16 15:48:14 -07:00
uwb
vfio iommu: Introduce struct iommu_iotlb_gather for batching TLB flushes 2019-07-24 13:35:27 +01:00
vhost Revert "vhost: block speculation of translated descriptors" 2019-09-14 15:21:51 -04:00
video ARM: SoC driver updates for v5.4 2019-09-16 15:52:38 -07:00
virt
virtio virtio_ring: fix unmap of indirect descriptors 2019-09-09 10:43:15 -04:00
visorbus
vlynq
vme
w1
watchdog ARM: SoC platform updates for v5.4 2019-09-16 15:48:14 -07:00
xen swiotlb: Split size parameter to map/unmap APIs 2019-09-11 12:34:29 +02:00
zorro
Kconfig ide: remove the sgiioc4 driver 2019-08-16 11:33:56 -07:00
Makefile drivers: remove the SGI SN2 IOC3 base support 2019-08-16 11:33:57 -07:00