redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
Fork of alistair23 Linux kernel for reMarkable from https://github.com/alistair23/linux
880,529 Commits
15 Branches
0 Tags
3.4 GiB
C 97.7%
Assembly 1.4%
Makefile 0.3%
Shell 0.2%
Python 0.1%
Other 0.1%
 
 
 
 
 
 
Go to file
Eric Biggers 5f5fb7cea8 Smack: fix use-after-free in smk_write_relabel_self() 
commit beb4ee6770 upstream.

smk_write_relabel_self() frees memory from the task's credentials with
no locking, which can easily cause a use-after-free because multiple
tasks can share the same credentials structure.

Fix this by using prepare_creds() and commit_creds() to correctly modify
the task's credentials.

Reproducer for "BUG: KASAN: use-after-free in smk_write_relabel_self":

	#include <fcntl.h>
	#include <pthread.h>
	#include <unistd.h>

	static void *thrproc(void *arg)
	{
		int fd = open("/sys/fs/smackfs/relabel-self", O_WRONLY);
		for (;;) write(fd, "foo", 3);
	}

	int main()
	{
		pthread_t t;
		pthread_create(&t, NULL, thrproc, NULL);
		thrproc(NULL);
	}

Reported-by: syzbot+e6416dabb497a650da40@syzkaller.appspotmail.com
Fixes: 38416e5393 ("Smack: limited capability for changing process label")
Cc: <stable@vger.kernel.org> # v4.4+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-08-11 15:33:35 +02:00
Documentation doc: dt: bindings: usb: dwc3: Update entries for disabling SS instances in park mode 2020-07-22 09:32:59 +02:00
LICENSES LICENSES: Rename other to deprecated 2019-05-03 06:34:32 -06:00
arch arm64: Workaround circular dependency in pointer_auth.h 2020-08-07 09:34:01 +02:00
block block: fix get_max_segment_size() overflow on 32bit arch 2020-07-22 09:33:17 +02:00
certs PKCS#7: Refactor verify_pkcs7_signature() 2019-08-05 18:40:18 -04:00
crypto keys: asymmetric: fix error return code in software_key_query() 2020-07-22 09:33:04 +02:00
drivers binder: Prevent context manager from incrementing ref 0 2020-08-11 15:33:35 +02:00
fs io_uring: Fix use-after-free in io_sq_wq_submit_work() 2020-08-11 15:33:33 +02:00
include bpf: sockmap: Require attach_bpf_fd when detaching a program 2020-08-07 09:34:02 +02:00
init x86: Fix early boot crash on gcc-10, third try 2020-05-20 08:20:34 +02:00
ipc ipc/util.c: sysvipc_find_ipc() incorrectly updates position index 2020-05-20 08:20:16 +02:00
kernel perf/core: Fix endless multiplex timer 2020-08-11 15:33:32 +02:00
lib random32: remove net_rand_state from the latent entropy gcc plugin 2020-08-07 09:34:01 +02:00
mm mm/filemap.c: don't bother dropping mmap_sem for zero size readahead 2020-08-05 09:59:41 +02:00
net Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt() 2020-08-11 15:33:34 +02:00
samples samples/vfs: avoid warning in statx override 2020-07-09 09:37:54 +02:00
scripts scripts/gdb: fix lx-symbols 'gdb.error' while loading modules 2020-07-29 10:18:35 +02:00
security Smack: fix use-after-free in smk_write_relabel_self() 2020-08-11 15:33:35 +02:00
sound ALSA: seq: oss: Serialize ioctls 2020-08-11 15:33:33 +02:00
tools selftests: bpf: Fix detach from sockmap tests 2020-08-07 09:34:02 +02:00
usr initramfs: restore default compression behavior 2020-04-08 09:08:38 +02:00
virt KVM: arm64: Don't inherit exec permission across page-table levels 2020-08-05 09:59:51 +02:00
.clang-format clang-format: Update with the latest for_each macro list 2019-08-31 10:00:51 +02:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore Modules updates for v5.4 2019-09-22 10:34:46 -07:00
.mailmap ARM: SoC fixes 2019-11-10 13:41:59 -08:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS MAINTAINERS: Remove Simon as Renesas SoC Co-Maintainer 2019-10-10 08:12:51 -07:00
Kbuild kbuild: do not descend to ./Kbuild when cleaning 2019-08-21 21:03:58 +09:00
Kconfig docs: kbuild: convert docs to ReST and rename to *.rst 2019-06-14 14:21:21 -06:00
MAINTAINERS MAINTAINERS: Update drm/i915 bug filing URL 2020-02-28 17:22:19 +01:00
Makefile Linux 5.4.57 2020-08-07 09:34:02 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.