redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/block
History
Jens Axboe 5fabcb4c33 genhd: check for int overflow in disk_expand_part_tbl() 
We can get here from blkdev_ioctl() -> blkpg_ioctl() -> add_partition()
with a user passed in partno value. If we pass in 0x7fffffff, the
new target in disk_expand_part_tbl() overflows the 'int' and we
access beyond the end of ptbl->part[] and even write to it when we
do the rcu_assign_pointer() to assign the new partition.

Reported-by: David Ramos <daramos@stanford.edu>
Cc: stable@kernel.org
Signed-off-by: Jens Axboe <axboe@fb.com>
 		2014-11-19 13:09:07 -07:00
..
partitions block: Replace strnicmp with strncasecmp 2014-09-27 16:48:55 -06:00
Kconfig block: Add T10 Protection Information functions 2014-09-27 09:14:59 -06:00
Kconfig.iosched blkcg: make CONFIG_BLK_CGROUP bool 2012-03-06 21:27:21 +01:00
Makefile block: Add T10 Protection Information functions 2014-09-27 09:14:59 -06:00
bio-integrity.c bio-integrity: remove the needless fail handle of bip_slab creating 2014-10-13 15:09:38 -06:00
bio.c block: add bioset_create_nobvec() 2014-10-03 15:28:18 -06:00
blk-cgroup.c blkcg: remove blkcg->id 2014-09-08 09:55:37 -06:00
blk-cgroup.h blkcg: remove blkcg->id 2014-09-08 09:55:37 -06:00
blk-core.c Merge branch 'for-3.18/core' of git://git.kernel.dk/linux-block 2014-10-18 11:53:51 -07:00
blk-exec.c blk-mq: avoid infinite recursion with the FUA flag 2014-09-22 11:55:19 -06:00
blk-flush.c blk-mq: support per-distpatch_queue flush machinery 2014-09-25 15:22:45 -06:00
blk-integrity.c block: Don't merge requests if integrity flags differ 2014-09-27 09:14:57 -06:00
blk-ioc.c block: Substitute rcu_access_pointer() for rcu_dereference_raw() 2014-02-18 12:21:26 -08:00
blk-iopoll.c Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip into next 2014-06-03 12:57:53 -07:00
blk-lib.c block/blk-lib.c: make __blkdev_issue_zeroout static 2014-05-26 17:39:09 -06:00
blk-map.c block: remove struct request buffer member 2014-04-15 14:03:02 -06:00
blk-merge.c blk-merge: don't compute bi_phys_segments from bi_vcnt for cloned bio 2014-10-09 13:11:44 -06:00
blk-mq-cpu.c blk-mq: add file comments and update copyright notices 2014-05-28 10:15:41 -06:00
blk-mq-cpumap.c blk-mq: add file comments and update copyright notices 2014-05-28 10:15:41 -06:00
blk-mq-sysfs.c blk-mq, percpu_ref: start q->mq_usage_counter in atomic mode 2014-09-24 13:37:21 -04:00
blk-mq-tag.c blk-mq: Make bt_clear_tag() easier to read 2014-10-07 08:45:21 -06:00
blk-mq-tag.h blk-mq: bitmap tag: fix races on shared ::wake_index fields 2014-06-17 22:12:35 -07:00
blk-mq.c blk-mq: add blk_mq_free_hctx_request() 2014-11-17 10:41:57 -07:00
blk-mq.h block: introduce blk_init_flush and its pair 2014-09-25 15:22:35 -06:00
blk-settings.c block: remove artifical max_hw_sectors cap 2014-10-21 14:02:54 -06:00
blk-softirq.c block: fix regression with block enabled tagging 2014-04-09 21:54:06 -06:00
blk-sysfs.c Merge branch 'for-3.18/core' of git://git.kernel.dk/linux-block 2014-10-18 11:53:51 -07:00
blk-tag.c block: don't assume last put of shared tags is for the host 2014-07-08 12:25:28 +02:00
blk-throttle.c cgroup: remove sane_behavior support on non-default hierarchies 2014-07-09 10:08:08 -04:00
blk-timeout.c block: fix blk_abort_request on blk-mq 2014-09-22 12:00:08 -06:00
blk.h blk-mq: support per-distpatch_queue flush machinery 2014-09-25 15:22:45 -06:00
bounce.c mm: convert some level-less printks to pr_* 2014-06-06 16:08:18 -07:00
bsg-lib.c bsg: Remove unused function bsg_goose_queue() 2012-12-06 14:33:02 +01:00
bsg.c bsg: fix potential error pointer dereference 2014-08-29 08:34:14 -06:00
cfq-iosched.c Merge branch 'for-linus' into for-3.18/core 2014-09-11 09:31:18 -06:00
cmdline-parser.c block: remove unrelated header files and export symbol 2014-01-21 20:18:26 -08:00
compat_ioctl.c block, bdi: an active gendisk always has a request_queue associated with it 2014-09-08 10:00:35 -06:00
deadline-iosched.c block: Stop abusing csd.list for fifo_time 2014-02-24 14:46:32 -08:00
elevator.c Revert "block: add __init to elv_register" 2014-06-22 16:34:11 -06:00
genhd.c genhd: check for int overflow in disk_expand_part_tbl() 2014-11-19 13:09:07 -07:00
ioctl.c block, bdi: an active gendisk always has a request_queue associated with it 2014-09-08 10:00:35 -06:00
ioprio.c block: move ioprio.c from fs/ to block/ 2014-05-19 11:02:18 -06:00
noop-iosched.c elevator: Fix a race in elevator switching 2013-07-03 13:25:24 +02:00
partition-generic.c block: Fix dev_t minor allocation lifetime 2014-09-03 15:01:02 -06:00
scsi_ioctl.c Merge branch 'for-linus' into for-3.18/core 2014-09-11 09:31:18 -06:00
t10-pi.c block: Add T10 Protection Information functions 2014-09-27 09:14:59 -06:00