redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/drivers/nvdimm
History
Dan Carpenter 436af737c3 libnvdimm: Out of bounds read in __nd_ioctl() 
[ Upstream commit f84afbdd3a ]

The "cmd" comes from the user and it can be up to 255.  It it's more
than the number of bits in long, it results out of bounds read when we
check test_bit(cmd, &cmd_mask).  The highest valid value for "cmd" is
ND_CMD_CALL (10) so I added a compare against that.

Fixes: 62232e45f4 ("libnvdimm: control (ioctl) messages for nvdimm_bus and nvdimm devices")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Link: https://lore.kernel.org/r/20200225162055.amtosfy7m35aivxg@kili.mountain
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2020-04-23 10:36:42 +02:00
..
Kconfig libnvdimm: Enable unit test infrastructure compile checks 2019-09-07 04:28:05 -03:00
Makefile libnvdimm: Enable unit test infrastructure compile checks 2019-09-07 04:28:05 -03:00
badrange.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
blk.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 288 2019-06-05 17:36:37 +02:00
btt.c libnvdimm/btt: fix variable 'rc' set but not used 2020-01-04 19:18:12 +01:00
btt.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 288 2019-06-05 17:36:37 +02:00
btt_devs.c driver-core, libnvdimm: Let device subsystems add local lockdep coverage 2019-07-18 16:23:27 -07:00
bus.c libnvdimm: Out of bounds read in __nd_ioctl() 2020-04-23 10:36:42 +02:00
claim.c libnvdimm: nd_region flush callback support 2019-07-05 15:19:10 -07:00
core.c driver-core, libnvdimm: Let device subsystems add local lockdep coverage 2019-07-18 16:23:27 -07:00
dax_devs.c libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields 2019-07-18 17:08:07 -07:00
dimm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
dimm_devs.c libnvdimm/security: Consolidate 'security' operations 2019-08-29 13:51:57 -07:00
e820.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
label.c libnvdimm/label: Remove the dpa align check 2019-09-05 16:11:14 -07:00
label.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
namespace_devs.c libnvdimm: Fix endian conversion issues 2019-09-24 10:23:44 -07:00
nd-core.h libnvdimm/region: Rewrite _probe_success() to _advance_seeds() 2019-09-05 16:11:14 -07:00
nd.h libnvdimm/dax: Pick the right alignment default when creating dax devices 2019-09-24 10:23:41 -07:00
nd_virtio.c virtio_pmem: fix sparse warning 2019-07-16 19:44:26 -07:00
of_pmem.c libnvdimm/of_pmem: Provide a unique name for bus provider 2019-08-13 20:31:57 -07:00
pfn.h libnvdimm/pfn_dev: Add page size and struct page size to pfn superblock 2019-09-05 16:11:14 -07:00
pfn_devs.c libnvdimm fixes v5.4-rc1 2019-09-29 10:33:41 -07:00
pmem.c libnvdimm/pmem: Advance namespace seed for specific probe errors 2019-09-05 16:11:14 -07:00
pmem.h libnvdimm, pmem: Restore page attributes when clearing errors 2018-08-20 09:22:45 -07:00
region.c libnvdimm/region: Initialize bad block for volatile namespaces 2019-09-24 10:27:51 -07:00
region_devs.c libnvdimm/region: Enable MAP_SYNC for volatile regions 2019-09-24 10:33:19 -07:00
security.c libnvdimm: prevent nvdimm from requesting key when security is disabled 2019-09-24 10:30:10 -07:00
virtio_pmem.c virtio-pmem: Add virtio pmem driver 2019-07-05 15:19:10 -07:00
virtio_pmem.h virtio-pmem: Add virtio pmem driver 2019-07-05 15:19:10 -07:00