redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/drivers
History
Sagi Grimberg c70f6e0ac9 nvme-tcp: fix possible data corruption with bio merges 
commit ca1ff67d0f upstream.

When a bio merges, we can get a request that spans multiple
bios, and the overall request payload size is the sum of
all bios. When we calculate how much we need to send
from the existing bio (and bvec), we did not take into
account the iov_iter byte count cap.

Since multipage bvecs support, bvecs can split in the middle
which means that when we account for the last bvec send we
should also take the iov_iter byte count cap as it might be
lower than the last bvec size.

Reported-by: Hao Wang <pkuwangh@gmail.com>
Fixes: 3f2304f8c6 ("nvme-tcp: add NVMe over TCP host driver")
Tested-by: Hao Wang <pkuwangh@gmail.com>
Signed-off-by: Sagi Grimberg <sagi@grimberg.me>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2021-01-19 18:26:17 +01:00
..
accessibility
acpi ACPI: scan: Harden acpi_device_add() against device ID overflows 2021-01-19 18:26:12 +01:00
amba
android binder: add flag to clear buffer on txn complete 2020-12-30 11:51:35 +01:00
ata ata: sata_nv: Fix retrieving of active qcs 2020-11-05 11:43:12 +01:00
atm atm: idt77252: call pci_disable_device() on error path 2021-01-12 20:16:11 +01:00
auxdisplay
base regmap: debugfs: Fix a reversed if statement in regmap_debugfs_init() 2021-01-17 14:05:38 +01:00
bcma
block block: rsxx: select CONFIG_CRC32 2021-01-17 14:05:36 +01:00
bluetooth Bluetooth: revert: hci_h5: close serdev device and free hu in h5_close 2021-01-12 20:16:17 +01:00
bus bus: fsl-mc: fix error return code in fsl_mc_object_allocate() 2020-12-30 11:51:23 +01:00
cdrom
char virtio: virtio_console: fix DMA memory allocation for rproc serial 2020-11-18 19:20:29 +01:00
clk clk: tegra: Do not return 0 on failure 2020-12-30 11:51:46 +01:00
clocksource clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI 2020-12-30 11:51:19 +01:00
connector
counter
cpufreq cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get() 2021-01-17 14:05:35 +01:00
cpuidle cpuidle: Fixup IRQ state 2020-09-09 19:12:21 +02:00
crypto chtls: Fix chtls resources release sequence 2021-01-17 14:05:34 +01:00
dax device-dax/core: Fix memory leak when rmmod dax.ko 2020-12-30 11:51:46 +01:00
dca
devfreq PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out 2020-10-01 13:17:14 +02:00
dio
dma dmaengine: xilinx_dma: fix mixed_enum_type coverity warning 2021-01-17 14:05:36 +01:00
dma-buf dmabuf: fix use-after-free of dmabuf's file->f_inode 2021-01-12 20:16:23 +01:00
edac EDAC/amd64: Fix PCI component registration 2020-12-30 11:51:36 +01:00
eisa
extcon extcon: max77693: Fix modalias string 2020-12-30 11:51:24 +01:00
firewire
firmware efi: EFI_EARLYCON should depend on EFI 2020-12-02 08:49:53 +01:00
fpga fpga: dfl: fix bug in port reset handshake 2020-07-29 10:18:31 +02:00
fsi
gnss
gpio gpio: eic-sprd: break loop when getting NULL device resource 2020-12-30 11:50:55 +01:00
gpu drm/msm: Call msm_init_vram before binding the gpu 2021-01-19 18:26:16 +01:00
greybus
hid HID: wacom: Fix memory leakage caused by kfifo_alloc 2021-01-17 14:05:34 +01:00
hsi HSI: omap_ssi: Don't jump to free ID in ssi_add_controller() 2020-12-30 11:51:13 +01:00
hv Drivers: hv: vmbus: Allow cleanup of VMBUS_CONNECT_CPU if disconnected 2020-11-24 13:29:23 +01:00
hwmon hwmon: (pwm-fan) Ensure that calculation doesn't discard big period values 2021-01-19 18:26:15 +01:00
hwspinlock
hwtracing coresight: etb10: Fix possible NULL ptr dereference in etb_enable_perf() 2020-12-30 11:50:59 +01:00
i2c i2c: i801: Fix the i2c-mux gpiod_lookup_table not being properly terminated 2021-01-17 14:05:36 +01:00
i3c i3c master: fix missing destroy_workqueue() on error in i3c_master_register 2021-01-06 14:48:40 +01:00
ide scsi: ide: Do not set the RQF_PREEMPT flag for sense requests 2021-01-12 20:16:09 +01:00
idle
iio iio: imu: st_lsm6dsx: fix edge-trigger interrupts 2021-01-17 14:05:34 +01:00
infiniband RDMA/ocrdma: Fix use after free in ocrdma_dealloc_ucontext_pd() 2021-01-19 18:26:12 +01:00
input Input: cyapa_gen6 - fix out-of-bounds stack access 2020-12-30 11:51:32 +01:00
interconnect interconnect: qcom: qcs404: Remove GPU and display RPM IDs 2020-12-16 10:56:56 +01:00
iommu iommu/intel: Fix memleak in intel_irq_remapping_alloc 2021-01-17 14:05:37 +01:00
ipack
irqchip irqchip/alpine-msi: Fix freeing of interrupts on allocation error path 2020-12-30 11:51:25 +01:00
isdn misdn: dsp: select CONFIG_BITREVERSE 2021-01-19 18:26:15 +01:00
leds leds: bcm6328, bcm6358: use devres LED registering function 2020-11-05 11:43:24 +01:00
lightnvm lightnvm: select CONFIG_CRC32 2021-01-17 14:05:37 +01:00
macintosh macintosh/via-macii: Access autopoll_devs when inside lock 2020-08-19 08:16:15 +02:00
mailbox mailbox: avoid timer start from callback 2020-10-29 09:57:53 +01:00
mcb
md dm integrity: fix flush with external metadata device 2021-01-19 18:26:13 +01:00
media media: gp8psk: initialize stats at power control logic 2021-01-06 14:48:38 +01:00
memory memory: emif: Remove bogus debugfs error handling 2020-11-05 11:43:21 +01:00
memstick memstick: r592: Fix error return in r592_probe() 2020-12-30 11:51:18 +01:00
message scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() 2020-11-05 11:43:25 +01:00
mfd mfd: sprd: Add wakeup capability for PMIC IRQ 2020-11-18 19:20:26 +01:00
misc habanalabs: Fix memleak in hl_device_reset 2021-01-19 18:26:15 +01:00
mmc mmc: pxamci: Fix error return code in pxamci_probe 2020-12-30 11:51:11 +01:00
mtd Revert "mtd: spinand: Fix OOB read" 2021-01-09 13:44:54 +01:00
mux
net net: ethernet: fs_enet: Add missing MODULE_LICENSE 2021-01-19 18:26:15 +01:00
nfc nfc: s3fwrn5: Release the nfc firmware 2020-12-30 11:51:26 +01:00
ntb NTB: hw: amd: fix an issue about leak system resources 2020-10-29 09:58:00 +01:00
nubus
nvdimm libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels 2020-12-30 11:51:47 +01:00
nvme nvme-tcp: fix possible data corruption with bio merges 2021-01-19 18:26:17 +01:00
nvmem nvmem: core: fix possibly memleak when use nvmem_cell_info_to_nvmem_cell() 2020-10-29 09:57:42 +01:00
of of/address: Fix of_node memory leak in of_dma_is_coherent 2020-11-18 19:20:28 +01:00
opp opp: Reduce the size of critical section in _opp_table_kref_release() 2020-11-18 19:20:21 +01:00
oprofile
parisc parisc: mask out enable and reserved bits from sba imask 2020-08-19 08:16:26 +02:00
parport
pci PCI: Fix pci_slot_release() NULL pointer dereference 2020-12-30 11:51:47 +01:00
pcmcia
perf drivers/perf: thunderx2_pmu: Fix memory resource error handling 2020-10-29 09:57:30 +01:00
phy phy: renesas: rcar-gen3-usb2: disable runtime pm in case of failure 2020-12-30 11:51:19 +01:00
pinctrl pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler 2020-12-30 11:51:45 +01:00
platform platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12 2020-12-30 11:51:47 +01:00
pnp
power power: supply: bq24190_charger: fix reference leak 2020-12-30 11:51:14 +01:00
powercap powercap: restrict energy meter to root access 2020-11-10 21:13:20 +01:00
pps
ps3 powerpc/ps3: use dma_mapping_error() 2020-12-30 11:51:26 +01:00
ptp
pwm pwm: lp3943: Dynamically allocate PWM chip base 2020-12-30 11:51:28 +01:00
rapidio rapidio: fix the missed put_device() for rio_mport_add_riodev 2020-10-29 09:57:53 +01:00
ras
regulator regulator: bd718x7: Add enable times 2021-01-19 18:26:14 +01:00
remoteproc remoteproc: qcom: Fix potential NULL dereference in adsp_init_mmio() 2020-12-30 11:51:24 +01:00
reset
rpmsg rpmsg: glink: Use complete_all for open states 2020-11-05 11:43:20 +01:00
rtc rtc: pl031: fix resource leak in pl031_probe 2021-01-06 14:48:39 +01:00
s390 s390/qeth: fix L2 header access in qeth_l3_osa_features_check() 2021-01-17 14:05:32 +01:00
sbus
scsi scsi: scsi_transport_spi: Set RQF_PM for domain validation commands 2021-01-12 20:16:09 +01:00
sfi
sh
siox
slimbus slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI 2020-12-30 11:51:13 +01:00
soc soc: qcom: smp2p: Safely acquire spinlock without IRQs 2020-12-30 11:51:43 +01:00
soundwire soundwire: bus: disable pm_runtime in sdw_slave_delete 2020-10-01 13:17:36 +02:00
spi spi: stm32: FIFO threshold level - fix align packet size 2021-01-17 14:05:35 +01:00
spmi
ssb
staging exfat: Month timestamp metadata accidentally incremented 2021-01-17 14:05:34 +01:00
target scsi: target: Fix XCOPY NAA identifier lookup 2021-01-12 20:16:25 +01:00
tc
tee optee: add writeback to valid memory type 2020-12-02 08:49:53 +01:00
thermal thermal/drivers/cpufreq_cooling: Update cpufreq_state only if state has changed 2021-01-06 14:48:35 +01:00
thunderbolt thunderbolt: Fix use-after-free in remove_unplugged_switch() 2020-12-11 13:23:29 +01:00
tty serial_core: Check for port state when tty is in error state 2020-12-30 11:51:00 +01:00
uio uio: Fix use-after-free in uio_unregister_device() 2020-11-18 19:20:29 +01:00
usb usb: typec: Fix copy paste error for NVIDIA alt-mode description 2021-01-19 18:26:16 +01:00
vfio vfio iommu: Add dma available capability 2021-01-17 14:05:30 +01:00
vhost vhost_net: fix ubuf refcount incorrectly when sendmsg fails 2021-01-12 20:16:16 +01:00
video video: hyperv_fb: Fix the mmap() regression for v5.4.y and older 2021-01-12 20:16:17 +01:00
virt drivers/virt/fsl_hypervisor: Fix error handling path 2020-10-29 09:57:38 +01:00
virtio virtio_ring: Fix two use after free bugs 2020-12-30 11:51:29 +01:00
visorbus
vlynq
vme
w1 w1: mxc_w1: Fix timeout resolution problem leading to bus error 2020-11-05 11:43:25 +01:00
watchdog watchdog: coh901327: add COMMON_CLK dependency 2020-12-30 11:51:28 +01:00
xen xenbus/xenbus_backend: Disallow pending watch messages 2020-12-30 11:51:47 +01:00
zorro
Kconfig
Makefile