redonkable
/
remarkable-linux
1
0
Fork 0
Code Releases Activity
Fork of reMarkable kernel https://github.com/reMarkable/linux
708,884 Commits
26 Branches
0 Tags
2.7 GiB
C 97.7%
Assembly 1.6%
Makefile 0.3%
Perl 0.1%
 
 
 
 
Go to file
Bart Van Assche 39c4330c97 scsi: core: Fix a scsi_show_rq() NULL pointer dereference 
commit 14e3062fb1 upstream.

Avoid that scsi_show_rq() triggers a NULL pointer dereference if called
after sd_uninit_command(). Swap the NULL pointer assignment and the
mempool_free() call in sd_uninit_command() to make it less likely that
scsi_show_rq() triggers a use-after-free. Note: even with these changes
scsi_show_rq() can trigger a use-after-free but that's a lesser evil
than e.g. suppressing debug information for T10 PI Type 2 commands
completely. This patch fixes the following oops:

BUG: unable to handle kernel NULL pointer dereference at (null)
IP: scsi_format_opcode_name+0x1a/0x1c0
CPU: 1 PID: 1881 Comm: cat Not tainted 4.14.0-rc2.blk_mq_io_hang+ #516
Call Trace:
 __scsi_format_command+0x27/0xc0
 scsi_show_rq+0x5c/0xc0
 __blk_mq_debugfs_rq_show+0x116/0x130
 blk_mq_debugfs_rq_show+0xe/0x10
 seq_read+0xfe/0x3b0
 full_proxy_read+0x54/0x90
 __vfs_read+0x37/0x160
 vfs_read+0x96/0x130
 SyS_read+0x55/0xc0
 entry_SYSCALL_64_fastpath+0x1a/0xa5

[mkp: added Type 2]

Fixes: 0eebd005dd ("scsi: Implement blk_mq_ops.show_rq()")
Reported-by: Ming Lei <ming.lei@redhat.com>
Signed-off-by: Bart Van Assche <bart.vanassche@wdc.com>
Cc: James E.J. Bottomley <jejb@linux.vnet.ibm.com>
Cc: Martin K. Petersen <martin.petersen@oracle.com>
Cc: Ming Lei <ming.lei@redhat.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Hannes Reinecke <hare@suse.com>
Cc: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2017-12-20 10:10:20 +01:00
Documentation dt-bindings: usb: fix reg-property port-number range 2017-12-14 09:53:09 +01:00
arch arm64: fix CONFIG_DEBUG_WX address reporting 2017-12-20 10:10:20 +01:00
block blk-mq: Avoid that request queue removal can trigger list corruption 2017-12-17 15:08:00 +01:00
certs License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
crypto crypto: af_alg - fix NULL pointer dereference in 2017-12-20 10:10:17 +01:00
drivers scsi: core: Fix a scsi_show_rq() NULL pointer dereference 2017-12-20 10:10:20 +01:00
firmware License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fs nfs: don't wait on commit in nfs_commit_inode() if there were no commit requests 2017-12-20 10:10:20 +01:00
include mm, oom_reaper: fix memory corruption 2017-12-20 10:10:18 +01:00
init License cleanup: add SPDX license identifiers to some files 2017-11-02 10:04:46 -07:00
ipc License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
kernel tracing: Allocate mask_str buffer dynamically 2017-12-20 10:10:18 +01:00
lib dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 2017-12-14 09:53:08 +01:00
mm mm, oom_reaper: fix memory corruption 2017-12-20 10:10:18 +01:00
net kernel: make groups_sort calling a responsibility group_info allocators 2017-12-20 10:10:18 +01:00
samples License cleanup: add SPDX license identifiers to some files 2017-11-02 10:04:46 -07:00
scripts kbuild: rpm-pkg: fix jobserver unavailable warning 2017-12-14 09:53:13 +01:00
security apparmor: fix leak of null profile name if profile allocation fails 2017-12-14 09:53:06 +01:00
sound ALSA: usb-audio: Add check return value for usb_string() 2017-12-14 09:52:55 +01:00
tools usbip: prevent vhci_hcd driver from leaking a socket pointer address 2017-12-20 10:10:19 +01:00
usr initramfs: fix initramfs rebuilds w/ compression after disabling 2017-11-03 07:39:19 -07:00
virt KVM: arm/arm64: vgic-its: Preserve the revious read from the pending table 2017-12-17 15:07:59 +01:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore Add hch to .get_maintainer.ignore 2015-08-21 14:30:10 -07:00
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore kbuild: Add support to generate LLVM assembly files 2017-04-25 08:13:52 +09:00
.mailmap .mailmap: Add Maciej W. Rozycki's Imagination e-mail address 2017-11-10 12:16:15 -08:00
COPYING
CREDITS MAINTAINERS: update TPM driver infrastructure changes 2017-11-09 17:58:40 -08:00
Kbuild License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
MAINTAINERS Merge branch 'akpm' (patches from Andrew) 2017-11-09 18:26:51 -08:00
Makefile Linux 4.14.7 2017-12-17 15:08:14 +01:00
README README: add a new README file, pointing to the Documentation/ 2016-10-24 08:12:35 -02:00

README 

Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.