shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-04-06 21:23:05 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
29dbaecd2fbeda3f8dc76d2484807dec5b139aba
linux/drivers
History
Gustavo A. R. Silva af4bae0938 atm: zatm: Fix potential Spectre v1 
[ Upstream commit ced9e19150 ]

pool can be indirectly controlled by user-space, hence leading to
a potential exploitation of the Spectre variant 1 vulnerability.

This issue was detected with the help of Smatch:

drivers/atm/zatm.c:1491 zatm_ioctl() warn: potential spectre issue
'zatm_dev->pool_info' (local cap)

Fix this by sanitizing pool before using it to index
zatm_dev->pool_info

Notice that given that speculation windows are large, the policy is
to kill the speculation on the first load and not worry if it can be
completed with a dependent load/store [1].

[1] https://marc.info/?l=linux-kernel&m=152449131114778&w=2

Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-07-22 14:25:52 +02:00
..
accessibility
acpi
ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c
2018-05-30 07:49:11 +02:00
amba
ARM: amba: Don't read past the end of sysfs "driver_override" buffer
2018-05-02 07:53:42 -07:00
android
binder: add missing binder_unlock()
2018-02-28 10:17:23 +01:00
ata
ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS
2018-07-17 11:31:43 +02:00
atm
atm: zatm: Fix potential Spectre v1
2018-07-22 14:25:52 +02:00
auxdisplay
base
driver core: Don't ignore class_dir_create_and_add() failure.
2018-07-03 11:21:25 +02:00
bcma
bcma: use (get|put)_device when probing/removing device driver
2017-03-12 06:37:30 +01:00
block
loop: remember whether sysfs_create_group() was done
2018-07-17 11:31:46 +02:00
bluetooth
Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader
2018-07-03 11:21:28 +02:00
bus
bus: brcmstb_gisb: correct support for 64-bit address output
2018-04-13 19:50:05 +02:00
cdrom
cdrom: do not call check_disk_change() inside cdrom_open()
2018-05-30 07:49:13 +02:00
char
ipmi:bt: Set the timeout before doing a capabilities check
2018-07-03 11:21:28 +02:00
clk
clk: samsung: exynos3250: Fix PLL rates
2018-05-30 07:49:16 +02:00
clocksource
clocksource/drivers/fsl_ftm_timer: Fix error return checking
2018-05-30 07:49:01 +02:00
connector
connector: bump skb->users before callback invocation
2016-01-04 21:46:45 -05:00
cpufreq
cpufreq: Fix new policy initialization during limits updates via sysfs
2018-07-03 11:21:26 +02:00
cpuidle
cpuidle: powernv: Fix promotion from snooze if next state disabled
2018-07-03 11:21:29 +02:00
crypto
crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak
2018-07-22 14:25:52 +02:00
dca
devfreq
PM / devfreq: Propagate error from devfreq_add_device()
2018-02-22 15:44:58 +01:00
dio
dma
dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all()
2018-06-06 16:46:22 +02:00
dma-buf
dma-buf/fence: add fence_wait_any_timeout function v2
2015-10-30 01:16:16 -04:00
edac
EDAC, mv64x60: Fix an error handling path
2018-04-13 19:50:23 +02:00
eisa
extcon
extcon: palmas: Check the parent instance to prevent the NULL
2017-11-21 09:21:18 +01:00
firewire
firewire-ohci: work around oversized DMA reads on JMicron controllers
2018-05-30 07:48:52 +02:00
firmware
firmware: dmi_scan: Fix handling of empty DMI strings
2018-05-30 07:48:56 +02:00
fmc
fpga
fpga manager: Fix firmware resource leak on error
2015-11-24 15:25:46 -08:00
gpio
gpio: No NULL owner
2018-06-16 09:54:26 +02:00
gpu
drm: set FMODE_UNSIGNED_OFFSET for drm files
2018-06-13 16:15:27 +02:00
hid
HID: usbhid: add quirk for innomedia INNEX GENESIS/ATARI adapter
2018-07-17 11:31:43 +02:00
hsi
HSI: ssi_protocol: double free in ssip_pn_xmit()
2018-03-24 10:58:42 +01:00
hv
Drivers: hv: vmbus: fix build warning
2018-02-25 11:03:46 +01:00
hwmon
hwmon: (pmbus/adm1275) Accept negative page register values
2018-05-30 07:49:13 +02:00
hwspinlock
drivers/hwspinlock: fix race between radix tree insertion and lookup
2016-02-25 12:01:23 -08:00
hwtracing
hwtracing: stm: fix build error on some arches
2018-06-06 16:46:23 +02:00
i2c
i2c: rcar: fix resume by always initializing registers before transfer
2018-07-11 16:03:47 +02:00
ide
cdrom: do not call check_disk_change() inside cdrom_open()
2018-05-30 07:49:13 +02:00
idle
idle: i7300: add PCI dependency
2018-02-25 11:03:51 +01:00
iio
iio:buffer: make length types match kfifo types
2018-07-03 11:21:30 +02:00
infiniband
RDMA/ucm: Mark UCM interface as BROKEN
2018-07-17 11:31:46 +02:00
input
Input: elantech - fix V4 report decoding for module with middle key
2018-07-03 11:21:34 +02:00
iommu
x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros
2018-06-16 09:54:24 +02:00
ipack
irqchip
irqchip/gic-v3: Change pr_debug message to pr_devel
2018-05-30 07:48:57 +02:00
isdn
isdn: eicon: fix a missing-check bug
2018-06-13 16:15:28 +02:00
leds
leds: pca955x: Correct I2C Functionality
2018-04-13 19:50:09 +02:00
lguest
lightnvm
lightnvm: put bio before return
2016-09-24 10:07:35 +02:00
macintosh
mailbox
mailbox: handle empty message in tx_tick
2017-08-06 19:19:41 -07:00
mcb
mcb: Fixed bar number assignment for the gdd
2016-06-01 12:15:53 -07:00
md
dm bufio: don't take the lock in dm_bufio_shrink_count
2018-07-11 16:03:51 +02:00
media
media: cx25840: Use subdev host data for PLL override
2018-07-11 16:03:51 +02:00
memory
ARM: OMAP2+: gpmc-onenand: propagate error on initialization failure
2017-12-16 10:33:51 +01:00
memstick
memstick: rtsx_usb_ms: Manage runtime PM when accessing the device
2016-10-28 03:01:35 -04:00
message
scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo()
2018-05-30 07:48:58 +02:00
mfd
mfd: intel-lpss: Program REMAP register in PIO mode
2018-07-03 11:21:32 +02:00
misc
vmw_balloon: fix inflation with batching
2018-07-17 11:31:43 +02:00
mmc
mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register
2018-05-30 07:48:51 +02:00
mtd
mtd: cfi_cmdset_0002: Change erase functions to check chip good only
2018-07-11 16:03:51 +02:00
net
bcm63xx_enet: do not write to random DMA channel on BCM6345
2018-07-22 14:25:52 +02:00
nfc
NFC: nfcmrvl: double free on error path
2018-03-22 09:23:23 +01:00
ntb
ntb_transport: Fix bug with max_mw_size parameter
2018-05-30 07:48:55 +02:00
nubus
nvdimm
linvdimm, pmem: Preserve read-only setting for pmem devices
2018-07-03 11:21:31 +02:00
nvme
nvme-pci: initialize queue memory before interrupts
2018-07-11 16:03:47 +02:00
nvmem
nvmem: imx-ocotp: Fix wrong register size
2017-08-06 19:19:46 -07:00
of
of: unittest: for strings, account for trailing \0 in property length field
2018-07-03 11:21:29 +02:00
oprofile
parisc
parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode
2018-05-30 07:49:10 +02:00
parport
parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
2018-04-08 11:52:00 +02:00
pci
PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume
2018-07-03 11:21:30 +02:00
pcmcia
pcmcia: db1xxx_ss: fix last irq_to_gpio user
2016-04-20 15:42:09 +09:00
perf
drivers/perf: arm_pmu: handle no platform_device
2018-03-22 09:23:26 +01:00
phy
phy: work around 'phys' references to usb-nop-xceiv devices
2018-01-23 19:50:16 +01:00
pinctrl
pinctrl: Really force states during suspend/resume
2018-03-24 10:58:48 +01:00
platform
platform/chrome: Use proper protocol transfer function
2018-03-24 10:58:47 +01:00
pnp
PNP: Add Broadwell to Intel MCH size workaround
2016-08-16 09:30:48 +02:00
power
power: supply: pda_power: move from timer to delayed_work
2018-03-24 10:58:45 +01:00
powercap
PowerCap: Fix an error code in powercap_register_zone()
2018-04-13 19:50:05 +02:00
pps
pps: do not crash when failed to register
2016-08-10 11:49:25 +02:00
ps3
ptp
time: Change posix clocks ops interfaces to use timespec64
2018-03-24 10:58:40 +01:00
pwm
pwm: tegra: Increase precision in PWM rate calculation
2018-03-22 09:23:27 +01:00
rapidio
ras
regulator
regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()'
2018-05-30 07:49:17 +02:00
remoteproc
remoteproc: Fix potential race condition in rproc_add
2016-08-20 18:09:20 +02:00
reset
rpmsg
rtc
rtc: tx4939: avoid unintended sign extension on a 24 bit shift
2018-05-30 07:49:14 +02:00
s390
scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread
2018-07-03 11:21:31 +02:00
sbus
scsi
scsi: sg: mitigate read/write abuse
2018-07-11 16:03:48 +02:00
sfi
sh
drivers: sh: Restore legacy clock domain on SuperH platforms
2016-03-09 15:34:49 -08:00
sn
soc
soc: qcom/spm: shut up uninitialized variable warning
2016-09-24 10:07:42 +02:00
spi
spi: Fix scatterlist elements size in spi_map_buf
2018-07-03 11:21:35 +02:00
spmi
spmi: Include OF based modalias in device uevent
2017-07-27 15:06:10 -07:00
ssb
ssb: mark ssb_bus_register as __maybe_unused
2018-02-25 11:03:44 +01:00
staging
staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()
2018-07-11 16:03:51 +02:00
target
tcm_fileio: Prevent information leak for short reads
2018-03-24 10:58:45 +01:00
tc
thermal
thermal: imx: Fix race condition in imx_thermal_probe()
2018-04-24 09:32:08 +02:00
thunderbolt
thunderbolt: Resume control channel after hibernation image is created
2018-04-24 09:32:07 +02:00
tty
n_tty: Access echo_* variables carefully.
2018-07-11 16:03:47 +02:00
uio
uio: fix dmem_region_start computation
2016-10-31 04:13:59 -06:00
usb
xhci: xhci-mem: off by one in xhci_stream_id_to_ring()
2018-07-17 11:31:43 +02:00
uwb
uwb: ensure that endpoint is interrupt
2017-10-12 11:27:35 +02:00
vfio
vfio/pci: Virtualize Maximum Read Request Size
2018-04-24 09:32:09 +02:00
vhost
vhost: correctly remove wait queue during poll failure
2018-04-13 19:50:25 +02:00
video
video: uvesafb: Fix integer overflow in allocation
2018-07-03 11:21:34 +02:00
virt
virtio
virtio_balloon: prevent uninitialized variable use
2018-02-25 11:03:42 +01:00
vlynq
vme
vme: Fix wrong pointer utilization in ca91cx42_slave_get
2017-01-19 20:17:21 +01:00
w1
1wire: family module autoload fails because of upper/lower case mismatch.
2018-07-03 11:21:27 +02:00
watchdog
watchdog: f71808e_wdt: Fix magic close handling
2018-05-30 07:49:03 +02:00
xen
xen: Remove unnecessary BUG_ON from __unbind_from_irq()
2018-07-03 11:21:34 +02:00
zorro
zorro: Set up z->dev.dma_mask for the DMA API
2018-05-30 07:49:11 +02:00
Kconfig
Merge tag 'char-misc-4.4-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2015-11-04 22:15:15 -08:00
Makefile
usb: build drivers/usb/common/ when USB_SUPPORT is set
2018-02-25 11:03:38 +01:00