shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-11 13:27:06 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
aa2c274c279ff365a06a4cba263f04965895166e
linux/drivers
History
Todd Kjos aa2c274c27 binder: make sure fd closes complete 
commit 5fdb55c1ac upstream.

During BC_FREE_BUFFER processing, the BINDER_TYPE_FDA object
cleanup may close 1 or more fds. The close operations are
completed using the task work mechanism -- which means the thread
needs to return to userspace or the file object may never be
dereferenced -- which can lead to hung processes.

Force the binder thread back to userspace if an fd is closed during
BC_FREE_BUFFER handling.

Fixes: 80cd795630 ("binder: fix use-after-free due to ksys_close() during fdget()")
Cc: stable <stable@vger.kernel.org>
Reviewed-by: Martijn Coenen <maco@android.com>
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Todd Kjos <tkjos@google.com>
Link: https://lore.kernel.org/r/20210830195146.587206-1-tkjos@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-09-30 10:09:21 +02:00
..
accessibility
acpi
PCI/ACPI: Add Ampere Altra SOC MCFG quirk
2021-09-26 14:07:05 +02:00
amba
android
binder: make sure fd closes complete
2021-09-30 10:09:21 +02:00
ata
ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init()
2021-09-22 12:26:30 +02:00
atm
atm: nicstar: register the interrupt handler in the right place
2021-07-19 08:53:12 +02:00
auxdisplay
base
PM: base: power: don't try to use non-existing RTC for storing data
2021-09-22 12:26:39 +02:00
bcma
bcma: Fix memory leak for internally-handled cores
2021-09-15 09:47:37 +02:00
block
Revert "block: nbd: add sanity check for first_minor"
2021-09-16 12:56:13 +02:00
bluetooth
Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc.
2021-07-19 08:53:13 +02:00
bus
bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act
2021-06-10 13:37:08 +02:00
cdrom
cdrom: gdrom: initialize global variable at init time
2021-05-26 12:05:19 +02:00
char
tpm_ftpm_tee: Free and unregister TEE shared memory during kexec
2021-08-12 13:21:01 +02:00
clk
clk: at91: clk-generated: Limit the requested rate to our range
2021-09-22 12:26:25 +02:00
clocksource
clocksource/drivers/sh_cmt: Fix wrong setting if don't request IRQ for clock source channel
2021-09-15 09:47:29 +02:00
connector
counter
counter: 104-quad-8: Return error when invalid mode during ceiling_write
2021-09-15 09:47:34 +02:00
cpufreq
cpufreq: powernv: Fix init_chip_info initialization in numa=off
2021-09-22 12:26:37 +02:00
cpuidle
crypto
crypto: mxs-dcp - Use sg_mapping_iter to copy data
2021-09-22 12:26:26 +02:00
dax
dca
devfreq
PM / devfreq: Use more accurate returned new_freq as resume_freq
2021-05-14 09:44:20 +02:00
dio
dma
dmaengine: xilinx_dma: Set DMA mask for coherent APIs
2021-09-26 14:07:11 +02:00
dma-buf
dma-buf/sync_file: Don't leak fences on merge failure
2021-07-25 14:35:15 +02:00
edac
EDAC/i10nm: Fix NVDIMM detection
2021-09-15 09:47:30 +02:00
eisa
extcon
extcon: intel-mrfld: Sync hardware and software state on init
2021-07-19 08:53:16 +02:00
firewire
firewire: nosy: Fix a use-after-free bug in nosy_ioctl()
2021-04-07 14:47:43 +02:00
firmware
firmware: arm_scmi: Add delayed response status check
2021-08-08 09:04:08 +02:00
fpga
fpga: stratix10-soc: Add missing fpga_mgr_free() call
2021-07-19 08:53:15 +02:00
fsi
fsi/sbefifo: Fix reset timeout
2021-07-14 16:53:42 +02:00
gnss
gpio
gpio: tqmx86: really make IRQ optional
2021-08-12 13:20:57 +02:00
gpu
drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
2021-09-26 14:07:14 +02:00
greybus
hid
HID: i2c-hid: Fix Elan touchpad regression
2021-09-22 12:26:25 +02:00
hsi
HSI: core: fix resource leaks in hsi_add_client_from_dt()
2021-05-14 09:44:25 +02:00
hv
hv_utils: Fix passing zero to 'PTR_ERR' warning
2021-07-14 16:53:16 +02:00
hwmon
hwmon: (max31790) Fix fan speed reporting for fan7..12
2021-07-14 16:53:23 +02:00
hwspinlock
hwtracing
intel_th: Wait until port is in reset before programming it
2021-07-20 16:10:46 +02:00
i2c
i2c: mt65xx: fix IRQ check
2021-09-15 09:47:36 +02:00
i3c
Revert "i3c master: fix missing destroy_workqueue() on error in i3c_master_register"
2021-05-14 09:44:15 +02:00
ide
idle
iio
iio: dac: ad5624r: Fix incorrect handling of an optional regulator.
2021-09-22 12:26:27 +02:00
infiniband
RDMA/efa: Remove double QP type assignment
2021-09-22 12:26:23 +02:00
input
Input: hideep - fix the uninitialized use in hideep_nvm_unlock()
2021-07-20 16:10:45 +02:00
interconnect
interconnect: core: fix error return code of icc_link_destroy()
2021-04-16 11:46:37 +02:00
iommu
iommu: Check if group is NULL before remove device
2021-08-26 08:36:15 -04:00
ipack
ipack: tpci200: fix memory leak in the tpci200_register
2021-08-26 08:36:21 -04:00
irqchip
irqchip/gic-v3: Fix OF_BAD_ADDR error handling
2021-05-14 09:44:20 +02:00
isdn
mISDN: fix possible use-after-free in HFC_cleanup()
2021-07-19 08:53:08 +02:00
leds
leds: trigger: audio: Add an activate callback to ensure the initial brightness is set
2021-09-15 09:47:33 +02:00
lightnvm
macintosh
mailbox
mcb
md
dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
2021-09-22 12:26:21 +02:00
media
media: tegra-cec: Handle errors of clk_prepare_enable()
2021-09-22 12:26:31 +02:00
memory
memory: fsl_ifc: fix leak of private memory on probe failure
2021-07-20 16:10:52 +02:00
memstick
memstick: rtsx_usb_ms: fix UAF
2021-07-14 16:53:13 +02:00
message
mfd
mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set
2021-09-22 12:26:44 +02:00
misc
VMCI: fix NULL pointer dereference when unmapping queue pair
2021-09-22 12:26:21 +02:00
mmc
mmc: core: Return correct emmc response in case of ioctl error
2021-09-22 12:26:35 +02:00
mtd
mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()'
2021-09-22 12:26:45 +02:00
mux
net
net: stmmac: reset Tx desc base address before restarting Tx
2021-09-26 14:07:09 +02:00
nfc
nfc: nfcsim: fix use after free during module unload
2021-08-04 12:27:38 +02:00
ntb
NTB: perf: Fix an error code in perf_setup_inbuf()
2021-09-22 12:26:44 +02:00
nubus
nvdimm
libnvdimm/region: Fix label activation vs errors
2021-08-18 08:56:57 +02:00
nvme
nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
2021-09-22 12:26:33 +02:00
nvmem
nvmem: core: add a missing of_node_put
2021-07-19 08:53:16 +02:00
of
of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS
2021-09-22 12:26:34 +02:00
opp
opp: Don't print an error if required-opps is missing
2021-09-22 12:26:33 +02:00
oprofile
parisc
parisc: Move pci_dev_is_behind_card_dino to where it is used
2021-09-26 14:07:10 +02:00
parport
parport: remove non-zero check on count
2021-09-22 12:26:36 +02:00
pci
PCI/ACPI: Add Ampere Altra SOC MCFG quirk
2021-09-26 14:07:05 +02:00
pcmcia
pcmcia: i82092: fix a null pointer dereference bug
2021-08-12 13:21:03 +02:00
perf
drivers/perf: fix the missed ida_simple_remove() in ddr_perf_probe()
2021-07-14 16:53:14 +02:00
phy
phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe()
2021-07-14 16:53:46 +02:00
pinctrl
pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry()
2021-09-22 12:26:24 +02:00
platform
platform/chrome: cros_ec_proto: Send command again when timeout occurs
2021-09-22 12:26:38 +02:00
pnp
power
power: supply: max17042: handle fails of reading status register
2021-09-22 12:26:21 +02:00
powercap
pps
ps3
ptp
ptp_pch: Restore dependency on PCI
2021-08-26 08:36:17 -04:00
pwm
pwm: stm32-lp: Don't modify HW state in .remove() callback
2021-09-26 14:07:13 +02:00
rapidio
rapidio: handle create_workqueue() failure
2021-05-26 12:05:17 +02:00
ras
RAS/CEC: Correct ce_add_elem()'s returned values
2021-04-14 08:24:18 +02:00
regulator
regulator: vctrl: Avoid lockdep warning in enable/disable ops
2021-09-15 09:47:29 +02:00
remoteproc
reset
reset: reset-zynqmp: Fixed the argument data type
2021-09-12 08:56:39 +02:00
rpmsg
rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
2021-05-19 10:08:25 +02:00
rtc
rtc: rx8010: select REGMAP_I2C
2021-09-26 14:07:14 +02:00
s390
s390/sclp: fix Secure-IPL facility detection
2021-09-22 12:26:40 +02:00
sbus
scsi
scsi: qla2xxx: Sync queue idx with queue_pair_map idx
2021-09-22 12:26:37 +02:00
sfi
sh
siox
slimbus
slimbus: ngd: reset dma setup during runtime pm
2021-08-26 08:36:21 -04:00
soc
soc: aspeed: p2a-ctrl: Fix boundary check for mmap
2021-09-22 12:26:20 +02:00
soundwire
soundwire: stream: Fix test for DP prepare complete
2021-07-14 16:53:45 +02:00
spi
spi: spi-zynq-qspi: use wait_for_completion_timeout to make zynq_qspi_exec_mem_op not interruptible
2021-09-15 09:47:30 +02:00
spmi
spmi: spmi-pmic-arb: Fix hw_irq overflow
2021-03-04 10:26:49 +01:00
ssb
ssb: Fix error return code in ssb_bus_scan()
2021-07-14 16:53:29 +02:00
staging
staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb()
2021-09-26 14:07:07 +02:00
target
scsi: target: avoid per-loop XCOPY buffer allocations
2021-09-22 12:26:25 +02:00
tc
tee
tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag
2021-08-15 13:08:02 +02:00
thermal
thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
2021-09-26 14:07:08 +02:00
thunderbolt
thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
2021-06-03 08:59:03 +02:00
tty
console: consume APC, DM, DCS
2021-09-26 14:07:05 +02:00
uio
uio_hv_generic: Fix a memory leak in error handling paths
2021-05-26 12:05:17 +02:00
usb
USB: cdc-acm: fix minor-number release
2021-09-30 10:09:21 +02:00
vfio
vfio: Use config not menuconfig for VFIO_NOIOMMU
2021-09-22 12:26:23 +02:00
vhost
vhost_net: fix OoB on sendmsg() failure.
2021-09-22 12:26:41 +02:00
video
video: fbdev: riva: Error out if 'pixclock' equals zero
2021-09-22 12:26:29 +02:00
virt
virtio
virtio_pci: Support surprise removal of virtio pci device
2021-09-03 10:08:15 +02:00
visorbus
visorbus: fix error return code in visorchipset_init()
2021-07-14 16:53:42 +02:00
vlynq
vme
w1
w1: ds2438: fixing bug that would always get page0
2021-07-20 16:10:41 +02:00
watchdog
Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
2021-08-08 09:04:08 +02:00
xen
xen/events: Fix race in set_evtchn_to_irq
2021-08-18 08:57:01 +02:00
zorro
Kconfig
Makefile