shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-04-10 23:18:10 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
e421fbd4cb22dd67a62243c00d4fbe43c5fafc3f
linux/fs
History
Tao Huang 921df26c80 f2fs: fix out-of-bounds read in update_free_nid_bitmap 
test_bit will access with unsigned long, which cause this bug.
Workaround by enlarge free_nid_bitmap.

BUG: KASAN: slab-out-of-bounds in update_free_nid_bitmap+0x98/0x16c
Read of size 8 at addr ffffffc06275c9ff by task init/195

CPU: 3 PID: 195 Comm: init Not tainted 4.4.114 #55
Hardware name: Rockchip rk3326 evb board (DT)
Call trace:
 dump_backtrace+0x0/0x244
 show_stack+0x14/0x1c
 dump_stack+0xa4/0xcc
 print_address_description+0xa4/0x308
 kasan_report+0x258/0x29c
 __asan_load8+0x78/0x80
 update_free_nid_bitmap+0x98/0x16c
 build_node_manager+0x884/0x950
 f2fs_fill_super+0x14bc/0x1ca8
 mount_bdev+0x174/0x208
 f2fs_mount+0x14/0x1c
 mount_fs+0xbc/0x1b0
 vfs_kern_mount+0xbc/0x1c8
 do_mount+0xcf0/0xe68
 SyS_mount+0x94/0xe0
 el0_svc_naked+0x24/0x28

Change-Id: I9167447ded0a8c2da1b80cdc671615c9108c02be
Signed-off-by: Tao Huang <huangtao@rock-chips.com>
2018-02-23 11:47:45 +08:00
..
9p
fs/9p: Compare qid.path in v9fs_test_inode
2017-11-30 08:37:22 +00:00
adfs
fs/adfs: remove unneeded cast
2015-06-30 19:44:57 -07:00
affs
affs: fix remount failure when there are no options changed
2016-06-07 18:14:32 -07:00
afs
afs: Fix afs_kill_pages()
2017-12-20 10:04:56 +01:00
autofs4
autofs: fix careless error in recent commit
2017-12-20 10:04:51 +01:00
befs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-07-04 19:36:06 -07:00
bfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-04-26 17:22:07 -07:00
btrfs
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-12-21 12:06:53 +08:00
cachefiles
FS-Cache: Add missing initialization of ret in cachefiles_write_page()
2015-11-16 20:38:43 -05:00
ceph
ceph: drop negative child dentries before try pruning inode's alias
2017-12-20 10:04:52 +01:00
cifs
cifs: check MaxPathNameComponentLength != 0 before using it
2017-11-08 10:06:27 +01:00
coda
coda: fix 'kernel memory exposure attempt' in fsync
2017-11-24 08:32:25 +01:00
configfs
configfs: Fix race between create_link and configfs_rmdir
2017-06-26 07:13:08 +02:00
cramfs
fs/cramfs/inode.c: use linux/uaccess.h
2014-08-08 15:57:25 -07:00
crypto
fscrypt: updates on 4.15-rc4
2018-01-22 13:16:20 +05:30
debugfs
Merge tag 'lsk-v4.4-17.08-android' of git://git.linaro.org/kernel/linux-linaro-stable.git
2017-09-01 18:56:00 +08:00
devpts
devpts: clean up interface to pty drivers
2016-08-16 09:30:49 +02:00
dlm
dlm: avoid double-free on error path in dlm_device_{register,unregister}
2017-09-13 14:09:45 -07:00
ecryptfs
eCryptfs: use after free in ecryptfs_release_messaging()
2017-11-30 08:37:20 +00:00
efivarfs
efi: Make efivarfs entries immutable by default
2016-03-03 15:07:09 -08:00
efs
fs/efs: femove unneeded cast
2015-06-25 17:00:42 -07:00
exofs
osd fs: __r4w_get_page rely on PageUptodate for uptodate
2015-12-12 10:15:34 -08:00
exportfs
VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry)
2015-02-22 11:38:41 -05:00
ext2
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2018-02-01 12:02:38 +08:00
ext4
fscrypt: updates on 4.15-rc4
2018-01-22 13:16:20 +05:30
f2fs
f2fs: fix out-of-bounds read in update_free_nid_bitmap
2018-02-23 11:47:45 +08:00
fat
fat: fix using uninitialized fields of fat_inode/fsinfo_inode
2017-03-15 09:57:15 +08:00
freevxfs
freevxfs: Grammar s/an negative/a negative/
2015-08-07 13:59:24 +02:00
fscache
FS-Cache: fix dereference of NULL user_key_payload
2017-10-27 10:23:18 +02:00
fuse
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-11-20 20:53:19 +05:30
gfs2
GFS2: Take inode off order_write list when setting jdata flag
2017-12-20 10:04:59 +01:00
hfs
hfs: fix B-tree corruption after insertion at position 0
2015-09-10 13:29:01 -07:00
hfsplus
posix_acl: Clear SGID bit when setting file permissions
2016-10-31 04:13:58 -06:00
hostfs
hostfs: Freeing an ERR_PTR in hostfs_fill_sb_common()
2016-09-30 10:18:39 +02:00
hpfs
hpfs: implement the show_options method
2016-06-01 12:15:54 -07:00
hugetlbfs
mm: larger stack guard gap, between vmas
2017-06-26 07:13:11 +02:00
isofs
isofs: fix timestamps beyond 2027
2017-11-30 08:37:20 +00:00
jbd2
jbd2: don't leak modified metadata buffers on an aborted journal
2017-03-12 06:37:26 +01:00
jffs2
posix_acl: Clear SGID bit when setting file permissions
2016-10-31 04:13:58 -06:00
jfs
fs: add i_blocksize()
2017-06-14 13:16:24 +02:00
kernfs
kernfs: don't depend on d_find_any_alias() when generating notifications
2016-09-24 10:07:36 +02:00
lockd
Merge tag 'nfsd-4.4' of git://linux-nfs.org/~bfields/linux
2015-11-11 20:11:28 -08:00
logfs
mm, fs: introduce mapping_gfp_constraint()
2015-11-06 17:50:42 -08:00
minix
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-07-04 19:36:06 -07:00
ncpfs
ncpfs: fix a braino in OOM handling in ncp_fill_cache()
2016-03-16 08:42:59 -07:00
nfs
NFSv4.1 respect server's max size in CREATE_SESSION
2017-12-20 10:04:57 +01:00
nfs_common
lockd: NLM grace period shouldn't block NFSv4 opens
2015-08-13 10:22:06 -04:00
nfsd
nfsd: auth: Fix gid sorting when rootsquash enabled
2018-01-31 12:06:14 +01:00
nilfs2
nilfs2: fix race condition that causes file system corruption
2017-11-30 08:37:20 +00:00
nls
notify
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-08-11 19:28:33 +05:30
ntfs
mm, fs: introduce mapping_gfp_constraint()
2015-11-06 17:50:42 -08:00
ocfs2
Revert "ocfs2: should wait dio before inode lock in ocfs2_setattr()"
2017-12-09 18:42:43 +01:00
omfs
omfs: fix potential integer overflow in allocator
2015-05-28 18:25:19 -07:00
openpromfs
overlayfs
ovl: fsync after copy-up
2016-11-10 16:36:34 +01:00
proc
Merge branch 'linux-linaro-lsk-v4.4-android' of git://git.linaro.org/kernel/linux-linaro-stable.git
2018-01-26 19:26:47 +08:00
pstore
pstore/console: ignore log level
2017-11-15 14:48:58 +08:00
qnx4
qnx6
pagemap.h: move dir_pages() over there
2015-06-23 18:02:00 -04:00
quota
quota: Fix possible GPF due to uninitialised pointers
2016-04-12 09:08:56 -07:00
ramfs
mm, fs: obey gfp_mapping for add_to_page_cache()
2015-10-16 11:42:28 -07:00
reiserfs
reiserfs: Don't clear SGID when inheriting ACLs
2018-01-31 12:06:11 +01:00
romfs
romfs: use different way to generate fsid for BLOCK or MTD
2017-06-17 06:39:38 +02:00
sdcardfs
ANDROID: sdcardfs: Move default_normal to superblock
2018-01-22 13:16:20 +05:30
squashfs
ANDROID: squashfs: Fix endianness issue
2017-07-10 16:28:06 +05:30
sysfs
sysfs: be careful of error returns from ops->show()
2017-04-12 12:38:33 +02:00
sysv
fix sysvfs symlinks
2015-11-23 21:11:08 -05:00
tracefs
tracefs: Fix refcount imbalance in start_creating()
2015-11-04 22:13:45 -05:00
ubifs
ubifs: Fix journal replay wrt. xattr nodes
2017-01-26 08:23:48 +01:00
udf
udf: Avoid overflow when session starts at large offset
2017-12-20 10:05:01 +01:00
ufs
ufs_getfrag_block(): we only grab ->truncate_mutex on block creation path
2017-06-14 13:16:24 +02:00
xfs
xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real
2017-12-20 10:05:00 +01:00
aio.c
aio: mark AIO pseudo-fs noexec
2016-10-07 15:23:47 +02:00
anon_inodes.c
attr.c
ANDROID: vfs: user permission2 in notify_change2
2017-04-10 13:12:16 +05:30
bad_inode.c
don't bother with most of the bad_file_ops methods
2015-02-20 04:03:58 -05:00
binfmt_aout.c
assorted conversions to %p[dD]
2014-11-19 13:01:20 -05:00
binfmt_elf_fdpic.c
Merge tag 'libnvdimm-for-4.4' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
2015-11-10 12:07:22 -08:00
binfmt_elf.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-07-22 12:02:06 +08:00
binfmt_em86.c
syscalls: implement execveat() system call
2014-12-13 12:42:51 -08:00
binfmt_flat.c
binfmt_misc.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2015-04-26 17:22:07 -07:00
binfmt_script.c
syscalls: implement execveat() system call
2014-12-13 12:42:51 -08:00
block_dev.c
fs/block_dev: always invalidate cleancache in invalidate_bdev()
2017-05-20 14:27:01 +02:00
buffer.c
fs: add i_blocksize()
2017-06-14 13:16:24 +02:00
char_dev.c
fs/char_dev.c: fix incorrect documentation for unregister_chrdev_region
2015-08-05 13:49:35 -07:00
compat_binfmt_elf.c
compat_ioctl.c
i2c-dev: Fix typo in ioctl name reference
2015-10-23 23:26:43 +02:00
compat.c
vfs: make first argument of dir_context.actor typed
2014-10-31 17:48:54 -04:00
coredump.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-07-18 14:31:54 +08:00
dax.c
dax: disable pmd mappings
2015-11-16 23:54:45 -08:00
dcache.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-08-11 19:28:33 +05:30
dcookies.c
direct-io.c
direct-io: Prevent NULL pointer access in submit_page_section
2017-10-18 09:20:42 +02:00
drop_caches.c
inode: convert inode_sb_list_lock to per-sb
2015-08-17 18:39:46 -04:00
eventfd.c
eventfd: don't take the spinlock in eventfd_poll
2015-02-17 14:34:52 -08:00
eventpoll.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-09-08 12:02:15 +08:00
exec.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-07-22 12:02:06 +08:00
fcntl.c
fs/fcntl: f_setown, avoid undefined behaviour
2018-01-31 12:06:11 +01:00
fhandle.c
fs/coredump: prevent fsuid=0 dumps into user-controlled directories
2016-04-12 09:08:58 -07:00
file_table.c
fs, file table: reinit files_stat.max_files after deferred memory initialisation
2015-08-07 04:39:40 +03:00
file.c
vfs: clear remainder of 'full_fds_bits' in dup_fd()
2015-11-05 23:05:32 -08:00
filesystems.c
fs_pin.c
fs_pin: Allow for the possibility that m_list or s_list go unused.
2015-04-09 11:39:55 -05:00
fs_struct.c
ANDROID: fs: Export free_fs_struct and set_fs_pwd
2017-02-03 15:05:18 +05:30
fs-writeback.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-12-21 12:06:53 +08:00
inode.c
ANDROID: vfs: Add setattr2 for filesystems with per mount permissions
2017-02-03 15:04:29 +05:30
internal.h
ANDROID: vfs: Allow filesystems to access their private mount data
2017-02-03 14:16:53 +05:30
ioctl.c
fsioctl.c: make generic_block_fiemap() signal-tolerant
2015-02-10 14:30:30 -08:00
Kconfig
f2fs: backport from (4c1fad64 - Merge tag 'for-f2fs-4.9' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs)
2017-10-15 23:28:17 +05:30
Kconfig.binfmt
mm: split ET_DYN ASLR from mmap ASLR
2015-04-14 16:49:05 -07:00
libfs.c
fs: Set the size of empty dirs to 0.
2015-08-12 15:28:45 -05:00
locks.c
locks: don't check for race with close when setting OFD lock
2018-01-17 09:35:27 +01:00
Makefile
f2fs: backport from (4c1fad64 - Merge tag 'for-f2fs-4.9' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs)
2017-10-15 23:28:17 +05:30
mbcache2.c
BACKPORT: [UPSTREAM] mbcache2: reimplement mbcache
2017-05-01 15:05:27 +05:30
mbcache.c
mount.h
mnt: In propgate_umount handle visiting mounts in any order
2017-07-21 07:44:57 +02:00
mpage.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-07-11 16:22:22 +08:00
namei.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-08-11 19:28:33 +05:30
namespace.c
ANDROID: mnt: Fix freeing of mount data
2017-09-18 21:14:36 +01:00
no-block.c
nsfs.c
fs/seq_file: convert int seq_vprint/seq_printf/etc... returns to void
2015-09-11 15:21:34 -07:00
open.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-07-18 14:31:54 +08:00
pipe.c
pipe: avoid round_pipe_size() nr_pages overflow on 32-bit
2018-01-23 19:50:15 +01:00
pnode.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-07-22 12:02:06 +08:00
pnode.h
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-05-04 12:01:39 +08:00
posix_acl.c
tmpfs: clear S_ISGID when setting posix ACLs
2017-01-26 08:23:47 +01:00
proc_namespace.c
ANDROID: vfs: Allow filesystems to access their private mount data
2017-02-03 14:16:53 +05:30
read_write.c
vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
2017-10-05 09:41:45 +02:00
readdir.c
vfs: make first argument of dir_context.actor typed
2014-10-31 17:48:54 -04:00
select.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2018-02-01 12:02:38 +08:00
seq_file.c
Make file credentials available to the seqfile interfaces
2017-08-06 19:19:42 -07:00
signalfd.c
signalfd: fix information leak in signalfd_copyinfo
2015-08-07 04:39:40 +03:00
splice.c
vfs: fix uninitialized flags in splice_to_pipe()
2017-02-23 17:43:09 +01:00
stack.c
fs: fix comment for 'CONFIG_LBADF'
2014-08-26 09:35:56 +02:00
stat.c
ufs: restore maintaining ->i_blocks
2017-06-14 13:16:24 +02:00
statfs.c
super.c
ANDROID: vfs: Allow filesystems to access their private mount data
2017-02-03 14:16:53 +05:30
sync.c
ANDROID: sched: add a counter to track fsync
2017-04-10 13:12:16 +05:30
timerfd.c
timerfd: Protect the might cancel mechanism proper
2017-05-08 07:46:01 +02:00
userfaultfd.c
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
2017-12-21 12:06:53 +08:00
utimes.c
ANDROID: vfs: Add setattr2 for filesystems with per mount permissions
2017-02-03 15:04:29 +05:30
xattr.c
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
2017-10-12 11:27:32 +02:00