mirror/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
138b787804f4a10417618e8d1e6e2700539fd88c
linux/drivers
History
Eric Dumazet 138b787804 mISDN: fix MISDN_TIME_STAMP handling 
syzbot reports one unsafe call to copy_from_sockptr() [1]

Use copy_safe_from_sockptr() instead.

[1]

 BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]
 BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]
 BUG: KASAN: slab-out-of-bounds in data_sock_setsockopt+0x46c/0x4cc drivers/isdn/mISDN/socket.c:417
Read of size 4 at addr ffff0000c6d54083 by task syz-executor406/6167

CPU: 1 PID: 6167 Comm: syz-executor406 Not tainted 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call trace:
  dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:291
  show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:298
  __dump_stack lib/dump_stack.c:88 [inline]
  dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106
  print_address_description mm/kasan/report.c:377 [inline]
  print_report+0x178/0x518 mm/kasan/report.c:488
  kasan_report+0xd8/0x138 mm/kasan/report.c:601
  __asan_report_load_n_noabort+0x1c/0x28 mm/kasan/report_generic.c:391
  copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]
  copy_from_sockptr include/linux/sockptr.h:55 [inline]
  data_sock_setsockopt+0x46c/0x4cc drivers/isdn/mISDN/socket.c:417
  do_sock_setsockopt+0x2a0/0x4e0 net/socket.c:2311
  __sys_setsockopt+0x128/0x1a8 net/socket.c:2334
  __do_sys_setsockopt net/socket.c:2343 [inline]
  __se_sys_setsockopt net/socket.c:2340 [inline]
  __arm64_sys_setsockopt+0xb8/0xd4 net/socket.c:2340
  __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
  invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
  el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
  do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
  el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
  el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
  el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598

Fixes: 1b2b03f8e5 ("Add mISDN core files")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Cc: Karsten Keil <isdn@linux-pingi.de>
Link: https://lore.kernel.org/r/20240408082845.3957374-3-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2024-04-09 17:01:01 -07:00
..
accel
Merge tag 'drm-next-2024-03-13' of https://gitlab.freedesktop.org/drm/kernel
2024-03-13 18:34:05 -07:00
accessibility
Merge tag 'char-misc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2024-03-21 13:21:31 -07:00
acpi
Merge branch 'acpica'
2024-03-29 19:00:09 +01:00
amba
android
Merge tag 'char-misc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2024-03-21 13:21:31 -07:00
ata
scsi: sd: Fix TCG OPAL unlock on system resume
2024-03-25 15:46:12 -04:00
atm
atm: fore200e: Convert to platform remove callback returning void
2024-03-07 20:36:32 -08:00
auxdisplay
auxdisplay: img-ascii-lcd: Convert to platform remove callback returning void
2024-03-12 17:37:54 +02:00
base
Merge tag 'driver-core-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
2024-03-21 13:34:15 -07:00
bcma
block
Merge tag 'block-6.9-20240322' of git://git.kernel.dk/linux
2024-03-22 12:46:07 -07:00
bluetooth
Bluetooth: qca: fix device-address endianness
2024-03-29 09:48:37 -04:00
bus
Merge tag 'char-misc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2024-03-21 13:21:31 -07:00
cache
cdrom
cdrom: gdrom: Convert to platform remove callback returning void
2024-03-07 11:53:30 -07:00
cdx
cdx: add MSI support for CDX bus
2024-03-07 21:52:03 +00:00
char
Merge tag 'char-misc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2024-03-21 13:21:31 -07:00
clk
Merge tag 'soc-late-6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
2024-03-19 11:57:26 -07:00
clocksource
Merge tag 'timers-core-2024-03-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2024-03-23 14:42:45 -07:00
comedi
Merge tag 'char-misc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2024-03-21 13:21:31 -07:00
connector
counter
cpufreq
Merge tag 'riscv-for-linus-6.9-mw2' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux
2024-03-22 10:41:13 -07:00
cpuidle
Merge tag 'riscv-for-linus-6.9-mw2' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux
2024-03-22 10:41:13 -07:00
crypto
Merge tag 'v6.9-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
2024-03-25 10:48:23 -07:00
cxl
cxl: remove CONFIG_CXL_PMU entry in drivers/cxl/Kconfig
2024-03-27 01:58:34 +09:00
dax
Merge tag 'libnvdimm-for-6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
2024-03-15 11:58:32 -07:00
dca
devfreq
dio
dio: make dio_bus_type const
2024-03-07 20:37:04 +00:00
dma
Merge tag 'dmaengine-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine
2024-03-15 12:25:13 -07:00
dma-buf
Merge drm/drm-fixes into drm-misc-fixes
2024-03-25 21:11:58 +01:00
dpll
dpll: indent DPLL option type by a tab
2024-03-25 19:40:23 -07:00
edac
Merge tag 'edac_updates_for_v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras
2024-03-11 18:14:06 -07:00
eisa
extcon
firewire
firewire: core: add memo about the caller of show functions for device attributes
2024-03-21 21:20:18 +09:00
firmware
x86/efistub: Reinstate soft limit for initrd loading
2024-03-28 16:19:46 +01:00
fpga
Merge tag 'char-misc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2024-03-21 13:21:31 -07:00
fsi
gnss
gpio
gpiolib: Fix debug messaging in gpiod_find_and_request()
2024-03-26 12:50:50 +01:00
gpu
Merge tag 'kbuild-fixes-v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
2024-03-31 11:23:51 -07:00
greybus
Merge tag 'char-misc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2024-03-21 13:21:31 -07:00
hid
Merge tag 'hid-for-linus-2024031301' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid
2024-03-14 09:56:15 -07:00
hsi
hte
hv
Merge tag 'hyperv-next-signed-20240320' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux
2024-03-21 10:01:02 -07:00
hwmon
Merge tag 'mm-nonmm-stable-2024-03-14-09-36' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2024-03-14 18:03:09 -07:00
hwspinlock
hwspinlock: omap: Use index to get hwspinlock pointer
2024-03-05 20:01:14 -08:00
hwtracing
i2c
i2c: i801: Fix a refactoring that broke a touchpad on Lenovo P1
2024-03-26 00:47:08 +01:00
i3c
idle
cpuidle: ACPI/intel: fix MWAIT hint target C-state computation
2024-03-05 21:25:18 +01:00
iio
Merge tag 'char-misc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2024-03-21 13:21:31 -07:00
infiniband
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma
2024-03-18 15:34:03 -07:00
input
Merge tag 'tty-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
2024-03-21 12:44:10 -07:00
interconnect
Merge tag 'icc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/djakov/icc into char-misc-next
2024-03-06 14:03:31 +00:00
iommu
iommu: Validate the PASID in iommu_attach_device_pasid()
2024-03-28 06:38:40 +01:00
ipack
ipack: make ipack_bus_type const
2024-03-07 20:32:47 +00:00
irqchip
irqchip/armada-370-xp: Suppress unused-function warning
2024-03-26 02:12:16 +01:00
isdn
mISDN: fix MISDN_TIME_STAMP handling
2024-04-09 17:01:01 -07:00
leds
Merge tag 'mm-nonmm-stable-2024-03-14-09-36' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2024-03-14 18:03:09 -07:00
macintosh
Merge tag 'powerpc-6.9-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux
2024-03-15 17:53:48 -07:00
mailbox
Merge tag 'mailbox-v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/jassibrar/mailbox
2024-03-13 12:23:36 -07:00
mcb
mcb: constify the struct device_type usage
2024-03-07 20:38:15 +00:00
md
dm integrity: fix out-of-range warning
2024-03-29 09:48:07 -04:00
media
spi: Merge up v6.8 release
2024-03-18 17:30:46 +00:00
memory
Merge tag 'char-misc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2024-03-21 13:21:31 -07:00
memstick
Merge tag 'mmc-v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc
2024-03-13 10:59:28 -07:00
message
mfd
Merge tag 'tty-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
2024-03-21 12:44:10 -07:00
misc
Merge tag 'hardening-v6.9-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
2024-03-23 08:43:21 -07:00
mmc
sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove()
2024-03-25 13:12:46 +01:00
most
most: core: make mostbus const
2024-03-07 20:32:38 +00:00
mtd
Merge tag 'ubifs-for-linus-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/ubifs
2024-03-21 15:09:29 -07:00
mux
net
octeontx2-af: Fix NIX SQ mode and BP config
2024-04-09 11:59:42 +02:00
nfc
ntb
nubus
nvdimm
Merge tag 'libnvdimm-for-6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
2024-03-15 11:58:32 -07:00
nvme
Merge tag 'nvme-6.9-2024-03-21' of git://git.infradead.org/nvme into block-6.9
2024-03-21 13:23:07 -06:00
nvmem
nvmem: core: Print error on wrong bits DT property
2024-03-07 20:21:53 +00:00
of
Merge tag 'driver-core-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
2024-03-21 13:34:15 -07:00
opp
OPP: Extend dev_pm_opp_data with turbo support
2024-03-11 10:39:24 +05:30
parisc
parisc: led: Convert to platform remove callback returning void
2024-03-08 10:00:07 +01:00
parport
parport: sunbpp: Convert to platform remove callback returning void
2024-03-07 21:50:06 +00:00
pci
Merge tag 'pci-v6.9-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci
2024-03-14 10:58:27 -07:00
pcmcia
pcmcia: cs: make pcmcia_socket_class constant
2024-03-10 09:07:00 +01:00
peci
perf
Merge tag 'riscv-for-linus-6.9-mw2' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux
2024-03-22 10:41:13 -07:00
phy
Merge tag 'usb-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
2024-03-21 12:35:20 -07:00
pinctrl
Merge tag 'kbuild-fixes-v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
2024-03-31 11:23:51 -07:00
platform
Merge tag 'char-misc-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
2024-03-21 13:21:31 -07:00
pmdomain
Merge tag 'pmdomain-v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm
2024-03-13 11:33:10 -07:00
pnp
power
Merge tag 'for-v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply
2024-03-14 10:19:48 -07:00
powercap
powercap: intel_rapl: Convert to platform remove callback returning void
2024-03-13 20:45:54 +01:00
pps
pps: use cflags-y instead of EXTRA_CFLAGS
2024-03-07 21:51:39 +00:00
ps3
ptp
Merge tag 'net-next-6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next
2024-03-12 17:44:08 -07:00
pwm
pwm: Fix setting period with #pwm-cells = <1> and of_pwm_single_xlate()
2024-03-29 13:50:10 +01:00
rapidio
ras
RAS: Avoid build errors when CONFIG_DEBUG_FS=n
2024-03-26 21:48:21 +01:00
regulator
Merge tag 'regulator-fix-v6.9-merge-window' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator
2024-03-22 09:52:37 -07:00
remoteproc
Merge tag 'rproc-v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/remoteproc/linux
2024-03-21 10:37:39 -07:00
reset
rpmsg
rtc
Merge tag 'rtc-6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux
2024-03-21 17:16:46 -07:00
s390
s390/ism: fix receive message buffer allocation
2024-04-08 11:55:45 +01:00
sbus
Merge tag 'sparc-for-6.9-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/alarsson/linux-sparc
2024-03-15 12:47:21 -07:00
scsi
scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload
2024-03-25 20:47:05 -04:00
sh
siox
Merge tag 'siox/for-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ukleinek/linux
2024-03-21 15:18:18 -07:00
slimbus
slimbus: core: make slimbus_bus const
2024-03-07 20:21:39 +00:00
soc
Merge tag 'net-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2024-03-21 14:50:39 -07:00
soundwire
Merge tag 'soundwire-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/soundwire
2024-03-15 12:22:52 -07:00
spi
Merge tag 'spi-fix-v6.9-merge-window' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi
2024-03-22 09:57:00 -07:00
spmi
ssb
staging
staging: vc04_services: fix information leak in create_component()
2024-03-25 19:10:01 +01:00
target
Merge branch '6.9/scsi-queue' into 6.9/scsi-fixes
2024-03-25 14:03:35 -04:00
tc
tee
Merge tag 'soc-drivers-6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
2024-03-12 10:35:24 -07:00
thermal
thermal: devfreq_cooling: Fix perf state when calculate dfc res_util
2024-03-27 16:27:39 +01:00
thunderbolt
Merge tag 'usb-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
2024-03-21 12:35:20 -07:00
tty
Merge tag 'tty-6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
2024-03-21 12:44:10 -07:00
ufs
Merge branch '6.9/scsi-queue' into 6.9/scsi-fixes
2024-03-25 14:03:35 -04:00
uio
Fix build errors due to new UIO_MEM_DMA_COHERENT mess
2024-03-27 09:48:47 -07:00
usb
USB: core: Fix deadlock in port "disable" sysfs attribute
2024-03-26 15:02:28 +01:00
vdpa
vDPA: report virtio-blk flush info to user space
2024-03-19 02:45:51 -04:00
vfio
Merge tag 'vfio-v6.9-rc1' of https://github.com/awilliam/linux-vfio
2024-03-15 13:21:13 -07:00
vhost
Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost
2024-03-19 08:57:39 -07:00
video
fbdev: Select I/O-memory framebuffer ops for SBus
2024-03-25 21:34:08 +01:00
virt
virt: efi_secret: Convert to platform remove callback returning void
2024-03-09 11:37:18 +01:00
virtio
virtio: packed: fix unmap leak for indirect desc table
2024-03-19 03:19:22 -04:00
w1
watchdog
Merge tag 'linux-watchdog-6.9-rc1' of git://www.linux-watchdog.org/linux-watchdog
2024-03-17 12:06:10 -07:00
xen
Merge tag 'for-linus-6.9-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip
2024-03-19 08:48:09 -07:00
zorro
Kconfig
Makefile
Revert "leds: Only descend into leds directory when CONFIG_NEW_LEDS is set"
2024-03-07 08:48:10 +00:00