Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/block
History
Jens Axboe 45fdc587f1 genhd: check for int overflow in disk_expand_part_tbl() 
commit 5fabcb4c33fe11c7e3afdf805fde26c1a54d0953 upstream.

We can get here from blkdev_ioctl() -> blkpg_ioctl() -> add_partition()
with a user passed in partno value. If we pass in 0x7fffffff, the
new target in disk_expand_part_tbl() overflows the 'int' and we
access beyond the end of ptbl->part[] and even write to it when we
do the rcu_assign_pointer() to assign the new partition.

Reported-by: David Ramos <daramos@stanford.edu>
Signed-off-by: Jens Axboe <axboe@fb.com>
Signed-off-by: Zefan Li <lizefan@huawei.com>
2015-04-14 17:33:42 +08:00
..
partitions LDM: Fix reassembly of extended VBLKs. 2012-02-24 09:37:42 +00:00
blk-cgroup.c Merge branch 'for-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup 2012-03-20 18:11:21 -07:00
blk-cgroup.h
blk-core.c blktrace: fix accounting of partially completed requests 2014-05-18 05:25:55 -07:00
blk-exec.c block: Don't access request after it might be freed 2014-03-11 16:10:06 -07:00
blk-flush.c
blk-integrity.c
blk-ioc.c block: fix ioc leak in put_io_context 2012-03-14 15:34:48 +01:00
blk-iopoll.c
blk-lib.c block: add cond_resched() to potentially long running ioctl discard loop 2014-02-22 10:32:46 -08:00
blk-map.c
blk-merge.c block: separate out blk_rq_merge_ok() and blk_try_merge() from elevator functions 2012-02-08 09:19:38 +01:00
blk-settings.c block: fix alignment_offset math that assumes io_min is a power-of-2 2015-02-02 17:04:48 +08:00
blk-softirq.c sched, block: Unify cache detection 2012-01-27 13:28:48 +01:00
blk-sysfs.c block: avoid using uninitialized value in from queue_var_store 2013-04-12 09:38:46 -07:00
blk-tag.c block: don't assume last put of shared tags is for the host 2014-07-31 12:54:51 -07:00
blk-throttle.c block: use lockdep_assert_held for queue locking 2012-03-30 12:33:28 +02:00
blk-timeout.c block: fix race between request completion and timeout handling 2013-11-29 10:50:35 -08:00
blk.h Merge branch 'linus' into sched/core 2012-03-01 10:26:43 +01:00
bsg-lib.c
bsg.c bsg: fix sysfs link remove warning 2012-02-08 20:02:03 +01:00
cfq-iosched.c block: Make cfq_target_latency tunable through sysfs. 2012-04-01 14:33:39 -07:00
cfq.h
compat_ioctl.c
deadline-iosched.c
elevator.c elevator: acquire q->sysfs_lock in elevator_change() 2013-12-08 07:29:43 -08:00
genhd.c genhd: check for int overflow in disk_expand_part_tbl() 2015-04-14 17:33:42 +08:00
ioctl.c
Kconfig
Kconfig.iosched
Makefile
noop-iosched.c
partition-generic.c block: Fix dev_t minor allocation lifetime 2014-12-01 18:02:26 +08:00
scsi_ioctl.c scsi: Fix error handling in SCSI_IOCTL_SEND_COMMAND 2015-02-02 17:05:03 +08:00