Piteball
/
android_kernel_samsung_msm8976
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/mm
History
Jann Horn 4f43178d45 swapfile: fix memory corruption via malformed swapfile 
commit dd111be69114cc867f8e826284559bfbc1c40e37 upstream.

When root activates a swap partition whose header has the wrong
endianness, nr_badpages elements of badpages are swabbed before
nr_badpages has been checked, leading to a buffer overrun of up to 8GB.

This normally is not a security issue because it can only be exploited
by root (more specifically, a process with CAP_SYS_ADMIN or the ability
to modify a swap file/partition), and such a process can already e.g.
modify swapped-out memory of any other userspace process on the system.

Link: http://lkml.kernel.org/r/1477949533-2509-1-git-send-email-jann@thejh.net
Signed-off-by: Jann Horn <jann@thejh.net>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Jerome Marchand <jmarchan@redhat.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Willy Tarreau <w@1wt.eu>
 		2019-07-27 21:42:14 +02:00
..
kasan kasan, module, vmalloc: rework shadow allocation for modules 2015-05-04 14:03:58 -07:00
Kconfig Import T813XXS2BRC2 kernel source changes 2018-05-26 00:39:42 +02:00
Kconfig.debug defconfig: 8994: enable CONFIG_DEBUG_SLUB_PANIC_ON 2014-10-21 14:00:18 -07:00
Makefile BACKPORT: mm/zpool: implement common zpool api to zbud/zsmalloc 2016-05-18 14:35:03 +05:30
backing-dev.c arch: Mass conversion of smp_mb__*() 2014-08-15 11:45:28 -07:00
balloon_compaction.c
bootmem.c
bounce.c
cleancache.c
compaction.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
debug-pagealloc.c mm/debug-pagealloc.c: print page physical address for 2015-08-23 23:19:22 -07:00
dmapool.c
early_ioremap.c mm: create generic early_ioremap() support 2014-08-15 11:45:23 -07:00
fadvise.c
failslab.c
filemap.c Import T813XXS2BRC2 kernel source changes 2018-05-26 00:39:42 +02:00
filemap_xip.c
fremap.c
frontswap.c mm: frontswap: invalidate expired data on a dup-store failure 2014-12-16 09:09:41 -08:00
highmem.c
huge_memory.c mm: numa: Do not mark PTEs pte_numa when splitting huge pages 2014-10-09 12:18:42 -07:00
hugetlb.c mm: hugetlbfs: skip shared VMAs when unmapping private pages to satisfy a fault 2015-10-22 14:37:50 -07:00
hugetlb_cgroup.c
hwpoison-inject.c
init-mm.c
internal.h mm: Enhance per process reclaim to consider shared pages 2015-04-16 10:14:27 -07:00
interval_tree.c
kmemcheck.c
kmemleak-test.c
kmemleak.c mm: kmemleak: allow safe memory scanning during kmemleak disabling 2015-06-22 10:47:32 +05:30
ksm.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
maccess.c
madvise.c mm: add a field to store names for private anonymous memory 2014-06-13 12:05:14 -07:00
memblock.c
memcontrol.c UPSTREAM: memcg: Only free spare array when readers are done 2016-05-18 14:36:06 +05:30
memory-failure.c This is the 3.10.98 stable release 2017-04-18 17:17:24 +02:00
memory.c mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED 2019-07-27 21:42:02 +02:00
memory_hotplug.c This is the 3.10.98 stable release 2017-04-18 17:17:24 +02:00
mempolicy.c mm/mempolicy.c: fix error handling in set_mempolicy and mbind. 2017-04-22 23:02:48 +02:00
mempool.c
memtest.c memtest: use phys_addr_t for physical addresses 2015-04-01 09:27:43 -07:00
migrate.c squash mm: Export migrate_page_... : also make it non-static 2019-07-27 21:42:00 +02:00
mincore.c
mlock.c mm: reorder can_do_mlock to fix audit denial 2015-09-16 18:20:13 +05:30
mm_init.c
mmap.c fs: Remove Samsung implementation of sdcardfs 2018-02-06 13:12:17 +01:00
mmu_context.c
mmu_notifier.c
mmzone.c
mprotect.c mm: add a field to store names for private anonymous memory 2014-06-13 12:05:14 -07:00
mremap.c mm, thp: close race between mremap() and split_huge_page() 2014-06-07 13:25:31 -07:00
msync.c
nobootmem.c
nommu.c This is the 3.10.73 stable release 2015-04-24 18:14:57 -07:00
oom_kill.c This is the 3.10.67 stable release 2015-04-24 18:04:40 -07:00
page-writeback.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
page_alloc.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
page_cgroup.c cgroup/kmemleak: add kmemleak_free() for cgroup deallocations. 2014-11-14 08:47:59 -08:00
page_io.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
page_isolation.c mm/page_alloc: Call kernel_map_pages in unset_migrateype_isolate 2015-03-19 11:34:36 -07:00
pageowner.c
pagewalk.c mm: pagewalk: call pte_hole() for VM_PFNMAP during walk_page_range 2015-02-11 14:48:16 +08:00
percpu-km.c
percpu-vm.c percpu: perform tlb flush after pcpu_map_pages() failure 2014-10-05 14:54:13 -07:00
percpu.c Revert "percpu: free percpu allocation info for uniprocessor system" 2014-11-14 08:47:53 -08:00
pgtable-generic.c
process_reclaim.c lowmemorykiller: Introduce sysfs node for ALMK and PPR adj threshold 2016-07-06 23:07:02 -07:00
process_vm_access.c ptrace: use fsuid, fsgid, effective creds for fs access checks 2016-02-25 11:57:47 -08:00
quicklist.c
readahead.c
rmap.c mm: Enhance per process reclaim to consider shared pages 2015-04-16 10:14:27 -07:00
shmem.c tmpfs: fix regression hang in fallocate undo 2019-07-27 21:41:47 +02:00
showmem.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
slab.c mm: slub: add kernel address sanitizer support for slub allocator 2015-05-04 14:03:56 -07:00
slab.h
slab_common.c mm: slub: add kernel address sanitizer support for slub allocator 2015-05-04 14:03:56 -07:00
slob.c
slub.c mm: slub: add kernel address sanitizer support for slub allocator 2015-05-04 14:03:56 -07:00
sparse-vmemmap.c
sparse.c
swap.c
swap_state.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
swapfile.c swapfile: fix memory corruption via malformed swapfile 2019-07-27 21:42:14 +02:00
truncate.c mm: Remove false WARN_ON from pagecache_isize_extended() 2014-11-14 08:48:00 -08:00
util.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
vmalloc.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
vmpressure.c mm: vmpressure: account allocstalls only on higher pressures 2015-08-25 18:34:09 -07:00
vmscan.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
vmstat.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
zbud.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
zpool.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
zsmalloc.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
zswap.c Import latest Samsung release 2017-04-18 03:43:52 +02:00