Piteball
/
android_kernel_samsung_msm8976
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/kernel
History
Thomas Gleixner 7116a83411 posix-timer: Properly check sigevent->sigev_notify 
commit cef31d9af908243421258f1df35a4a644604efbe upstream.

timer_create() specifies via sigevent->sigev_notify the signal delivery for
the new timer. The valid modes are SIGEV_NONE, SIGEV_SIGNAL, SIGEV_THREAD
and (SIGEV_SIGNAL | SIGEV_THREAD_ID).

The sanity check in good_sigevent() is only checking the valid combination
for the SIGEV_THREAD_ID bit, i.e. SIGEV_SIGNAL, but if SIGEV_THREAD_ID is
not set it accepts any random value.

This has no real effects on the posix timer and signal delivery code, but
it affects show_timer() which handles the output of /proc/$PID/timers. That
function uses a string array to pretty print sigev_notify. The access to
that array has no bound checks, so random sigev_notify cause access beyond
the array bounds.

Add proper checks for the valid notify modes and remove the SIGEV_THREAD_ID
masking from various code pathes as SIGEV_NONE can never be set in
combination with SIGEV_THREAD_ID.

Reported-by: Eric Biggers <ebiggers3@gmail.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Reported-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: John Stultz <john.stultz@linaro.org>
[bwh: Backported to 3.16:
 - Add sig_none variable in common_timer_get(), added earlier upstream
 - Adjust filename, context]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
 		2019-07-27 21:46:18 +02:00
..
cpu idle: add a check for need_resched() after rcu_idle_enter 2016-10-03 20:28:27 -07:00
debug
events perf/core: Fix group {cpu,task} validation 2019-07-27 21:45:02 +02:00
gcov
irq This is the 3.10.99 stable release 2017-04-18 17:17:46 +02:00
locking Import latest Samsung release 2017-04-18 03:43:52 +02:00
power PM / sleep: fix device reference leak in test_suspend 2019-07-27 21:42:48 +02:00
rcu rcu: Don't disable CPU hotplug during OOM notifiers 2016-01-06 23:11:06 -08:00
sched sched/topology: Fix overlapping sched_group_mask 2019-07-27 21:45:20 +02:00
time alarmtimer: Rate limit periodic intervals 2019-07-27 21:44:49 +02:00
trace tracing: Fix trace_pipe behavior for instance traces 2019-07-27 21:45:52 +02:00
.gitignore
Kconfig.freezer
Kconfig.hz
Kconfig.locks Import latest Samsung release 2017-04-18 03:43:52 +02:00
Kconfig.preempt
Makefile UPSTREAM: KEYS: Separate the kernel signature checking keyring from module signing 2016-05-18 14:36:10 +05:30
acct.c
async.c
audit.c audit: Partially remove Samsung changes 2018-02-06 13:12:28 +01:00
audit.h Import latest Samsung release 2017-04-18 03:43:52 +02:00
audit_tree.c
audit_watch.c audit: Fix use after free in audit_remove_watch_rule() 2019-07-27 21:45:01 +02:00
auditfilter.c
auditsc.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
backtracetest.c
bounds.c
capability.c
cgroup.c cgroup: prefer %pK to %p 2016-12-06 09:24:09 -08:00
cgroup_freezer.c
compat.c
configs.c
context_tracking.c
cpu.c cpu: send KOBJ_ONLINE event when enabling cpus 2017-07-24 01:09:04 -07:00
cpu_pm.c
cpuset.c cpuset: PF_SPREAD_PAGE and PF_SPREAD_SLAB should be atomic flags 2019-07-27 21:44:59 +02:00
crash_dump.c
cred.c
delayacct.c
dma.c
elfcore.c
exec_domain.c ANDROID: exec_domains: Disable request_module() call for personalities 2016-05-18 14:34:40 +05:30
exit.c kernel: Only expose su when daemon is running 2017-05-15 14:43:52 +00:00
extable.c kernel/extable.c: mark core_kernel_text notrace 2019-07-27 21:44:25 +02:00
fork.c mm: migrate: prevent racy access to tlb_flush_pending 2019-07-27 21:45:21 +02:00
freezer.c
futex.c futex: Add missing error handling to FUTEX_REQUEUE_PI 2019-07-27 21:44:02 +02:00
futex_compat.c ptrace: use fsuid, fsgid, effective creds for fs access checks 2016-02-25 11:57:47 -08:00
groups.c kernel: make groups_sort calling a responsibility group_info allocators 2019-07-27 21:46:18 +02:00
hrtimer.c time: Remove CONFIG_TIMER_STATS 2017-04-22 23:02:59 +02:00
hung_task.c
irq_work.c irq_work: Remove BUG_ON in irq_work_run() 2016-01-07 00:42:12 -08:00
itimer.c
jump_label.c
kallsyms.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
kcmp.c ptrace: use fsuid, fsgid, effective creds for fs access checks 2016-02-25 11:57:47 -08:00
kexec.c
kmod.c
kprobes.c
ksysfs.c
kthread.c kthread: Fix the race condition when kthread is parked 2015-06-04 17:43:41 -07:00
latencytop.c
modsign_pubkey.c
module-internal.h UPSTREAM: KEYS: Separate the kernel signature checking keyring from module signing 2016-05-18 14:36:10 +05:30
module.c module: Invalidate signatures on force-loaded modules 2019-07-27 21:42:00 +02:00
module_signing.c UPSTREAM: KEYS: Separate the kernel signature checking keyring from module signing 2016-05-18 14:36:10 +05:30
notifier.c
nsproxy.c
padata.c padata: avoid race in reordering 2019-07-27 21:44:05 +02:00
panic.c printk: do cond_resched() between lines while outputting to consoles 2019-07-27 21:41:46 +02:00
params.c kernel/params.c: align add_sysfs_param documentation with code 2019-07-27 21:45:35 +02:00
pid.c BACKPORT: FROMLIST: pids: make task_tgid_nr_ns() safe 2018-05-26 00:39:33 +02:00
pid_namespace.c
posix-cpu-timers.c
posix-timers.c posix-timer: Properly check sigevent->sigev_notify 2019-07-27 21:46:18 +02:00
printk.c printk: use rcuidle console tracepoint 2019-07-27 21:44:09 +02:00
profile.c
ptrace.c ptrace: change __ptrace_unlink() to clear ->ptrace under ->siglock 2019-07-27 21:45:46 +02:00
range.c
relay.c
res_counter.c
resource.c This is the 3.10.99 stable release 2017-04-18 17:17:46 +02:00
seccomp.c UPSTREAM: seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO 2016-05-18 14:36:06 +05:30
signal.c signal: Only reschedule timers on signals timers have sent 2019-07-27 21:44:51 +02:00
smp.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
smpboot.c
smpboot.h
softirq.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
stacktrace.c
stop_machine.c
sys.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
sys_ni.c
sysctl.c sched/sysctl: Check user input value of sysctl_sched_time_avg 2019-07-27 21:45:34 +02:00
sysctl_binary.c
system_certificates.S UPSTREAM: KEYS: Separate the kernel signature checking keyring from module signing 2016-05-18 14:36:10 +05:30
system_keyring.c UPSTREAM: KEYS: Separate the kernel signature checking keyring from module signing 2016-05-18 14:36:10 +05:30
task_work.c
taskstats.c
test_kprobes.c
time.c
timeconst.bc
timer.c timers: Use proper base migration in add_timer_on() 2019-07-27 21:42:23 +02:00
tracepoint.c
tsacct.c
uid16.c kernel: make groups_sort calling a responsibility group_info allocators 2019-07-27 21:46:18 +02:00
up.c
user-return-notifier.c
user.c
user_namespace.c UPSTREAM: capabilities: ambient capabilities 2018-02-06 13:12:16 +01:00
utsname.c
utsname_sysctl.c
watchdog.c
workqueue.c workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq 2019-07-27 21:45:23 +02:00
workqueue_internal.h