Piteball/android_kernel_samsung_msm8976
1
1
Fork 0
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git synced 2024-11-07 04:09:21 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/block
History
Jens Axboe dd4fb6fc5d genhd: check for int overflow in disk_expand_part_tbl() 
commit 5fabcb4c33fe11c7e3afdf805fde26c1a54d0953 upstream.

We can get here from blkdev_ioctl() -> blkpg_ioctl() -> add_partition()
with a user passed in partno value. If we pass in 0x7fffffff, the
new target in disk_expand_part_tbl() overflows the 'int' and we
access beyond the end of ptbl->part[] and even write to it when we
do the rcu_assign_pointer() to assign the new partition.

Reported-by: David Ramos <daramos@stanford.edu>
Signed-off-by: Jens Axboe <axboe@fb.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2015-01-16 06:59:02 -08:00
..
partitions
blk-cgroup.c blkcg: don't call into policy draining if root_blkg is already gone 2014-09-17 09:04:02 -07:00
blk-cgroup.h
blk-core.c
blk-exec.c
blk-flush.c
blk-integrity.c
blk-ioc.c
blk-iopoll.c
blk-lib.c
blk-map.c
blk-merge.c
blk-settings.c block: fix alignment_offset math that assumes io_min is a power-of-2 2014-11-14 08:47:55 -08:00
blk-softirq.c
blk-sysfs.c
blk-tag.c block: don't assume last put of shared tags is for the host 2014-07-31 12:53:48 -07:00
blk-throttle.c
blk-timeout.c
blk.h
bsg-lib.c
bsg.c
cfq-iosched.c cfq-iosched: Fix wrong children_weight calculation 2014-10-05 14:54:08 -07:00
compat_ioctl.c block: provide compat ioctl for BLKZEROOUT 2014-07-31 12:53:48 -07:00
deadline-iosched.c
elevator.c
genhd.c genhd: check for int overflow in disk_expand_part_tbl() 2015-01-16 06:59:02 -08:00
ioctl.c
Kconfig
Kconfig.iosched
Makefile
noop-iosched.c
partition-generic.c block: Fix dev_t minor allocation lifetime 2014-10-05 14:54:12 -07:00
scsi_ioctl.c scsi: Fix error handling in SCSI_IOCTL_SEND_COMMAND 2014-11-14 08:47:59 -08:00