Ksawlii/kernel_samsung_a53x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
kernel_samsung_a53x/drivers/md
History
Matthew Mirvish c616241008 bcache: fix variable length array abuse in btree_iter 
[ Upstream commit 3a861560ccb35f2a4f0a4b8207fa7c2a35fc7f31 ]

btree_iter is used in two ways: either allocated on the stack with a
fixed size MAX_BSETS, or from a mempool with a dynamic size based on the
specific cache set. Previously, the struct had a fixed-length array of
size MAX_BSETS which was indexed out-of-bounds for the dynamically-sized
iterators, which causes UBSAN to complain.

This patch uses the same approach as in bcachefs's sort_iter and splits
the iterator into a btree_iter with a flexible array member and a
btree_iter_stack which embeds a btree_iter as well as a fixed-length
data array.

Cc: stable@vger.kernel.org
Closes: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2039368
Signed-off-by: Matthew Mirvish <matthew@mm12.xyz>
Signed-off-by: Coly Li <colyli@suse.de>
Link: https://lore.kernel.org/r/20240509011117.2697-3-colyli@suse.de
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-11-19 14:19:29 +01:00
..
bcache bcache: fix variable length array abuse in btree_iter 2024-11-19 14:19:29 +01:00
persistent-data Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
alta_bigdata.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-bio-prison-v1.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-bio-prison-v1.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-bio-prison-v2.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-bio-prison-v2.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-bio-record.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-bow.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-bufio.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-builtin.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-cache-background-tracker.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-cache-background-tracker.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-cache-block-types.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-cache-metadata.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-cache-metadata.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-cache-policy-internal.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-cache-policy-smq.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-cache-policy.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-cache-policy.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-cache-target.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-clone-metadata.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-clone-metadata.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-clone-target.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-core.h dm: limit the number of targets and parameter size area 2024-11-18 12:13:40 +01:00
dm-crypt.c dm-verity, dm-crypt: align "struct bvec_iter" correctly 2024-11-19 08:44:36 +01:00
dm-default-key.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-delay.c dm-delay: fix a race between delay_presuspend and delay_bio 2024-11-18 12:10:57 +01:00
dm-dust.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-ebs-target.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-era-target.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-exception-store.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-exception-store.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-flakey.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-historical-service-time.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-init.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-integrity.c dm integrity: fix out-of-range warning 2024-11-19 09:22:44 +01:00
dm-io.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-ioctl.c dm: limit the number of targets and parameter size area 2024-11-18 12:13:40 +01:00
dm-kcopyd.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-linear.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-log-userspace-base.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-log-userspace-transfer.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-log-userspace-transfer.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-log-writes.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-log.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-mpath.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-mpath.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-path-selector.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-path-selector.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-queue-length.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-raid.c dm-raid: fix lockdep waring in "pers->hot_add_disk" 2024-11-19 09:22:33 +01:00
dm-raid1.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-region-hash.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-round-robin.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-rq.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-rq.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-service-time.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-snap-persistent.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-snap-transient.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-snap.c dm snapshot: fix lockup in dm_exception_table_exit 2024-11-19 09:22:37 +01:00
dm-stats.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-stats.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-stripe.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-switch.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-sysfs.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-table.c dm: limit the number of targets and parameter size area 2024-11-18 12:13:40 +01:00
dm-target.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-thin-metadata.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-thin-metadata.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-thin.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-uevent.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-uevent.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-unstripe.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-user.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-verity-debug.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-verity-debug.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-verity-fec.c dm-verity: align struct dm_verity_fec_io properly 2024-11-18 12:11:08 +01:00
dm-verity-fec.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-verity-target.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-verity-verify-sig.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-verity-verify-sig.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-verity.h dm-verity, dm-crypt: align "struct bvec_iter" correctly 2024-11-19 08:44:36 +01:00
dm-writecache.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-zero.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-zoned-metadata.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-zoned-reclaim.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-zoned-target.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm-zoned.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dm.c dm: call the resume method on internal suspend 2024-11-19 08:44:50 +01:00
dm.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
Kconfig Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
Makefile Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
md-autodetect.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
md-bitmap.c md: fix resync softlockup when bitmap size is less than array size 2024-11-19 12:26:53 +01:00
md-bitmap.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
md-cluster.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
md-cluster.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
md-faulty.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
md-linear.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
md-linear.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
md-multipath.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
md-multipath.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
md.c md: fix kmemleak of rdev->serial 2024-11-19 11:32:49 +01:00
md.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid0.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid0.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid1-10.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid1.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid1.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid5-cache.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid5-log.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid5-ppl.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid5.c md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING 2024-11-19 12:27:16 +01:00
raid5.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid10.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raid10.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00