Ksawlii/kernel_samsung_a53x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
kernel_samsung_a53x/drivers
History
Hagar Gamal Halim Hemdan 140bbed30a vmci: prevent speculation leaks by sanitizing event in event_deliver() 
commit 8003f00d895310d409b2bf9ef907c56b42a4e0f4 upstream.

Coverity spotted that event_msg is controlled by user-space,
event_msg->event_data.event is passed to event_deliver() and used
as an index without sanitization.

This change ensures that the event index is sanitized to mitigate any
possibility of speculative information leaks.

This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.

Only compile tested, no access to HW.

Fixes: 1d990201f9bb ("VMCI: event handling implementation.")
Cc: stable <stable@kernel.org>
Signed-off-by: Hagar Gamal Halim Hemdan <hagarhem@amazon.com>
Link: https://lore.kernel.org/stable/20231127193533.46174-1-hagarhem%40amazon.com
Link: https://lore.kernel.org/r/20240430085916.4753-1-hagarhem@amazon.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-11-19 14:19:04 +01:00
..
accessibility speakup: Fix sizeof() vs ARRAY_SIZE() bug 2024-11-19 12:26:51 +01:00
acpi ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx 2024-11-19 12:27:13 +01:00
amba Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
android binder: check offset alignment in binder_get_object() 2024-11-19 11:32:22 +01:00
ata ata: pata_legacy: make legacy_exit() work again 2024-11-19 12:27:13 +01:00
atm atm: idt77252: fix a memleak in open_card_ubr0 2024-11-18 12:13:24 +01:00
auxdisplay Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
base drivers: core: synchronize really_probe() and dev_uevent() 2024-11-19 14:19:04 +01:00
battery drivers: battery_v2: sec_battery: export {CURRENT/VOLTAGE}_MAX to sysfs 2024-11-17 17:43:14 +01:00
bcma Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
block null_blk: Print correct max open zones limit in null_init_zoned_dev() 2024-11-19 14:19:00 +01:00
bluetooth Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 2024-11-19 11:32:38 +01:00
bts Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
bus bus: tegra-aconnect: Update dependency to ARCH_TEGRA 2024-11-19 08:44:45 +01:00
cdrom Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
char ppdev: Add an error check in register_device 2024-11-19 12:27:04 +01:00
clk clk: qcom: mmcc-msm8998: fix venus clock issue 2024-11-19 12:26:59 +01:00
clocksource clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware 2024-11-18 11:43:12 +01:00
connector Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
counter counter: microchip-tcb-capture: Fix the use of internal GCLK logic 2024-11-08 11:25:51 +01:00
cpufreq cpufreq: exit() callback is optional 2024-11-19 12:26:54 +01:00
cpuidle Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
crypto crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak 2024-11-19 12:27:18 +01:00
dax Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dca Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
devfreq PM / devfreq: Fix buffer overflow in trans_stat_show 2024-11-19 11:32:38 +01:00
dio Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dma dmaengine: idma64: Add check for dma_set_max_seg_size 2024-11-19 12:27:00 +01:00
dma-buf dma-buf/sw-sync: don't enable IRQ from sync_print_obj() 2024-11-19 12:27:10 +01:00
edac EDAC/thunderx: Fix possible out-of-bounds string access 2024-11-18 12:12:19 +01:00
eisa Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
extcon extcon: max8997: select IRQ_DOMAIN instead of depending on it 2024-11-19 12:27:04 +01:00
fingerprint Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
firewire firewire: nosy: ensure user_length is taken into account when fetching packet contents 2024-11-19 11:32:46 +01:00
firmware firmware: dmi-id: add a release callback function 2024-11-19 12:27:01 +01:00
fpga fpga: region: add owner module and take its refcount 2024-11-19 12:27:04 +01:00
fsi Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
gnss Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
gpio gpio: tqmx86: store IRQ trigger type and unmask status separately 2024-11-19 14:19:03 +01:00
gpu drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found 2024-11-19 14:19:04 +01:00
greybus Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
gud Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
hid HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() 2024-11-19 14:19:03 +01:00
hsi Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
hv Drivers: hv: vmbus: Drop error message when 'No request id available' 2024-11-18 23:19:53 +01:00
hwmon hwmon: (shtc1) Fix property misspelling 2024-11-19 12:27:11 +01:00
hwspinlock Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
hwtracing intel_th: pci: Add Meteor Lake-S CPU support 2024-11-19 12:27:18 +01:00
i2c i2c: smbus: fix NULL function pointer dereference 2024-11-19 11:32:40 +01:00
i3c i3c: master: cdns: Update maximum prescaler value for i2c clock 2024-11-18 12:13:19 +01:00
ide Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
idle Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ifconn Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
iio iio: imu: inv_icm42600: delete unneeded update watermark call 2024-11-19 14:19:04 +01:00
infiniband RDMA/hns: Fix CQ and QP cache affinity 2024-11-19 12:27:20 +01:00
input Input: try trimming too long modalias strings 2024-11-19 14:19:02 +01:00
interconnect interconnect: Treat xlate() returning NULL node as an error 2024-11-18 12:12:00 +01:00
iommu iommu/amd: Fix sysfs leak in iommu init 2024-11-19 14:19:03 +01:00
ipack Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
irqchip irqchip/loongson-pch-msi: Fix off-by-one on allocation error path 2024-11-19 12:26:54 +01:00
isdn Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
kperfmon Kperfmon: add xyunbound version 2024-06-15 16:28:49 -03:00
kq/mesh Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
leds leds: sgm3140: Add missing timer cleanup and flash gpio control 2024-11-19 08:44:56 +01:00
lightnvm Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
macintosh macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" 2024-11-19 12:26:55 +01:00
mailbox mailbox: imx: fix suspend failue 2024-11-19 11:32:20 +01:00
mcb mcb: fix error handling for different scenarios when parsing 2024-11-18 11:43:25 +01:00
md md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING 2024-11-19 12:27:16 +01:00
media Revert "media: cec: core: avoid confusing "transmit timed out" message" 2024-11-19 14:03:20 +01:00
memory Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
memstick Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
message Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
mfd mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref 2024-11-19 08:44:54 +01:00
misc vmci: prevent speculation leaks by sanitizing event in event_deliver() 2024-11-19 14:19:04 +01:00
mmc mmc: davinci: Don't strip remove function when driver is builtin 2024-11-19 14:19:01 +01:00
most Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
mtd mtd: rawnand: hynix: fixed typo 2024-11-19 12:26:57 +01:00
muic Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
mux Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
net ionic: fix use after netif_napi_del() 2024-11-19 14:19:04 +01:00
nfc NFC: trf7970a: disable all regulators on removal 2024-11-19 11:32:37 +01:00
ntb Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
nubus Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
nvdimm nd_btt: Make BTT lanes preemptible 2024-11-18 11:43:03 +01:00
nvme nvmet: fix ns enable/disable possible hang 2024-11-19 12:27:10 +01:00
nvmem nvmem: meson-efuse: fix function pointer type mismatch 2024-11-19 09:22:34 +01:00
of of: dynamic: Synchronize of_changeset_destroy() with the devlink removals 2024-11-19 09:23:10 +01:00
opp OPP: debugfs: Fix warning around icc_get_name() 2024-11-19 08:44:49 +01:00
oprofile Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
parisc Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
parport parport: parport_serial: Add Brainboxes device IDs and geometry 2024-11-18 12:12:19 +01:00
pci PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 2024-11-19 12:27:04 +01:00
pcmcia pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() 2024-11-18 11:43:06 +01:00
perf perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7 2024-11-08 11:24:52 +01:00
phy phy: tegra: xusb: Add API to retrieve the port number of phy 2024-11-19 09:22:34 +01:00
pinctrl pinctrl: core: handle radix_tree_insert() errors in pinctrl_register_one_pin() 2024-11-19 12:26:38 +01:00
platform platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet 2024-11-19 09:23:14 +01:00
pnp PNP: ACPI: fix fortify warning 2024-11-18 12:13:09 +01:00
power power: rt9455: hide unused rt9455_boost_voltage_values 2024-11-19 11:32:42 +01:00
powercap Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
pps Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ps3 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ptp ptp: Fix error message on failed pin verification 2024-11-19 14:19:01 +01:00
pwm pwm: jz4740: Don't use dev_err_probe() in .request() 2024-11-18 12:12:47 +01:00
rapidio Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ras Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
regulator regulator: bd71828: Don't overwrite runtime voltages 2024-11-19 12:27:09 +01:00
remoteproc remoteproc: stm32: fix phys_addr_t format string 2024-11-19 08:45:00 +01:00
reset reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning 2024-11-18 12:12:16 +01:00
rpmsg rpmsg: virtio: Free driver_override when rpmsg_remove() 2024-11-18 12:12:56 +01:00
rtc rtc: mt6397: select IRQ_DOMAIN instead of depending on it 2024-11-19 08:44:58 +01:00
s390 s390/ap: Fix crash in AP internal function modify_bitmap() 2024-11-19 12:27:19 +01:00
samsung Fix clang 16 errors treewide 2024-06-15 16:28:48 -03:00
sbus Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
scsi scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory 2024-11-19 14:19:02 +01:00
sensorhub treewide: fix build errors 2024-06-15 16:21:17 -03:00
sensors Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
sfi Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
sh Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
siox Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
slimbus slimbus: core: Remove usage of the deprecated ida_simple_xx() API 2024-11-19 09:22:34 +01:00
soc soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE 2024-11-19 12:26:52 +01:00
soundwire soundwire: cadence: fix invalid PDI offset 2024-11-19 12:27:00 +01:00
spi spi: stm32: Don't warn about spurious interrupts 2024-11-19 12:27:10 +01:00
spmi Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
spu_verify Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ssb Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
staging greybus: arche-ctrl: move device table to its right location 2024-11-19 12:27:01 +01:00
sti Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
target scsi: target: Fix SELinux error when systemd-modules loads the target module 2024-11-19 11:32:44 +01:00
tc Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
tee tee: optee: Fix kernel panic caused by incorrect error handling 2024-11-19 09:22:39 +01:00
thermal thermal: core: prevent potential string overflow 2024-11-18 11:42:50 +01:00
thunderbolt thunderbolt: Fix wake configurations after device unplug 2024-11-19 11:32:22 +01:00
tty serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler 2024-11-19 14:19:01 +01:00
uh Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
uio uio: Fix use-after-free in uio_open 2024-11-18 12:12:19 +01:00
usb xhci: Apply broken streams quirk to Etron EJ188 xHCI host 2024-11-19 14:19:02 +01:00
vdpa Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
vfio vfio/fsl-mc: Block calling interrupt handler without trigger 2024-11-19 09:22:45 +01:00
vhost vhost: Add smp_rmb() in vhost_vq_avail_empty() 2024-11-19 11:32:20 +01:00
vibrator Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
video fbdev: savage: Handle err return when savagefb_check_var failed 2024-11-19 12:27:18 +01:00
virt Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
virtio virtio: delete vq in vp_find_vqs_msix() when request_irq() fails 2024-11-19 12:27:09 +01:00
vision Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
vision3 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
visorbus Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
vlynq Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
vme Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
w1 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
watchdog watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin 2024-11-19 12:27:18 +01:00
xen xen/events: close evtchn after mapping cleanup 2024-11-19 09:22:39 +01:00
zorro Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
Kconfig drivers: add stub kperfmon 2024-06-15 16:28:49 -03:00
Kconfig.variant1 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
Makefile drivers: add stub kperfmon 2024-06-15 16:28:49 -03:00
Makefile.variant1 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00