MIRRORS/linux-imx
1
0
Fork 0
mirror of https://github.com/nxp-imx/linux-imx.git synced 2026-01-27 12:35:36 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,227,739 Commits 163 Branches 4,308 Tags 3.3 GiB
C 97.6%
Assembly 1.1%
Shell 0.5%
Makefile 0.3%
Python 0.2%
136a29d811
Go to file
Li Nan 136a29d811 ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() 
[ Upstream commit e58f5142f8 ]

When two UBLK_CMD_START_USER_RECOVERY commands are submitted, the
first one sets 'ubq->ubq_daemon' to NULL, and the second one triggers
WARN in ublk_queue_reinit() and subsequently a NULL pointer dereference
issue.

Fix it by adding the check in ublk_ctrl_start_recovery() and return
immediately in case of zero 'ub->nr_queues_ready'.

  BUG: kernel NULL pointer dereference, address: 0000000000000028
  RIP: 0010:ublk_ctrl_start_recovery.constprop.0+0x82/0x180
  Call Trace:
   <TASK>
   ? __die+0x20/0x70
   ? page_fault_oops+0x75/0x170
   ? exc_page_fault+0x64/0x140
   ? asm_exc_page_fault+0x22/0x30
   ? ublk_ctrl_start_recovery.constprop.0+0x82/0x180
   ublk_ctrl_uring_cmd+0x4f7/0x6c0
   ? pick_next_task_idle+0x26/0x40
   io_uring_cmd+0x9a/0x1b0
   io_issue_sqe+0x193/0x3f0
   io_wq_submit_work+0x9b/0x390
   io_worker_handle_work+0x165/0x360
   io_wq_worker+0xcb/0x2f0
   ? finish_task_switch.isra.0+0x203/0x290
   ? finish_task_switch.isra.0+0x203/0x290
   ? __pfx_io_wq_worker+0x10/0x10
   ret_from_fork+0x2d/0x50
   ? __pfx_io_wq_worker+0x10/0x10
   ret_from_fork_asm+0x1a/0x30
   </TASK>

Fixes: c732a852b4 ("ublk_drv: add START_USER_RECOVERY and END_USER_RECOVERY support")
Reported-and-tested-by: Changhui Zhong <czhong@redhat.com>
Closes: https://lore.kernel.org/all/CAGVVp+UvLiS+bhNXV-h2icwX1dyybbYHeQUuH7RYqUvMQf6N3w@mail.gmail.com
Reviewed-by: Ming Lei <ming.lei@redhat.com>
Signed-off-by: Li Nan <linan122@huawei.com>
Link: https://lore.kernel.org/r/20240904031348.4139545-1-ming.lei@redhat.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-09-12 11:11:45 +02:00
arch riscv: Do not restrict memory size because of linear mapping on nommu 2024-09-12 11:11:45 +02:00
block block: remove the blk_flush_integrity call in blk_integrity_unregister 2024-09-08 07:54:47 +02:00
certs certs: Reference revocation list for all keyrings 2023-08-17 20:12:41 +00:00
crypto crypto: aead,cipher - zeroize key buffer after use 2024-07-11 12:49:04 +02:00
Documentation hwspinlock: Introduce hwspin_lock_bust() 2024-09-08 07:54:43 +02:00
drivers ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() 2024-09-12 11:11:45 +02:00
fs smb: client: fix double put of @cfile in smb2_rename_path() 2024-09-12 11:11:44 +02:00
include drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes 2024-09-12 11:11:43 +02:00
init rust: fix the default format for CONFIG_{RUSTC,BINDGEN}_VERSION_TEXT 2024-08-29 17:33:29 +02:00
io_uring io_uring: fix io_match_task must_hold 2024-08-03 08:54:41 +02:00
ipc sysctl: treewide: drop unused argument ctl_table_root::set_ownership(table) 2024-08-11 12:47:13 +02:00
kernel workqueue: Improve scalability of workqueue watchdog touch 2024-09-12 11:11:42 +02:00
lib lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() 2024-09-12 11:11:39 +02:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
mm Revert "mm: skip CMA pages when they are not available" 2024-09-12 11:11:42 +02:00
net tcp: process the 3rd ACK with sk_socket for TFO/MPTCP 2024-09-12 11:11:40 +02:00
rust rust: kbuild: fix export of bss symbols 2024-09-12 11:11:32 +02:00
samples bpf: Replace bpf_lpm_trie_key 0-length array with flexible array 2024-08-19 06:04:27 +02:00
scripts rust: work around bindgen 0.69.0 issue 2024-08-29 17:33:29 +02:00
security smack: unix sockets: fix accept()ed socket label 2024-09-12 11:11:29 +02:00
sound ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode 2024-09-12 11:11:44 +02:00
tools kselftests: dmabuf-heaps: Ensure the driver name is null-terminated 2024-09-12 11:11:38 +02:00
usr initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP 2023-06-06 17:54:49 +09:00
virt KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() 2024-06-27 13:49:11 +02:00
.clang-format iommu: Add for_each_group_device() 2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore kbuild: rpm-pkg: rename binkernel.spec to kernel.spec 2023-07-25 00:59:33 +09:00
.mailmap 20 hotfixes. 12 are cc:stable and the remainder address post-6.5 issues 2023-10-24 09:52:16 -10:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS USB: Remove Wireless USB and UWB documentation 2023-08-09 14:17:32 +02:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS pwm: Rename pwm_apply_state() to pwm_apply_might_sleep() 2024-06-12 11:12:24 +02:00
Makefile Linux 6.6.50 2024-09-08 07:54:49 +02:00
README

README

Linux kernel

There are several guides for kernel developers and users. These guides can be rendered in a number of formats, like HTML and PDF. Please read Documentation/admin-guide/README.rst first.

In order to build the documentation, use make htmldocs or make pdfdocs. The formatted documentation can also be read online at:

https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory, several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the requirements for building and running the kernel, and information about the problems which may result by upgrading your kernel.