MIRRORS/linux-imx
1
0
Fork 0
mirror of https://github.com/nxp-imx/linux-imx.git synced 2026-01-27 12:35:36 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
6ec7cbc7f5
linux-imx/drivers
History
Nikita Zhandarovich 86238603c8 drm/i915/guc: prevent a possible int overflow in wq offsets 
[ Upstream commit d3d37f7468 ]

It may be possible for the sum of the values derived from
i915_ggtt_offset() and __get_parent_scratch_offset()/
i915_ggtt_offset() to go over the u32 limit before being assigned
to wq offsets of u64 type.

Mitigate these issues by expanding one of the right operands
to u64 to avoid any overflow issues just in case.

Found by Linux Verification Center (linuxtesting.org) with static
analysis tool SVACE.

Fixes: c2aa552ff0 ("drm/i915/guc: Add multi-lrc context registration")
Cc: Matthew Brost <matthew.brost@intel.com>
Cc: John Harrison <John.C.Harrison@Intel.com>
Signed-off-by: Nikita Zhandarovich <n.zhandarovich@fintech.ru>
Link: https://patchwork.freedesktop.org/patch/msgid/20240725155925.14707-1-n.zhandarovich@fintech.ru
Reviewed-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
Signed-off-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
(cherry picked from commit 1f1c1bd56620b80ae407c5790743e17caad69cec)
Signed-off-by: Tvrtko Ursulin <tursulin@ursulin.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-09-18 19:24:10 +02:00
..
accel accel/habanalabs/gaudi2: unsecure edma max outstanding register 2024-09-12 11:11:29 +02:00
accessibility
acpi ACPI: processor: Fix memory leaks in error paths of processor_add() 2024-09-12 11:11:42 +02:00
amba
android binder: fix UAF caused by offsets overwrite 2024-09-12 11:11:41 +02:00
ata ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf 2024-09-12 11:11:43 +02:00
atm atm: idt77252: prevent use after free in dequeue_rx() 2024-08-29 17:33:18 +02:00
auxdisplay auxdisplay: ht16k33: Drop reference after LED registration 2024-08-03 08:54:39 +02:00
base regmap: maple: work around gcc-14.1 false-positive warning 2024-09-12 11:11:38 +02:00
bcma
block ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() 2024-09-12 11:11:45 +02:00
bluetooth Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() 2024-09-12 11:11:38 +02:00
bus
cache
cdrom cdrom: rearrange last_media_change check to avoid unintentional overflow 2024-07-11 12:49:10 +02:00
cdx
char char: xillybus: Check USB endpoints when probing device 2024-08-29 17:33:11 +02:00
clk clk: qcom: gcc-sm8550: Don't park the USB RCG at registration time 2024-09-12 11:11:44 +02:00
clocksource clocksource/drivers/timer-of: Remove percpu irq related code 2024-09-12 11:11:42 +02:00
comedi
connector
counter counter: ti-eqep: enable clock at probe 2024-07-05 09:33:56 +02:00
cpufreq cpufreq: amd-pstate: fix the highest frequency issue which limits performance 2024-09-12 11:11:40 +02:00
cpuidle
crypto crypto: starfive - Fix nent assignment in rsa dec 2024-09-12 11:11:43 +02:00
cxl cxl/core: Fix incorrect vendor debug UUID define 2024-09-18 19:24:07 +02:00
dax
dca
devfreq
dio
dma dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor 2024-09-08 07:54:46 +02:00
dma-buf dma-buf: heaps: Fix off-by-one in CMA heap fault handler 2024-09-18 19:24:09 +02:00
edac EDAC/skx_common: Allow decoding of SGX addresses 2024-08-29 17:33:41 +02:00
eisa
extcon extcon: max8997: select IRQ_DOMAIN instead of depending on it 2024-06-12 11:12:27 +02:00
firewire
firmware firmware: cs_dsp: Don't allow writes to read-only controls 2024-09-12 11:11:35 +02:00
fpga fpga: region: add owner module and take its refcount 2024-06-12 11:12:23 +02:00
fsi
gnss
gpio gpio: modepin: Enable module autoloading 2024-09-12 11:11:44 +02:00
gpu drm/i915/guc: prevent a possible int overflow in wq offsets 2024-09-18 19:24:10 +02:00
greybus greybus: Fix use-after-free bug in gb_interface_release due to race condition. 2024-06-21 14:38:48 +02:00
hid HID: multitouch: Add support for GT7868Q 2024-09-18 19:24:05 +02:00
hsi
hte
hv Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic 2024-09-12 11:11:41 +02:00
hwmon hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >= 1.2 2024-09-18 19:24:07 +02:00
hwspinlock hwspinlock: Introduce hwspin_lock_bust() 2024-09-08 07:54:43 +02:00
hwtracing coresight: Fix ref leak when of_coresight_parse_endpoint() fails 2024-08-03 08:53:57 +02:00
i2c i2c: stm32f7: Add atomic_xfer method to driver 2024-08-29 17:33:42 +02:00
i3c i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup 2024-09-12 11:11:38 +02:00
idle
iio iio: adc: ad7124: fix DT configuration parsing 2024-09-18 19:24:04 +02:00
infiniband IB/mlx5: Rename 400G_8X speed to comply to naming convention 2024-09-18 19:24:08 +02:00
input Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table 2024-09-18 19:24:06 +02:00
interconnect interconnect: qcom: qcm2290: Fix mas_snoc_bimc RPM master ID 2024-08-03 08:53:58 +02:00
iommu iommu/vt-d: Handle volatile descriptor status read 2024-09-12 11:11:35 +02:00
ipack
irqchip irqchip/armada-370-xp: Do not allow mapping IRQ 0 and 1 2024-09-12 11:11:29 +02:00
isdn mISDN: fix MISDN_TIME_STAMP handling 2024-08-19 06:04:28 +02:00
leds leds: spi-byte: Call of_node_put() on error path 2024-09-12 11:11:30 +02:00
macintosh macintosh/therm_windtunnel: fix module unload. 2024-08-03 08:54:02 +02:00
mailbox
mcb
md dm-integrity: fix a race condition when accessing recalc_sector 2024-09-18 19:24:07 +02:00
media media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse 2024-09-12 11:11:31 +02:00
memory memory: stm32-fmc2-ebi: check regmap_read return value 2024-08-29 17:33:36 +02:00
memstick
message
mfd mfd: omap-usb-tll: Use struct_size to allocate tll 2024-08-03 08:53:54 +02:00
misc eeprom: digsy_mtc: Fix 93xx46 driver probe failure 2024-09-18 19:24:07 +02:00
mmc mmc: cqhci: Fix checking of CQHCI_HALT state 2024-09-12 11:11:26 +02:00
most
mtd ubi: eba: properly rollback inside self_check_eba 2024-08-03 08:54:23 +02:00
mux
net net: dpaa: Pad packets to ETH_ZLEN 2024-09-18 19:24:09 +02:00
nfc nfc: pn533: Add poll mod list filling check 2024-09-04 13:28:28 +02:00
ntb
nubus
nvdimm
nvme nvme-pci: allocate tagset on reset if necessary 2024-09-12 11:11:44 +02:00
nvmem nvmem: u-boot-env: error if NVMEM device is too small 2024-09-18 19:24:04 +02:00
of of/irq: Prevent device address out-of-bounds read in interrupt map walk 2024-09-12 11:11:39 +02:00
opp OPP: ti: Fix ti_opp_supply_probe wrong return values 2024-08-03 08:53:27 +02:00
parisc Revert "change alloc_pages name in dma_map_ops to avoid name conflicts" 2024-09-04 13:28:24 +02:00
parport dev/parport: fix the array out-of-bounds risk 2024-08-03 08:54:22 +02:00
pci PCI: Add missing bridge lock to pci_bus_lock() 2024-09-12 11:11:38 +02:00
pcmcia pcmcia: Use resource_size function on resource object 2024-09-12 11:11:31 +02:00
peci
perf perf: riscv: Fix selecting counters in legacy mode 2024-08-11 12:47:23 +02:00
phy phy: zynqmp: Take the phy mutex in xlate 2024-09-12 11:11:35 +02:00
pinctrl pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register 2024-09-04 13:28:23 +02:00
platform platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array 2024-09-18 19:24:06 +02:00
pmdomain pmdomain: imx: wait SSAR when i.MX93 power domain on 2024-08-29 17:33:54 +02:00
pnp
power soc: qcom: pmic_glink: Fix race during initialization 2024-09-04 13:28:28 +02:00
powercap
pps
ps3
ptp ptp: fix integer overflow in max_vclocks_store 2024-06-27 13:49:07 +02:00
pwm pwm: atmel-tcb: Fix race condition and convert to guards 2024-08-03 08:53:23 +02:00
rapidio
ras
regulator regulator: bd71815: fix ramp values 2024-06-27 13:49:09 +02:00
remoteproc remoteproc: imx_rproc: Fix refcount mistake in imx_rproc_addr_init 2024-08-03 08:54:31 +02:00
reset
rpmsg
rtc rtc: nct3018y: fix possible NULL dereference 2024-08-29 17:33:39 +02:00
s390 Revert "s390/dasd: Establish DMA alignment" 2024-08-29 17:33:59 +02:00
sbus
scsi scsi: pm80xx: Set phy->enable_completion only when we wait for it 2024-09-12 11:11:36 +02:00
sh
siox
slimbus
soc soc: qcom: smem: Add qcom_smem_bust_hwspin_lock_by_host() 2024-09-08 07:54:43 +02:00
soundwire soundwire: stream: Revert "soundwire: stream: fix programming slave ports for non-continous port maps" 2024-09-18 19:24:09 +02:00
spi spi: geni-qcom: Fix incorrect free_irq() sequence 2024-09-18 19:24:10 +02:00
spmi spmi: hisi-spmi-controller: Do not override device identifier 2024-06-21 14:38:40 +02:00
ssb ssb: Fix division by zero issue in ssb_calc_clock_rate 2024-08-29 17:33:22 +02:00
staging minmax: reduce min/max macro expansion in atomisp driver 2024-09-18 19:24:07 +02:00
target
tc
tee tee: optee: ffa: Fix missing-field-initializers warning 2024-07-25 09:50:53 +02:00
thermal thermal: of: Fix OF node leak in of_thermal_zone_find() error paths 2024-09-04 13:28:22 +02:00
thunderbolt thunderbolt: Mark XDomain as unplugged when router is removed 2024-08-29 17:33:12 +02:00
tty tty: atmel_serial: use the correct RTS flag. 2024-08-29 17:33:10 +02:00
ufs scsi: ufs: core: Remove SCSI host only if added 2024-09-12 11:11:36 +02:00
uio Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic 2024-09-12 11:11:41 +02:00
usb usb: dwc3: Avoid waking up gadget during startxfer 2024-09-12 11:11:41 +02:00
vdpa vduse: Temporarily fail if control queue feature requested 2024-07-05 09:33:50 +02:00
vfio vfio/spapr: Always clear TCEs before unsetting the window 2024-09-12 11:11:31 +02:00
vhost vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler 2024-08-14 13:58:55 +02:00
video fbdev: vesafb: Detect VGA compatibility from screen info's VESA attributes 2024-08-11 12:47:16 +02:00
virt drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() 2024-06-12 11:12:09 +02:00
virtio virtio_ring: fix KMSAN error for premapped mode 2024-09-12 11:11:36 +02:00
vlynq
w1
watchdog watchdog: rzg2l_wdt: Check return status of pm_runtime_put() 2024-08-03 08:54:35 +02:00
xen xen: privcmd: Fix possible access to a freed kirqfd instance 2024-09-12 11:11:35 +02:00
zorro
Kconfig
Makefile