iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,067,285 Commits 104 Branches 1,843 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Zack Rusin 899e154f95 drm/vmwgfx: Fix possible null pointer derefence with invalid contexts 
[ Upstream commit 517621b7060096e48e42f545fa6646fc00252eac ]

vmw_context_cotable can return either an error or a null pointer and its
usage sometimes went unchecked. Subsequent code would then try to access
either a null pointer or an error value.

The invalid dereferences were only possible with malformed userspace
apps which never properly initialized the rendering contexts.

Check the results of vmw_context_cotable to fix the invalid derefs.

Thanks:
ziming zhang(@ezrak1e) from Ant Group Light-Year Security Lab
who was the first person to discover it.
Niels De Graef who reported it and helped to track down the poc.

Fixes: 9c079b8ce8bf ("drm/vmwgfx: Adapt execbuf to the new validation api")
Cc: <stable@vger.kernel.org> # v4.20+
Reported-by: Niels De Graef  <ndegraef@redhat.com>
Signed-off-by: Zack Rusin <zack.rusin@broadcom.com>
Cc: Martin Krastev <martin.krastev@broadcom.com>
Cc: Maaz Mombasawala <maaz.mombasawala@broadcom.com>
Cc: Ian Forbes <ian.forbes@broadcom.com>
Cc: Broadcom internal kernel review list <bcm-kernel-feedback-list@broadcom.com>
Cc: dri-devel@lists.freedesktop.org
Reviewed-by: Maaz Mombasawala <maaz.mombasawala@broadcom.com>
Reviewed-by: Martin Krastev <martin.krastev@broadcom.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20240110200305.94086-1-zack.rusin@broadcom.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-04-10 16:18:34 +02:00
arch
arm: dts: marvell: Fix maxium->maxim typo in brownstone dts
2024-04-10 16:18:34 +02:00
block
block: sed-opal: handle empty atoms when parsing response
2024-03-26 18:21:13 -04:00
certs
certs/blacklist_hashes.c: fix const confusion in certs blacklist
2022-06-22 14:22:01 +02:00
crypto
crypto: api - Disallow identical driver names
2024-02-23 08:54:23 +01:00
Documentation
x86/cpu: Support AMD Automatic IBRS
2024-04-10 16:18:33 +02:00
drivers
drm/vmwgfx: Fix possible null pointer derefence with invalid contexts
2024-04-10 16:18:34 +02:00
fs
afs: Revert "afs: Hide silly-rename files from userspace"
2024-03-26 18:21:34 -04:00
include
timers: Rename del_timer_sync() to timer_delete_sync()
2024-04-10 16:18:33 +02:00
init
modules: wait do_free_init correctly
2024-03-26 18:21:31 -04:00
io_uring
io_uring: don't save/restore iowait state
2024-03-26 18:21:35 -04:00
ipc
ipc/sem: Fix dangling sem_array access in semtimedop race
2022-12-08 11:28:45 +01:00
kernel
timers: Rename del_timer_sync() to timer_delete_sync()
2024-04-10 16:18:33 +02:00
lib
net: blackhole_dev: fix build warning for ethh set but not used
2024-03-26 18:21:18 -04:00
LICENSES
LICENSES/dual/CC-BY-4.0: Git rid of "smart quotes"
2021-07-15 06:31:24 -06:00
mm
userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb
2024-03-01 13:21:43 +01:00
net
net: report RCU QS on threaded NAPI repolling
2024-03-26 18:21:37 -04:00
samples
samples/hw_breakpoint: fix building without module unloading
2023-09-23 11:10:01 +02:00
scripts
kconfig: fix infinite loop when expanding a macro at the end of file
2024-03-26 18:21:34 -04:00
security
smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()
2024-04-10 16:18:34 +02:00
sound
ALSA: usb-audio: Stop parsing channels bits when all channels are found.
2024-03-26 18:21:32 -04:00
tools
perf stat: Avoid metric-only segv
2024-03-26 18:21:27 -04:00
usr
usr/include/Makefile: add linux/nfc.h to the compile-test coverage
2022-02-01 17:27:15 +01:00
virt
KVM: Grab a reference to KVM for VM and vCPU stats file descriptors
2023-08-03 10:22:40 +02:00
.clang-format
clang-format: Update with the latest for_each macro list
2021-05-12 23:32:39 +02:00
.cocciconfig
.get_maintainer.ignore
Opt out of scripts/get_maintainer.pl
2019-05-16 10:53:40 -07:00
.gitattributes
.gitattributes: use 'dts' diff driver for dts files
2019-12-04 19:44:11 -08:00
.gitignore
.gitignore: ignore only top-level modules.builtin
2021-05-02 00:43:35 +09:00
.mailmap
mailmap: add Andrej Shadura
2021-10-18 20:22:03 -10:00
COPYING
COPYING: state that all contributions really are covered by this file
2020-02-10 13:32:20 -08:00
CREDITS
MAINTAINERS: Move Daniel Drake to credits
2021-09-21 08:34:58 +03:00
Kbuild
kbuild: rename hostprogs-y/always to hostprogs/always-y
2020-02-04 01:53:07 +09:00
Kconfig
kbuild: ensure full rebuild when the compiler is updated
2020-05-12 13:28:33 +09:00
MAINTAINERS
iio: stx104: Move to addac subdirectory
2023-08-26 14:23:27 +02:00
Makefile
Linux 5.15.153
2024-03-26 18:23:03 -04:00
README
Drop all 00-INDEX files from Documentation/
2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Description
No description provided
Readme 5.7 GiB
Languages
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%