iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/drivers
History
Alexey Kardashevskiy f705528094 vfio_pci: Test for extended capabilities if config space > 256 bytes 
PCI-Express spec says that reading 4 bytes at offset 100h should return
zero if there is no extended capability so VFIO reads this dword to
know if there are extended capabilities.

However it is not always possible to access the extended space so
generic PCI code in pci_cfg_space_size_ext() checks if
pci_read_config_dword() can read beyond 100h and if the check fails,
it sets the config space size to 100h.

VFIO does its own extended capabilities check by reading at offset 100h
which may produce 0xffffffff which VFIO treats as the extended config
space presense and calls vfio_ecap_init() which fails to parse
capabilities (which is expected) but right before the exit, it writes
zero at offset 100h which is beyond the buffer allocated for
vdev->vconfig (which is 256 bytes) which leads to random memory
corruption.

This makes VFIO only check for the extended capabilities if
the discovered config size is more than 256 bytes.

Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2016-05-19 15:04:40 -06:00
..
accessibility
acpi
Merge branch 'acpi-processor'
2016-04-02 01:17:36 +02:00
amba
android
ata
Merge branch 'for-4.6' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata
2016-03-18 20:06:46 -07:00
atm
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
2016-03-17 21:38:27 -07:00
auxdisplay
base
PM / wakeirq: fix wakeirq setting after wakup re-configuration from sysfs
2016-04-07 22:23:47 +02:00
bcma
bcma: fix building without OF_IRQ
2016-03-23 17:52:10 +02:00
block
Merge branch 'for-linus' of git://git.kernel.dk/linux-block
2016-04-15 15:44:10 -07:00
bluetooth
bus
mvebu fixes for 4.6 (part 1)
2016-04-12 12:35:07 -07:00
cdrom
char
hwrng: bcm63xx - fix device tree compilation
2016-04-05 20:23:11 +08:00
clk
clk: qcom: ipq4019: add some fixed clocks for ddrppl and fepll
2016-03-29 16:31:16 -07:00
clocksource
Merge branches 'perf-urgent-for-linus', 'smp-urgent-for-linus' and 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2016-04-23 11:45:52 -07:00
connector
cpufreq
Merge branch 'pm-cpufreq-fixes'
2016-04-21 20:57:46 +02:00
cpuidle
cpuidle: menu: Fall back to polling if next timer event is near
2016-03-21 15:50:28 +01:00
crypto
crypto: ccp - Prevent information leakage on export
2016-04-15 22:13:56 +08:00
dca
devfreq
PM / devfreq: Spelling s/frequnecy/frequency/
2016-03-17 02:30:16 +01:00
dio
dma
Merge branch 'fix/edma' into fixes
2016-04-16 22:52:03 +05:30
dma-buf
dma-buf: Update docs for SYNC ioctl
2016-03-21 09:26:45 +01:00
edac
x86 EDAC, sb_edac.c: Take account of channel hashing when needed
2016-04-22 10:10:01 +02:00
eisa
extcon
extcon: palmas: Drop stray IRQF_EARLY_RESUME flag
2016-04-04 08:32:45 +09:00
firewire
IEEE 1394 subsystem patch:
2016-03-25 08:52:25 -07:00
firmware
Merge branch 'efi-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2016-04-16 15:37:05 -07:00
fmc
fpga
gpio
gpio: pca953x: Use correct u16 value for register word write
2016-04-08 11:49:47 +02:00
gpu
Merge branch 'drm-fixes-4.6' of git://people.freedesktop.org/~agd5f/linux into drm-fixes
2016-04-22 10:39:26 +10:00
hid
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid
2016-04-11 12:31:09 -07:00
hsi
hv
Char/Misc patches for 4.6-rc1
2016-03-17 13:47:50 -07:00
hwmon
hwmon: (max1111) Return -ENODEV from max1111_read_channel if not instantiated
2016-03-27 10:37:48 -07:00
hwspinlock
hwtracing
i2c
i2c: jz4780: really prevent potential division by zero
2016-04-09 08:36:44 +02:00
ide
ide: palm_bk3710: test clock rate to avoid division by 0
2016-03-20 16:59:27 -04:00
idle
intel_idle: Add KBL support
2016-04-07 22:11:08 +02:00
iio
Second set of IIO fixes for the 4.6 cycle.
2016-04-04 13:45:10 -07:00
infiniband
Revert "ib_srpt: Convert to percpu_ida tag allocation"
2016-04-07 18:16:20 -07:00
input
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
2016-04-23 11:04:26 -07:00
iommu
iommu/arm-smmu: Don't allocate resources for bypass domains
2016-04-21 16:47:32 +02:00
ipack
irqchip
irqchip/mips-gic: Don't overrun pcpu_masks array
2016-04-21 21:04:29 +02:00
isdn
mISDN: Fixing missing validation in base_sock_bind()
2016-04-13 23:00:50 -04:00
leds
platform-drivers-x86 for 4.6-1
2016-03-23 17:20:59 -07:00
lguest
lguest, x86/entry/32: Fix handling of guest syscalls using interrupt gates
2016-04-01 08:58:13 +02:00
lightnvm
lightnvm: do not load L2P table if not supported
2016-03-18 18:10:38 -07:00
macintosh
mailbox
Merge branch 'mailbox-devel' of git://git.linaro.org/landing-teams/working/fujitsu/integration
2016-04-14 18:40:47 -07:00
mcb
md
dm cache metadata: fix cmd_read_lock() acquiring write lock
2016-04-17 11:24:46 -04:00
media
media fixes for v4.6-rc2
2016-04-05 06:47:50 -07:00
memory
MTD updates for v4.6
2016-03-24 19:57:15 -07:00
memstick
drivers/memstick/host/r592.c: avoid gcc-6 warning
2016-03-25 16:37:42 -07:00
message
mfd
- New Drivers
2016-03-18 10:15:11 -07:00
misc
lkdtm: do not leak free page on kmalloc failure
2016-04-06 16:22:25 -07:00
mmc
mmc: tegra: Disable UHS-I modes for Tegra124
2016-04-14 11:40:01 +02:00
mtd
One MTD fix for v4.6-rc4:
2016-04-15 15:25:09 -07:00
net
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-04-21 12:57:34 -07:00
nfc
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2016-03-19 10:05:34 -07:00
ntb
NTB: Remove _addr functions from ntb_hw_amd
2016-03-26 11:44:33 -04:00
nubus
nvdimm
libnvdimm, pmem: clarify the write+clear_poison+write flow
2016-04-15 14:59:41 -06:00
nvme
NVMe: Always use MSI/MSI-x interrupts
2016-04-14 14:04:50 -06:00
nvmem
of
DeviceTree updates for 4.6:
2016-03-19 15:15:07 -07:00
oprofile
mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
2016-04-04 10:41:08 -07:00
parisc
PCI changes for the v4.6 merge window:
2016-03-16 14:45:55 -07:00
parport
pci
PCI updates for v4.6:
2016-04-18 19:52:47 -07:00
pcmcia
pcmcia: db1xxx_ss: fix last irq_to_gpio user
2016-03-29 22:48:53 +02:00
perf
drivers/perf: arm-pmu: fix RCU usage on pmu resume from low-power
2016-04-21 15:03:06 +01:00
phy
phy: rockchip-emmc: should be a child device of the GRF
2016-04-13 18:33:05 +05:30
pinctrl
pinctrl: single: Fix pcs_parse_bits_in_pinctrl_entry to use __ffs than ffs
2016-04-15 11:26:55 +02:00
platform
platform-drivers-x86 for 4.6-2
2016-04-21 08:23:59 -07:00
pnp
power
Power management and ACPI material for v4.6-rc1, part 2
2016-03-25 16:55:37 -07:00
powercap
powercap: intel_rapl: Add missing Haswell model
2016-04-05 03:44:48 +02:00
pps
ps3
ptp
Merge branch 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2016-03-15 12:13:56 -07:00
pwm
pwm: fsl-ftm: Use flat regmap cache
2016-04-14 16:54:00 +02:00
rapidio
Convert straggling drivers to new six-argument get_user_pages()
2016-04-02 18:35:05 -05:00
ras
regulator
- New Drivers
2016-03-18 10:15:11 -07:00
remoteproc
remoteproc: st: fix check of syscon_regmap_lookup_by_phandle() return value
2016-03-28 16:19:00 -07:00
reset
rpmsg
rtc
rtc: ds1307: Use irq when available for wakeup-source device
2016-04-21 23:21:00 +02:00
s390
s390/dcssblk: fix possible deadlock in remove vs. per-device attributes
2016-04-15 18:01:44 +02:00
sbus
scsi
SCSI fixes on 20160408
2016-04-09 12:00:42 -07:00
sfi
sh
sn
soc
ARM: SoC driver updates for v4.6
2016-03-20 15:40:32 -07:00
spi
Merge remote-tracking branches 'spi/fix/omap2' and 'spi/fix/rockchip' into spi-linus
2016-04-04 10:05:49 -07:00
spmi
ssb
staging
Staging / IIO driver fixes for 4.6-rc3
2016-04-09 12:09:37 -07:00
target
target: add a new add_wwn_groups fabrics method
2016-03-30 20:06:44 -07:00
tc
thermal
thermal: fix Mediatek thermal controller build
2016-04-20 21:13:21 -07:00
thunderbolt
tty
Serial fixes for 4.6-rc6
2016-04-23 11:13:46 -07:00
uio
usb
usb: gadget: f_fs: Fix use-after-free
2016-04-20 10:38:06 +03:00
uwb
vfio
vfio_pci: Test for extended capabilities if config space > 256 bytes
2016-05-19 15:04:40 -06:00
vhost
Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending
2016-03-22 12:41:14 -07:00
video
omapfb: panel-sharp-ls037v7dw01: fix check of gpio_to_desc() return value
2016-04-18 12:18:37 +03:00
virt
virtio
virtio: virtio 1.0 cs04 spec compliance for reset
2016-04-07 15:16:39 +03:00
vlynq
vme
w1
watchdog
hpwdt: use nmi_panic() when kernel panics in NMI handler
2016-03-22 15:36:02 -07:00
xen
xen/events: Mask a moving irq
2016-04-04 11:18:00 +01:00
zorro
Kconfig
Makefile