iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs
History
Al Viro 1171ceccab protect the fetch of ->fd[fd] in do_dup2() from mispredictions 
commit 8aa37bde1a7b645816cda8b80df4753ecf172bf1 upstream.

both callers have verified that fd is not greater than ->max_fds;
however, misprediction might end up with
        tofree = fdt->fd[fd];
being speculatively executed.  That's wrong for the same reasons
why it's wrong in close_fd()/file_close_fd_locked(); the same
solution applies - array_index_nospec(fd, fdt->max_fds) could differ
from fd only in case of speculative execution on mispredicted path.

Cc: stable@vger.kernel.org
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-08-11 12:57:58 +02:00
..
9p
Two fixes headed to stable trees:
2024-05-29 09:25:15 -07:00
adfs
mm, slab: remove last vestiges of SLAB_MEM_SPREAD
2024-03-12 20:32:19 -07:00
affs
affs: remove SLAB_MEM_SPREAD flag usage
2024-02-26 11:36:28 +01:00
afs
afs: Convert comma to semicolon
2024-07-02 21:23:00 +02:00
autofs
dcache stuff for this cycle
2024-01-11 20:11:35 -08:00
bcachefs
bcachefs: bch2_gc_btree() should not use btree_root_lock
2024-07-11 20:10:55 -04:00
befs
mm, slab: remove last vestiges of SLAB_MEM_SPREAD
2024-03-12 20:32:19 -07:00
bfs
mm, slab: remove last vestiges of SLAB_MEM_SPREAD
2024-03-12 20:32:19 -07:00
btrfs
btrfs: make cow_file_range_inline() honor locked_page on error
2024-08-11 12:57:58 +02:00
cachefiles
Merge patch series "cachefiles: random bugfixes"
2024-07-05 18:40:40 +02:00
ceph
ceph: force sending a cap update msg back to MDS for revoke op
2024-08-11 12:57:57 +02:00
coda
mm, slab: remove last vestiges of SLAB_MEM_SPREAD
2024-03-12 20:32:19 -07:00
configfs
cramfs
use ->bd_mapping instead of ->bd_inode->i_mapping
2024-05-03 02:36:51 -04:00
crypto
The usual shower of singleton fixes and minor series all over MM,
2024-05-19 09:21:03 -07:00
debugfs
debugfs: continue to ignore unknown mount options
2024-05-28 14:32:42 +02:00
devpts
fs: Remove the now superfluous sentinel elements from ctl_table array
2023-12-28 04:57:57 -08:00
dlm
dlm: return -ENOMEM if ls_recover_buf fails
2024-04-23 16:08:55 -05:00
ecryptfs
hardening updates for 6.10-rc1
2024-05-13 14:14:05 -07:00
efivarfs
efi: Clear up misconceptions about a maximum variable name size
2024-04-13 10:33:02 +02:00
efs
efs: remove SLAB_MEM_SPREAD flag usage
2024-02-27 11:21:33 +01:00
erofs
erofs: fix race in z_erofs_get_gbuf()
2024-08-03 09:00:45 +02:00
exfat
exfat: fix potential deadlock on __exfat_get_dentry_set
2024-08-03 09:00:30 +02:00
exportfs
fs: Create a generic is_dot_dotdot() utility
2024-01-23 10:58:56 -05:00
ext2
ext2: Verify bitmap and itable block numbers before using them
2024-08-03 09:00:34 +02:00
ext4
ext4: check the extent status again before inserting delalloc block
2024-08-11 12:57:47 +02:00
f2fs
f2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid
2024-08-11 12:57:47 +02:00
fat
fs: add kernel-doc comments to fat_parse_long()
2024-04-25 21:07:02 -07:00
freevxfs
freevxfs: Convert freevxfs to the new mount API.
2024-03-26 09:04:53 +01:00
fuse
fuse: verify {g,u}id mount options correctly
2024-08-03 09:00:32 +02:00
gfs2
bd_inode series
2024-05-21 09:51:42 -07:00
hfs
hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode()
2024-08-03 09:00:34 +02:00
hfsplus
hfsplus: fix to avoid false alarm of circular locking
2024-08-03 08:59:11 +02:00
hostfs
hostfs: fix dev_t handling
2024-08-03 09:00:45 +02:00
hpfs
mm, slab: remove last vestiges of SLAB_MEM_SPREAD
2024-03-12 20:32:19 -07:00
hugetlbfs
The usual shower of singleton fixes and minor series all over MM,
2024-05-19 09:21:03 -07:00
iomap
iomap: Fix iomap_adjust_read_range for plen calculation
2024-06-05 17:27:03 +02:00
isofs
isofs: Use *-y instead of *-objs in Makefile
2024-05-09 18:09:57 +02:00
jbd2
jbd2: avoid infinite transaction commit loop
2024-08-03 09:00:40 +02:00
jffs2
This pull request contains the following changes for JFFS2:
2024-05-25 13:23:42 -07:00
jfs
jfs: Fix array-index-out-of-bounds in diFree
2024-08-03 09:00:59 +02:00
kernfs
kernfs: mount: Remove unnecessary ‘NULL’ values from knparent
2024-05-04 19:02:39 +02:00
lockd
lockd: host: Remove unnecessary statements'host = NULL;'
2024-05-06 09:07:20 -04:00
minix
minixfs: Fix minixfs_rename with HIGHMEM
2024-07-10 07:15:36 +02:00
netfs
netfs: Fix writeback that needs to go to both server and cache
2024-08-03 09:01:02 +02:00
nfs
nfs: pass explicit offset/count to trace events
2024-08-03 09:00:05 +02:00
nfs_common
nfsd
NFSD: Support write delegations in LAYOUTGET
2024-08-03 09:00:32 +02:00
nilfs2
nilfs2: handle inconsistent state in nilfs_btnode_create_block()
2024-08-03 09:00:47 +02:00
nls
notify
Revert "fanotify: remove unneeded sub-zero check for unsigned value"
2024-05-20 12:43:58 -07:00
ntfs3
fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed
2024-08-03 09:00:45 +02:00
ocfs2
ocfs2: add bounds checking to ocfs2_check_dir_entry()
2024-07-27 11:40:32 +02:00
omfs
openpromfs
openpromfs: finish conversion to the new mount API
2024-03-26 09:04:54 +01:00
orangefs
orangefs: fix out-of-bounds fsid access
2024-05-14 17:44:14 -07:00
overlayfs
ovl: fix encoding fid for lower only root
2024-06-14 10:30:40 +02:00
proc
sysctl: always initialize i_uid/i_gid
2024-08-03 09:00:34 +02:00
pstore
pstore/zone: Don't clear memory twice
2024-03-09 12:33:22 -08:00
qnx4
mm, slab: remove last vestiges of SLAB_MEM_SPREAD
2024-03-12 20:32:19 -07:00
qnx6
qnx6: convert qnx6 to use the new mount api
2024-03-26 09:04:53 +01:00
quota
quota: fix to propagate error of mark_dquot_dirty() to caller
2024-04-12 14:52:29 +02:00
ramfs
mm: switch mm->get_unmapped_area() to a flag
2024-04-25 20:56:25 -07:00
reiserfs
getting rid of bogus set_blocksize() uses, switching it
2024-05-21 08:34:51 -07:00
romfs
fs,block: yield devices early
2024-03-27 13:17:15 +01:00
smb
cifs: mount with "unix" mount option for SMB1 incorrectly handled
2024-08-03 09:00:36 +02:00
squashfs
Mainly singleton patches, documented in their respective changelogs.
2024-05-19 14:02:03 -07:00
sysfs
Merge 6.9-rc5 into driver-core-next
2024-04-23 13:27:43 +02:00
sysv
sysv: remove SLAB_MEM_SPREAD flag usage
2024-02-27 11:21:31 +01:00
tracefs
eventfs: Do not use attributes for events directory
2024-05-23 09:31:50 -04:00
ubifs
This pull request contains updates for UBI and UBIFS:
2024-03-21 15:09:29 -07:00
udf
udf: Avoid using corrupted block bitmap buffer
2024-08-03 09:00:36 +02:00
ufs
mm, slab: remove last vestiges of SLAB_MEM_SPREAD
2024-03-12 20:32:19 -07:00
unicode
kbuild: use $(src) instead of $(srctree)/$(src) for source directory
2024-05-10 04:34:52 +09:00
vboxsf
vboxsf: explicitly deny setlease attempts
2024-04-03 16:06:39 +02:00
verity
fsverity: use register_sysctl_init() to avoid kmemleak warning
2024-05-03 08:30:58 -07:00
xfs
xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs
2024-06-26 14:29:25 +05:30
zonefs
zonefs: Use str_plural() to fix Coccinelle warning
2024-04-10 07:23:47 +09:00
aio.c
Assorted commits that had missed the last merge window...
2024-05-21 13:11:44 -07:00
anon_inodes.c
fs: Create anon_inode_getfile_fmode()
2024-04-26 10:33:05 +02:00
attr.c
lsm/stable-6.9 PR 20240312
2024-03-12 20:03:34 -07:00
backing-file.c
ovl: implement tmpfile
2024-05-02 20:35:57 +02:00
bad_inode.c
binfmt_elf_fdpic.c
binfmt_elf_fdpic: fix /proc/<pid>/auxv
2024-04-24 15:55:28 -07:00
binfmt_elf_test.c
binfmt_elf.c
Mainly singleton patches, documented in their respective changelogs.
2024-05-19 14:02:03 -07:00
binfmt_flat.c
binfmt_misc.c
execve updates for v6.7-rc1
2023-10-30 19:28:19 -10:00
binfmt_script.c
buffer.c
bd_inode series
2024-05-21 09:51:42 -07:00
char_dev.c
As usual, lots of singleton and doubleton patches all over the tree and
2023-11-02 20:53:31 -10:00
compat_binfmt_elf.c
coredump.c
virtio: features, fixes, cleanups
2024-05-23 12:04:36 -07:00
d_path.c
dax.c
dax: use huge_zero_folio
2024-04-25 20:56:20 -07:00
dcache.c
vfs-6.10-rc8.fixes
2024-07-11 09:03:28 -07:00
direct-io.c
fs/direct-io: remove redundant assignment to variable retval
2024-04-11 10:21:24 +02:00
drop_caches.c
eventfd.c
eventfd: strictly check the count parameter of eventfd_write to avoid inputting illegal strings
2024-02-08 10:12:26 +01:00
eventpoll.c
epoll: be better about file lifetimes
2024-05-05 14:00:48 -07:00
exec.c
The usual shower of singleton fixes and minor series all over MM,
2024-05-19 09:21:03 -07:00
fcntl.c
fcntl: add F_DUPFD_QUERY fcntl()
2024-05-10 08:26:31 +02:00
fhandle.c
fs: Annotate struct file_handle with __counted_by() and use struct_size()
2024-04-05 15:53:47 +02:00
file_table.c
lsm/stable-6.9 PR 20240312
2024-03-12 20:03:34 -07:00
file.c
protect the fetch of ->fd[fd] in do_dup2() from mispredictions
2024-08-11 12:57:58 +02:00
filesystems.c
fs_context.c
fs_parser.c
__fs_parse: Correct a documentation comment
2024-02-02 13:11:50 +01:00
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c
fs/writeback: remove unnecessary return in writeback_inodes_sb
2024-04-05 15:53:45 +02:00
fsopen.c
init.c
inode.c
bcachefs updates for 6.9
2024-03-15 09:00:09 -07:00
internal.h
ovl: implement tmpfile
2024-05-02 20:35:57 +02:00
ioctl.c
fs/ioctl: Add a comment to keep the logic in sync with LSM policies
2024-05-13 06:58:35 +02:00
Kconfig
- Sumanth Korikkar has taught s390 to allocate hotplug-time page frames
2024-03-14 17:43:30 -07:00
Kconfig.binfmt
kernel_read_file.c
libfs.c
shmem: Fix shmem_rename2()
2024-04-17 13:49:44 +02:00
locks.c
filelock: Fix fcntl/close race recovery compat path
2024-07-27 11:40:36 +02:00
Makefile
vfs-6.9.pidfd
2024-03-11 10:21:06 -07:00
mbcache.c
vfs: remove SLAB_MEM_SPREAD flag usage
2024-02-27 11:21:31 +01:00
mnt_idmapping.c
fs/mnt_idmapping.c: Return -EINVAL when no map is written
2024-02-08 10:12:37 +01:00
mount.h
mounts: keep list of mounts in an rbtree
2023-11-18 14:56:16 +01:00
mpage.c
block, fs: Restore the per-bio/request data lifetime fields
2024-02-06 14:31:05 +01:00
namei.c
vfs: generate FS_CREATE before FS_OPEN when ->atomic_open used.
2024-06-18 16:26:09 +02:00
namespace.c
fs: relax mount_setattr() permission checks
2024-02-07 21:16:29 +01:00
nsfs.c
pidfs: remove config option
2024-03-13 12:53:53 -07:00
open.c
vfs-6.10-rc7.fixes
2024-07-01 09:22:08 -07:00
pidfs.c
fs/pidfs: make 'lsof' happy with our inode changes
2024-05-21 08:08:00 -07:00
pipe.c
fs/pipe: Convert to lockdep_cmp_fn
2024-02-02 13:11:49 +01:00
pnode.c
mounts: keep list of mounts in an rbtree
2023-11-18 14:56:16 +01:00
pnode.h
posix_acl.c
lsm/stable-6.9 PR 20240312
2024-03-12 20:03:34 -07:00
proc_namespace.c
namespace: extract show_path() helper
2023-11-18 14:56:16 +01:00
read_write.c
Assorted commits that had missed the last merge window...
2024-05-21 13:11:44 -07:00
readdir.c
fsnotify: optionally pass access range in file permission hooks
2023-12-12 16:20:02 +01:00
remap_range.c
vfs: export remap and write check helpers
2024-04-15 14:54:13 -07:00
select.c
fs/select: rework stack allocation hack for clang
2024-02-20 09:23:52 +01:00
seq_file.c
seq_file: Simplify __seq_puts()
2024-05-02 16:28:20 +02:00
signalfd.c
signalfd: drop an obsolete comment
2024-05-24 13:34:07 +02:00
splice.c
remove call_{read,write}_iter() functions
2024-04-15 16:03:25 -04:00
stack.c
stat.c
statx: stx_subvol
2024-03-26 09:01:18 +01:00
statfs.c
super.c
fs: don't allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT
2024-08-03 09:01:09 +02:00
sync.c
sysctls.c
fs: Remove the now superfluous sentinel elements from ctl_table array
2023-12-28 04:57:57 -08:00
timerfd.c
timerfd: convert to ->read_iter()
2024-04-10 16:23:02 -06:00
userfaultfd.c
Fix userfaultfd_api to return EINVAL as expected
2024-07-03 22:40:36 -07:00
utimes.c
xattr.c
evm: Move to LSM infrastructure
2024-02-15 23:43:47 -05:00