bybrooklyn/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-15 06:03:19 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
be855252ebce0d4402fd7abccf58806f12947b64
linux/drivers
History
Leon Romanovsky be855252eb RDMA/mlx5: Fix multiple NULL-ptr deref errors in rereg_mr flow 
commit b4bd701ac4 upstream.

Failure in rereg MR releases UMEM but leaves the MR to be destroyed
by the user. As a result the following scenario may happen:
"create MR -> rereg MR with failure -> call to rereg MR again" and
hit "NULL-ptr deref or user memory access" errors.

Ensure that rereg MR is only performed on a non-dead MR.

Cc: syzkaller <syzkaller@googlegroups.com>
Cc: <stable@vger.kernel.org> # 4.5
Fixes: 395a8e4c32 ("IB/mlx5: Refactoring register MR code")
Reported-by: Noa Osherovich <noaos@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-05-09 09:51:52 +02:00
..
accessibility
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
acpi
ACPI / button: make module loadable when booted in non-ACPI mode
2018-05-09 09:51:49 +02:00
amba
ARM: amba: Don't read past the end of sysfs "driver_override" buffer
2018-05-01 12:58:21 -07:00
android
ANDROID: binder: prevent transactions into own process.
2018-05-01 12:58:20 -07:00
ata
libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
2018-03-28 18:24:37 +02:00
atm
atm: horizon: Fix irq release error
2017-12-14 09:53:13 +01:00
auxdisplay
auxdisplay: img-ascii-lcd: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
2018-02-07 11:12:20 -08:00
base
PM / wakeirq: Fix unbalanced IRQ enable for wakeirq
2018-04-26 11:02:20 +02:00
bcma
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
block
block/swim: Fix IO error at end of medium
2018-04-29 11:33:17 +02:00
bluetooth
Bluetooth: hci_bcm: Treat Interrupt ACPI resources as always being active-low
2018-04-19 08:56:19 +02:00
bus
sunxi-rsb: Include OF based modalias in device uevent
2018-01-10 09:31:19 +01:00
cdrom
cdrom: information leak in cdrom_ioctl_media_changed()
2018-04-29 11:33:16 +02:00
char
virtio_console: reset on out of memory
2018-05-01 12:58:12 -07:00
clk
clk: bcm2835: De-assert/assert PLL reset signal when appropriate
2018-04-24 09:36:34 +02:00
clocksource
clocksource/imx-tpm: Correct -ETIME return condition check
2018-04-26 11:02:02 +02:00
connector
cpufreq
cpufreq: powernv: Fix hardlockup due to synchronous smp_call in timer interrupt
2018-05-01 12:58:24 -07:00
cpuidle
cpuidle: fix broadcast control when broadcast can not be entered
2017-12-25 14:26:30 +01:00
crypto
crypto: talitos - fix IPsec cipher in length
2018-05-09 09:51:49 +02:00
dax
dev/dax: fix uninitialized variable build warning
2017-12-20 10:10:34 +01:00
dca
devfreq
PM / devfreq: Fix potential NULL pointer dereference in governor_store
2018-04-12 12:32:13 +02:00
dio
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
dma
dmaengine: at_xdmac: fix rare residue corruption
2018-04-24 09:36:32 +02:00
dma-buf
dma-buf/fence: Fix lock inversion within dma-fence-array
2018-03-19 08:42:47 +01:00
edac
x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type
2018-04-19 08:56:20 +02:00
eisa
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
extcon
extcon: intel-cht-wc: Set direction and drv flags for V5 boost GPIO
2018-04-24 09:36:29 +02:00
firewire
firewire-ohci: work around oversized DMA reads on JMicron controllers
2018-04-26 11:02:03 +02:00
firmware
firmware: dmi_scan: Fix handling of empty DMI strings
2018-04-26 11:02:16 +02:00
fmc
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
fpga
fpga-manager: altera-ps-spi: preserve nCONFIG state
2018-05-01 12:58:24 -07:00
fsi
gpio
gpio: thunderx: fix error return code in thunderx_gpio_probe()
2018-04-12 12:32:20 +02:00
gpu
drm/i915: Enable display WA#1183 from its correct spot
2018-05-01 12:58:25 -07:00
hid
HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
2018-04-26 11:02:10 +02:00
hsi
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
hv
Drivers: hv: vmbus: do not mark HV_PCIE as perf_device
2018-04-19 08:56:16 +02:00
hwmon
hwmon: (ina2xx) Fix access to uninitialized mutex
2018-04-19 08:56:20 +02:00
hwspinlock
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
hwtracing
coresight: Fix disabling of CoreSight TPIU
2018-03-24 11:01:26 +01:00
i2c
i2c: i801: Restore configuration at shutdown
2018-04-24 09:36:27 +02:00
ide
ide: ide-atapi: fix compile error with defining macro DEBUG
2017-12-17 15:08:00 +01:00
idle
Revert "x86/mm: Stop calling leave_mm() in idle code"
2017-11-04 15:01:50 +01:00
iio
iio: imu: st_lsm6dsx: fix endianness in st_lsm6dsx_read_oneshot()
2018-03-28 18:24:49 +02:00
infiniband
RDMA/mlx5: Fix multiple NULL-ptr deref errors in rereg_mr flow
2018-05-09 09:51:52 +02:00
input
Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
2018-05-09 09:51:51 +02:00
iommu
iommu/vt-d: Use domain instead of cache fetching
2018-04-26 11:02:06 +02:00
ipack
irqchip
irqchip/gic-v3: Change pr_debug message to pr_devel
2018-04-26 11:02:21 +02:00
isdn
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
leds
leds: pm8058: Silence pointer to integer size warning
2018-03-19 08:42:50 +01:00
lightnvm
lightnvm: pblk: protect line bitmap while submitting meta io
2017-12-20 10:10:38 +01:00
macintosh
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
mailbox
mailbox: mailbox-test: don't rely on rx_buffer content to signal data ready
2017-12-14 09:53:12 +01:00
mcb
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
md
bcache: return attach error when no cache set exist
2018-04-26 11:02:18 +02:00
media
media: vsp1: Fix BRx conditional path in WPF
2018-04-24 09:36:25 +02:00
memory
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
memstick
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
message
scsi: mptsas: Disable WRITE SAME
2018-04-29 11:33:16 +02:00
mfd
mfd: twl6040: Fix child-node lookup
2017-12-29 17:53:46 +01:00
misc
cxl: Fix possible deadlock when processing page faults from cxllib
2018-04-24 09:36:32 +02:00
mmc
mmc: sdhci-pci: Only do AMD tuning for HS200
2018-04-24 09:36:38 +02:00
mtd
mtd: rawnand: tango: Fix struct clk memory leak
2018-05-01 12:58:19 -07:00
mux
mux: core: fix double get_device()
2018-01-17 09:45:27 +01:00
net
rtlwifi: cleanup 8723be ant_sel definition
2018-05-09 09:51:51 +02:00
nfc
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
ntb
ntb_transport: Fix bug with max_mw_size parameter
2018-04-26 11:02:13 +02:00
nubus
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
nvdimm
libnvdimm, namespace: use a safe lookup for dimm device name
2018-04-24 09:36:32 +02:00
nvme
nvme_fcloop: fix abort race condition
2018-04-12 12:32:16 +02:00
nvmem
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
of
earlycon: Use a pointer table to fix __earlycon_table stride
2018-05-01 12:58:24 -07:00
oprofile
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
parisc
parisc: Hide Diva-built-in serial aux and graphics card
2017-12-29 17:53:47 +01:00
parport
parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
2018-04-08 14:26:31 +02:00
pci
PCI: aardvark: Fix PCIe Max Read Request Size setting
2018-05-01 12:58:21 -07:00
pcmcia
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
perf
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
phy
phy: allwinner: sun4i-usb: poll vbus changes on A23/A33 when driving VBUS
2018-04-24 09:36:23 +02:00
pinctrl
Revert "pinctrl: intel: Initialize GPIO properly when used through irqchip"
2018-04-29 11:33:09 +02:00
platform
platform/x86: thinkpad_acpi: suppress warning about palm detection
2018-04-26 11:02:11 +02:00
pnp
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
power
power: supply: axp288_charger: Properly stop work on probe-error / remove
2018-04-12 12:32:17 +02:00
powercap
pps
ps3
ptp
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
pwm
pwm: rcar: Fix a condition to prevent mismatch value setting to duty
2018-04-24 09:36:34 +02:00
rapidio
drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error handling path in 'rio_dma_transfer()'
2017-12-14 09:53:08 +01:00
ras
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
regulator
regulator: stm32-vrefbuf: fix check on ready flag
2018-03-15 10:54:28 +01:00
remoteproc
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
reset
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
rpmsg
rpmsg: glink: Initialize the "intent_req_comp" completion variable
2017-12-20 10:10:29 +01:00
rtc
rtc: opal: Fix OPAL RTC driver OPAL_BUSY loops
2018-05-01 12:58:24 -07:00
s390
vfio: ccw: process ssch with interrupts disabled
2018-05-01 12:58:20 -07:00
sbus
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
scsi
scsi: sd: Defer spinning up drive while SANITIZE is in progress
2018-05-01 12:58:19 -07:00
sfi
sh
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
sn
soc
soc: mediatek: fix the mistaken pointer accessed when subdomains are added
2018-04-24 09:36:28 +02:00
spi
spi: a3700: Clear DATA_OUT when performing a read
2018-04-26 11:02:07 +02:00
spmi
ssb
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
staging
irqchip/gic-v3: Ignore disabled ITS nodes
2018-04-26 11:02:20 +02:00
target
scsi: target: Fix fortify_panic kernel exception
2018-05-09 09:51:51 +02:00
tc
tee
optee: fix invalid of_node_put() in optee_driver_init()
2017-12-25 14:26:24 +01:00
thermal
thermal: imx: Fix race condition in imx_thermal_probe()
2018-04-24 09:36:34 +02:00
thunderbolt
thunderbolt: Prevent crash when ICM firmware is not running
2018-04-24 09:36:29 +02:00
tty
earlycon: Use a pointer table to fix __earlycon_table stride
2018-05-01 12:58:24 -07:00
uio
uio_hv_generic: check that host supports monitor page
2018-04-12 12:32:19 +02:00
usb
USB: serial: option: Add support for Quectel EP06
2018-05-09 09:51:49 +02:00
uwb
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
vfio
vfio/pci: Virtualize Maximum Read Request Size
2018-04-24 09:36:34 +02:00
vhost
vhost: Fix vhost_copy_to_user()
2018-04-19 08:56:16 +02:00
video
backlight: tdo24m: Fix the SPI CS between transfers
2018-04-12 12:32:16 +02:00
virt
virtio
virtio_ring: fix num_free handling in error case
2018-03-15 10:54:32 +01:00
vlynq
vme
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
w1
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
watchdog
watchdog: sp5100_tco: Fix watchdog disable bit
2018-04-26 11:02:08 +02:00
xen
xen/grant-table: Use put_page instead of free_page
2018-04-26 11:02:17 +02:00
zorro
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
Kconfig
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
Makefile
usb: build drivers/usb/common/ when USB_SUPPORT is set
2018-02-25 11:07:53 +01:00