UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/drivers
History
Ming Lei 153fcd5f6d block: brd: associate with queue until adding disk 
brd_free() may be called in failure path on one brd instance which
disk isn't added yet, so release handler of gendisk may free the
associated request_queue early and causes the following use-after-free[1].

This patch fixes this issue by associating gendisk with request_queue
just before adding disk.

[1] KASAN: use-after-free Read in del_timer_syncNon-volatile memory driver v1.3
Linux agpgart interface v0.103
[drm] Initialized vgem 1.0.0 20120112 for virtual device on minor 0
usbcore: registered new interface driver udl
==================================================================
BUG: KASAN: use-after-free in __lock_acquire+0x36d9/0x4c20
kernel/locking/lockdep.c:3218
Read of size 8 at addr ffff8801d1b6b540 by task swapper/0/1

CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.19.0+ #88
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
  __dump_stack lib/dump_stack.c:77 [inline]
  dump_stack+0x244/0x39d lib/dump_stack.c:113
  print_address_description.cold.7+0x9/0x1ff mm/kasan/report.c:256
  kasan_report_error mm/kasan/report.c:354 [inline]
  kasan_report.cold.8+0x242/0x309 mm/kasan/report.c:412
  __asan_report_load8_noabort+0x14/0x20 mm/kasan/report.c:433
  __lock_acquire+0x36d9/0x4c20 kernel/locking/lockdep.c:3218
  lock_acquire+0x1ed/0x520 kernel/locking/lockdep.c:3844
  del_timer_sync+0xb7/0x270 kernel/time/timer.c:1283
  blk_cleanup_queue+0x413/0x710 block/blk-core.c:809
  brd_free+0x5d/0x71 drivers/block/brd.c:422
  brd_init+0x2eb/0x393 drivers/block/brd.c:518
  do_one_initcall+0x145/0x957 init/main.c:890
  do_initcall_level init/main.c:958 [inline]
  do_initcalls init/main.c:966 [inline]
  do_basic_setup init/main.c:984 [inline]
  kernel_init_freeable+0x5c6/0x6b9 init/main.c:1148
  kernel_init+0x11/0x1ae init/main.c:1068
  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:350

Reported-by: syzbot+3701447012fe951dabb2@syzkaller.appspotmail.com
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
 		2018-11-01 19:59:51 -06:00
..
accessibility
acpi pci-v4.20-changes 2018-10-25 06:50:48 -07:00
amba
android android: binder: fix the race mmap and alloc_new_buf_locked 2018-09-12 09:18:29 +02:00
ata libata: Apply NOLPM quirk for SAMSUNG MZ7TD256HAFV-000L9 2018-10-26 08:21:04 -06:00
atm atm: zatm: Fix empty body Clang warnings 2018-10-18 15:39:10 -07:00
auxdisplay gpiolib: Pass array info to get/set array functions 2018-09-13 11:16:54 +02:00
base Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-10-23 15:00:03 +01:00
bcma
block block: brd: associate with queue until adding disk 2018-11-01 19:59:51 -06:00
bluetooth Merge branch 'work.tty-ioctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-10-24 14:43:41 +01:00
bus This is the bulk of GPIO changes for the v4.20 series: 2018-10-23 08:45:05 +01:00
cdrom gdrom: fix mistake in assignment of error 2018-10-25 11:17:40 -06:00
char Merge branch 'work.tty-ioctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-10-24 14:43:41 +01:00
clk One fix for the Allwinner A10 SoC's audio PLL that wasn't properly set 2018-10-17 13:40:10 +02:00
clocksource arm64 updates for 4.20: 2018-10-22 17:30:06 +01:00
connector
cpufreq Merge branch 'x86-cpu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-10-23 16:16:40 +01:00
cpuidle cpuidle: menu: Avoid computations when result will be discarded 2018-10-18 09:34:13 +02:00
crypto pci-v4.20-changes 2018-10-25 06:50:48 -07:00
dax device-dax: Add missing address_space_operations 2018-09-22 09:07:33 -07:00
dca
devfreq PM / devfreq: remove redundant null pointer check before kfree 2018-10-02 10:16:41 +09:00
dio
dma pci-v4.20-changes 2018-10-25 06:50:48 -07:00
dma-buf
edac - amd64_edac: AMD family 0x17, models 0x10-0x2f support (Michael Jin) 2018-10-25 06:40:00 -07:00
eisa
extcon
firewire FireWire: clean up core-transaction.c kernel-doc 2018-09-06 09:41:09 -06:00
firmware EFI updates for v4.20: 2018-09-27 16:58:49 +02:00
fmc
fpga fpga: bridge: fix obvious function documentation error 2018-09-30 08:49:55 -07:00
fsi fsi: sbefifo: Bump max command length 2018-08-08 15:44:47 +10:00
gnss
gpio pci-v4.20-changes 2018-10-25 06:50:48 -07:00
gpu Second pull request for v4.19: 2018-10-20 12:26:26 +10:00
hid Merge branch 'for-4.20/multitouch' into for-linus 2018-10-23 13:36:28 +02:00
hsi
hv Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect() 2018-09-30 08:49:55 -07:00
hwmon Lots of small changes to the IPMI driver. Most of the changes 2018-10-23 09:42:05 +01:00
hwspinlock hwspinlock: Fix incorrect return pointers 2018-07-30 20:54:51 -07:00
hwtracing intel_th: pci: Add Ice Lake PCH support 2018-09-18 16:08:38 +02:00
i2c This is the bulk of GPIO changes for the v4.20 series: 2018-10-23 08:45:05 +01:00
ide block: genhd: add 'groups' argument to device_add_disk 2018-09-28 08:30:28 -06:00
idle Merge branch 'perf-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-10-23 13:32:18 +01:00
iio - New Drivers 2018-10-25 06:19:15 -07:00
infiniband pci-v4.20-changes 2018-10-25 06:50:48 -07:00
input - New Drivers 2018-10-25 06:19:15 -07:00
iommu Merge branch 'x86-mm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-10-23 17:05:28 +01:00
ipack
irqchip irqchip/gic-v3-its: Cap lpi_id_bits to reduce memory footprint 2018-09-06 20:31:59 +02:00
isdn Merge branch 'work.tty-ioctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-10-24 14:43:41 +01:00
leds leds: sc27xx: Add pattern_set/clear interfaces for LED controller 2018-10-11 21:59:11 +02:00
lightnvm lightnvm: pblk: guarantee that backpointer is respected on writer stall 2018-10-09 08:25:08 -06:00
macintosh macintosh: therm_windtunnel: drop using attach_adapter 2018-08-24 14:42:42 +02:00
mailbox mailbox: PCC: handle parse error 2018-09-10 12:54:02 +02:00
mcb
md block: Introduce blk_revalidate_disk_zones() 2018-10-25 11:17:40 -06:00
media media: v4l: event: Prevent freeing event subscriptions while accessed 2018-10-03 06:32:51 -04:00
memory memory: ti-aemif: fix a potential NULL-pointer dereference 2018-09-06 10:04:07 -07:00
memstick block: genhd: add 'groups' argument to device_add_disk 2018-09-28 08:30:28 -06:00
message scsi: mptfusion: Remove unnecessary parentheses 2018-09-28 02:13:33 -04:00
mfd - New Drivers 2018-10-25 06:19:15 -07:00
misc Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2018-10-24 11:22:39 +01:00
mmc Merge branch 'perf-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-10-23 13:32:18 +01:00
mtd SPI NOR changes: 2018-10-23 01:09:22 +01:00
mux This is the bulk of GPIO changes for the v4.20 series: 2018-10-23 08:45:05 +01:00
net pci-v4.20-changes 2018-10-25 06:50:48 -07:00
nfc
ntb
nubus
nvdimm libnvdimm for 4.20 2018-10-25 06:31:56 -07:00
nvme pci-v4.20-changes 2018-10-25 06:50:48 -07:00
nvmem
of First batch of dma-mapping changes for 4.20: 2018-10-22 18:16:03 +01:00
opp PM / OPP: _of_add_opp_table_v2(): increment count only if OPP is added 2018-10-04 09:21:36 +05:30
oprofile
parisc parisc: Add alternative coding infrastructure 2018-10-17 17:22:26 +02:00
parport Char/Misc driver patches for 4.19-rc1 2018-08-18 11:04:51 -07:00
pci pci-v4.20-changes 2018-10-25 06:50:48 -07:00
pcmcia Merge branch 'pcmcia-next' of git://git.kernel.org/pub/scm/linux/kernel/git/brodo/linux 2018-10-23 10:22:33 +01:00
perf arm64 updates for 4.20: 2018-10-22 17:30:06 +01:00
phy Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-10-24 06:47:44 +01:00
pinctrl This is the bulk of GPIO changes for the v4.20 series: 2018-10-23 08:45:05 +01:00
platform pci-v4.20-changes 2018-10-25 06:50:48 -07:00
pnp
power power: max8925: mark expected switch fall-through 2018-10-21 21:33:35 +02:00
powercap Merge branch 'perf-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-10-23 13:32:18 +01:00
pps
ps3
ptp ptp: ptp_dte: simplify getting .driver_data 2018-10-22 19:48:35 -07:00
pwm pwm: mediatek: Add MT7628 support 2018-08-20 11:36:07 +02:00
rapidio drivers/rapidio/devices/rio_mport_cdev.c: remove redundant pointer md 2018-08-22 10:52:51 -07:00
ras
regulator regulator: Regulator updates for next release 2018-10-23 01:54:44 +01:00
remoteproc remoteproc/davinci: use the reset framework 2018-08-16 17:39:55 -07:00
reset reset: imx7: Add PCIE_CTRL_APPS_TURNOFF 2018-10-05 09:56:19 +01:00
rpmsg rpmsg: Add compat ioctl for rpmsg char driver 2018-07-30 23:40:23 -07:00
rtc RTC for 4.19 2018-08-20 16:30:27 -07:00
s390 pci-v4.20-changes 2018-10-25 06:50:48 -07:00
sbus oradax: remove redundant null check before kfree 2018-10-07 22:42:00 -07:00
scsi block: Introduce blk_revalidate_disk_zones() 2018-10-25 11:17:40 -06:00
sfi
sh sh: introduce a sh_cacheop_vaddr helper 2018-08-02 13:54:06 +02:00
siox
slimbus
sn
soc net/kconfig: Make QCOM_QMI_HELPERS available when COMPILE_TEST 2018-10-24 08:11:35 +01:00
soundwire soundwire: Fix acquiring bus lock twice during master release 2018-08-27 09:49:48 +05:30
spi - New Drivers 2018-10-25 06:19:15 -07:00
spmi
ssb ssb: chipcommon: fix fall-through annotation 2018-10-05 11:37:20 +03:00
staging Merge branch 'work.tty-ioctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-10-24 14:43:41 +01:00
target SCSI misc on 20181024 2018-10-25 07:40:30 -07:00
tc
tee ARM: SoC driver updates 2018-08-23 13:52:46 -07:00
thermal x86/cpu: Sanitize FAM6_ATOM naming 2018-10-02 10:14:32 +02:00
thunderbolt thunderbolt: Initialize after IOMMUs 2018-10-02 10:51:16 -07:00
tty - New Drivers 2018-10-25 06:19:15 -07:00
uio Char/Misc fix for 4.19-rc1 2018-08-19 09:30:44 -07:00
usb Merge branch 'work.tty-ioctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-10-24 14:43:41 +01:00
uwb
vfio powerpc updates for 4.19 2018-08-17 11:32:50 -07:00
vhost net: vhost: remove bad code line 2018-10-07 21:31:32 -07:00
video - Old Drivers 2018-10-25 06:21:28 -07:00
virt
virtio virtio, vhost: fixes, tweaks 2018-08-24 08:45:19 -07:00
visorbus
vlynq
vme
w1 power supply and reset changes for the v4.19 series 2018-08-21 18:06:27 -07:00
watchdog include/linux/compiler*.h: make compiler-*.h mutually exclusive 2018-08-22 17:31:34 -07:00
xen Merge branch 'x86-paravirt-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-10-23 17:54:58 +01:00
zorro
Kconfig
Makefile Char/Misc driver patches for 4.19-rc1 2018-08-18 11:04:51 -07:00