UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/drivers
History
Ming Lei 80f25003af ublk: fix ublk_ch_mmap() for 64K page size 
commit d369735e02ef122d19d4c3d093028da0eb400636 upstream.

In ublk_ch_mmap(), queue id is calculated in the following way:

	(vma->vm_pgoff << PAGE_SHIFT) / `max_cmd_buf_size`

'max_cmd_buf_size' is equal to

	`UBLK_MAX_QUEUE_DEPTH * sizeof(struct ublksrv_io_desc)`

and UBLK_MAX_QUEUE_DEPTH is 4096 and part of UAPI, so 'max_cmd_buf_size'
is always page aligned in 4K page size kernel. However, it isn't true in
64K page size kernel.

Fixes the issue by always rounding up 'max_cmd_buf_size' with PAGE_SIZE.

Cc: stable@vger.kernel.org
Fixes: 71f28f3136 ("ublk_drv: add io_uring based userspace block driver")
Signed-off-by: Ming Lei <ming.lei@redhat.com>
Link: https://lore.kernel.org/r/20241111110718.1394001-1-ming.lei@redhat.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2024-12-09 10:32:50 +01:00
..
accel accel/qaic: Fix the for loop used to walk SG table 2024-11-01 01:58:21 +01:00
accessibility
acpi ACPI: CPPC: Fix _CPC register setting issue 2024-12-09 10:31:49 +01:00
amba
android binder: fix UAF caused by offsets overwrite 2024-09-12 11:11:41 +02:00
ata ata: libata: Set DID_TIME_OUT for commands that actually timed out 2024-11-01 01:58:33 +01:00
atm atm: idt77252: prevent use after free in dequeue_rx() 2024-08-29 17:33:18 +02:00
auxdisplay auxdisplay: ht16k33: Drop reference after LED registration 2024-08-03 08:54:39 +02:00
base firmware_loader: Fix possible resource leak in fw_log_firmware_info() 2024-12-09 10:32:37 +01:00
bcma
block ublk: fix ublk_ch_mmap() for 64K page size 2024-12-09 10:32:50 +01:00
bluetooth Bluetooth: btintel: Direct exception event to bluetooth stack 2024-11-22 15:38:32 +01:00
bus bus: mhi: ep: Do not allocate memory for MHI objects from DMA zone 2024-10-17 15:24:10 +02:00
cache
cdrom cdrom: Avoid barrier_nospec() in cdrom_ioctl_media_changed() 2024-11-01 01:58:25 +01:00
cdx
char virtio_console: fix misc probe bugs 2024-10-17 15:24:14 +02:00
clk clk: clk-axi-clkgen: make sure to enable the AXI bus clock 2024-12-09 10:32:22 +01:00
clocksource clocksource/drivers/timer-ti-dm: Fix child node refcount handling 2024-12-09 10:31:51 +01:00
comedi comedi: Flush partial mappings in error case 2024-12-09 10:32:44 +01:00
connector
counter counter: ti-ecap-capture: Add check for clk_enable() 2024-12-09 10:32:37 +01:00
cpufreq cpufreq: mediatek-hw: Fix wrong return value in mtk_cpufreq_get_cpu_power() 2024-12-09 10:32:48 +01:00
cpuidle cpuidle: riscv-sbi: Use scoped device node handling to fix missing of_node_put 2024-10-04 16:29:56 +02:00
crypto crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() 2024-12-09 10:31:50 +01:00
cxl cxl/acpi: Ensure ports ready at cxl_acpi_probe() return 2024-11-08 16:28:25 +01:00
dax dax: delete a stale directory pmem 2024-12-09 10:32:21 +01:00
dca
devfreq
dio
dma dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor 2024-09-08 07:54:46 +02:00
dma-buf dma-buf: heaps: Fix off-by-one in CMA heap fault handler 2024-09-18 19:24:09 +02:00
edac EDAC/igen6: Avoid segmentation fault on module unload 2024-12-09 10:31:48 +01:00
eisa
extcon
firewire firewire: core: correct range of block for case of switch statement 2024-10-04 16:29:28 +02:00
firmware firmware: arm_scpi: Check the DVFS OPP count returned by the firmware 2024-12-09 10:31:58 +01:00
fpga
fsi
gnss
gpio gpio: exar: set value when external pull-up or pull-down is present 2024-12-09 10:32:47 +01:00
gpu drm/amd/display: Add NULL pointer check for kzalloc 2024-12-09 10:32:41 +01:00
greybus greybus: Fix use-after-free bug in gb_interface_release due to race condition. 2024-06-21 14:38:48 +02:00
hid HID: hyperv: streamline driver probe to avoid devres issues 2024-12-09 10:31:58 +01:00
hsi
hte
hv Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic 2024-09-12 11:11:41 +02:00
hwmon hwmon: (tps23861) Fix reporting of negative temperatures 2024-12-09 10:32:30 +01:00
hwspinlock hwspinlock: Introduce hwspin_lock_bust() 2024-09-08 07:54:43 +02:00
hwtracing coresight: tmc: sg: Do not leak sg_table 2024-10-04 16:29:40 +02:00
i2c i2c: lpi2c: Avoid calling clk_get_rate during transfer 2024-12-09 10:31:40 +01:00
i3c i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition 2024-10-17 15:24:17 +02:00
idle
iio iio: gts: Fix uninitialized symbol 'ret' 2024-12-09 10:32:50 +01:00
infiniband RDMA/mlx5: Move events notifier registration to be after device registration 2024-12-09 10:32:22 +01:00
input Input: edt-ft5x06 - fix regmap leak when probe fails 2024-11-08 16:28:25 +01:00
interconnect interconnect: icc-clk: Add missed num_nodes initialization 2024-10-04 16:29:40 +02:00
iommu iommu/vt-d: Fix checks and print in pgtable_walk() 2024-12-09 10:32:17 +01:00
ipack
irqchip irqchip/ocelot: Fix trigger register address 2024-11-17 15:08:56 +01:00
isdn mISDN: fix MISDN_TIME_STAMP handling 2024-08-19 06:04:28 +02:00
leds leds: mlxreg: Use devm_mutex_init() for mutex initialization 2024-11-22 15:38:37 +01:00
macintosh macintosh/therm_windtunnel: fix module unload. 2024-08-03 08:54:02 +02:00
mailbox mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() 2024-12-09 10:32:39 +01:00
mcb
md dm-bufio: fix warnings about duplicate slab caches 2024-12-09 10:32:41 +01:00
media media: i2c: ds90ub960: Fix missing return check on ub960_rxport_read call 2024-12-09 10:31:53 +01:00
memory memory: tegra186-emc: drop unused to_tegra186_emc() 2024-10-10 11:57:44 +02:00
memstick
message scsi: fusion: Remove unused variable 'rc' 2024-12-09 10:32:18 +01:00
mfd mfd: rt5033: Fix missing regmap_del_irq_chip() 2024-12-09 10:32:18 +01:00
misc Compiler Attributes: disable __counted_by for clang < 19.1.3 2024-12-09 10:32:46 +01:00
mmc mmc: mmc_spi: drop buggy snprintf() 2024-12-09 10:31:52 +01:00
most
mtd ubi: wl: Put source PEB into correct list if trying locking LEB failed 2024-12-09 10:32:49 +01:00
mux
net wifi: brcmfmac: release 'root' node in all execution paths 2024-12-09 10:32:47 +01:00
nfc nfc: pn533: Add poll mod list filling check 2024-09-04 13:28:28 +02:00
ntb ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition 2024-10-17 15:24:18 +02:00
nubus
nvdimm virtio_pmem: Check device status before requesting flush 2024-10-17 15:24:20 +02:00
nvme nvme: fix metadata handling in nvme-passthrough 2024-12-09 10:32:39 +01:00
nvmem nvmem: u-boot-env: error if NVMEM device is too small 2024-09-18 19:24:04 +02:00
of of/fdt: add dt_phys arg to early_init_dt_scan and early_init_dt_verify 2024-12-09 10:31:56 +01:00
opp OPP: ti: Fix ti_opp_supply_probe wrong return values 2024-08-03 08:53:27 +02:00
parisc Revert "change alloc_pages name in dma_map_ops to avoid name conflicts" 2024-09-04 13:28:24 +02:00
parport parport: Proper fix for array out-of-bounds access 2024-10-22 15:46:33 +02:00
pci PCI: Fix use-after-free of slot->bus on hot remove 2024-12-09 10:32:44 +01:00
pcmcia pcmcia: Use resource_size function on resource object 2024-09-12 11:11:31 +02:00
peci
perf drivers/perf: arm_spe: Use perf_allow_kernel() for permissions 2024-10-10 11:57:27 +02:00
phy phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check 2024-11-08 16:28:24 +01:00
pinctrl pinctrl: qcom: spmi: fix debugfs drive strength 2024-12-09 10:32:45 +01:00
platform platform/chrome: cros_ec_typec: fix missing fwnode reference decrement 2024-12-09 10:32:48 +01:00
pmdomain pmdomain: ti-sci: Add missing of_node_put() for args.np 2024-12-09 10:31:56 +01:00
pnp
power power: supply: rt9471: Use IC status regfield to report real charger status 2024-12-09 10:32:32 +01:00
powercap powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() 2024-11-01 01:58:31 +01:00
pps pps: add an error check in parport_attach 2024-10-04 16:29:58 +02:00
ps3
ptp ptp: fix integer overflow in max_vclocks_store 2024-06-27 13:49:07 +02:00
pwm pwm: imx27: Workaround of the pwm output bug when decrease the duty cycle 2024-12-09 10:31:54 +01:00
rapidio
ras
regulator regulator: rk808: Restrict DVS GPIOs to the RK808 variant only 2024-12-09 10:31:54 +01:00
remoteproc remoteproc: qcom_q6v5_mss: Re-order writes to the IMEM region 2024-12-09 10:32:29 +01:00
reset reset: k210: fix OF node leak in probe() error path 2024-10-04 16:29:04 +02:00
rpmsg rpmsg: glink: use only lower 16-bits of param2 for CMD_OPEN name length 2024-12-09 10:32:29 +01:00
rtc rtc: at91sam9: fix OF node leak in probe() error path 2024-10-10 11:57:57 +02:00
s390 s390/cio: Do not unregister the subchannel based on DNV 2024-12-09 10:31:43 +01:00
sbus
scsi scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths 2024-12-09 10:32:39 +01:00
sh
siox
slimbus
soc soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() 2024-12-09 10:32:42 +01:00
soundwire soundwire: cadence: re-check Peripheral status with delayed_work 2024-10-17 15:24:18 +02:00
spi spi: Fix acpi deferred irq probe 2024-12-09 10:32:47 +01:00
spmi spmi: hisi-spmi-controller: Do not override device identifier 2024-06-21 14:38:40 +02:00
ssb ssb: Fix division by zero issue in ssb_calc_clock_rate 2024-08-29 17:33:22 +02:00
staging media: atomisp: Add check for rgby_data memory allocation failure 2024-12-09 10:31:58 +01:00
target scsi: target: core: Fix null-ptr-deref in target_alloc_device() 2024-11-01 01:58:24 +01:00
tc
tee tee: optee: ffa: Fix missing-field-initializers warning 2024-07-25 09:50:53 +02:00
thermal thermal: core: Initialize thermal zones before registering them 2024-12-09 10:31:47 +01:00
thunderbolt thunderbolt: Honor TMU requirements in the domain when setting TMU mode 2024-11-08 16:28:24 +01:00
tty serial: 8250: omap: Move pm_runtime_get_sync 2024-12-09 10:32:49 +01:00
ufs scsi: ufs: core: Fix the issue of ICU failure 2024-10-22 15:46:28 +02:00
uio Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic 2024-09-12 11:11:41 +02:00
usb Revert "usb: gadget: composite: fix OS descriptors w_value logic" 2024-12-09 10:32:47 +01:00
vdpa vdpa/mlx5: Fix suboptimal range on iotlb iteration 2024-12-09 10:32:30 +01:00
vfio vfio/pci: Properly hide first-in-list PCIe extended capability 2024-12-09 10:32:31 +01:00
vhost vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() 2024-10-10 11:58:08 +02:00
video fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() 2024-12-09 10:32:21 +01:00
virt
virtio virtio_ring: fix KMSAN error for premapped mode 2024-09-12 11:11:36 +02:00
vlynq
w1
watchdog watchdog: imx_sc_wdt: Don't disable WDT in suspend 2024-10-04 16:29:33 +02:00
xen xen: Fix the issue of resource not being properly released in xenbus_dev_probe() 2024-12-09 10:32:39 +01:00
zorro
Kconfig
Makefile