github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 14:42:37 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
153d1ea327
linux/drivers
History
Juergen Gross 153d1ea327 xen/console: harden hvc_xen against event channel storms 
commit fe415186b4 upstream.

The Xen console driver is still vulnerable for an attack via excessive
number of events sent by the backend. Fix that by using a lateeoi event
channel.

For the normal domU initial console this requires the introduction of
bind_evtchn_to_irq_lateeoi() as there is no xenbus device available
at the time the event channel is bound to the irq.

As the decision whether an interrupt was spurious or not requires to
test for bytes having been read from the backend, move sending the
event into the if statement, as sending an event without having found
any bytes to be read is making no sense at all.

This is part of XSA-391

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-12-22 09:32:52 +01:00
..
accessibility
acpi ACPI: CPPC: Add NULL pointer check to cppc_get_perf() 2021-12-01 09:04:38 +01:00
amba ARM: 9120/1: Revert "amba: make use of -1 IRQs warn" 2021-11-06 14:13:31 +01:00
android binder: use wake_up_pollfree() 2021-12-14 10:57:15 +01:00
ata libata: if T_LENGTH is zero, dma direction should be DMA_NONE 2021-12-22 09:32:49 +01:00
atm
auxdisplay auxdisplay: ht16k33: Fix frame buffer device blanking 2021-11-18 19:17:02 +01:00
base firmware_loader: fix pre-allocated buf built-in firmware use 2021-11-25 09:48:27 +01:00
bcma Driver core update for 5.15-rc1 2021-09-01 08:44:42 -07:00
block xen/blkfront: harden blkfront against event channel storms 2021-12-22 09:32:51 +01:00
bluetooth Bluetooth: btusb: Add support for TP-Link UB500 Adapter 2021-11-21 13:44:13 +01:00
bus bus: ti-sysc: Fix variable set but not used warning for reinit_modules 2021-12-22 09:32:51 +01:00
cdrom
char parisc/agp: Annotate parisc agp init functions with __init 2021-12-17 10:30:15 +01:00
clk clk: Don't parent clks until the parent is fully registered 2021-12-22 09:32:39 +01:00
clocksource clocksource/drivers/dw_apb_timer_of: Fix probe failure 2021-12-14 10:57:23 +01:00
comedi comedi: vmk80xx: fix bulk and interrupt message timeouts 2021-11-12 15:05:51 +01:00
connector
counter
cpufreq cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink() 2021-12-08 09:04:42 +01:00
cpuidle cpuidle: Fix kobject memory leaks in error paths 2021-11-18 19:16:29 +01:00
crypto crypto: octeontx2 - set assoclen in aead_do_fallback() 2021-11-18 19:16:33 +01:00
cxl cxl/pci: Fix NULL vs ERR_PTR confusion 2021-11-18 19:16:04 +01:00
dax libnvdimm for v5.15 2021-09-09 11:39:57 -07:00
dca
devfreq devfreq: use HZ macros 2021-09-08 11:50:26 -07:00
dio
dma dmaengine: st_fdma: fix MODULE_ALIAS 2021-12-22 09:32:41 +01:00
dma-buf dma-buf: system_heap: Use 'for_each_sgtable_sg' in pages free flow 2021-12-08 09:04:42 +01:00
edac EDAC/amd64: Handle three rank interleaving mode 2021-11-18 19:16:30 +01:00
eisa
extcon
firewire FireWire (IEEE 1394) subsystem updates: 2021-09-11 09:47:33 -07:00
firmware firmware: arm_scpi: Fix string overflow in SCPI genpd driver 2021-12-22 09:32:35 +01:00
fpga fpga: ice40-spi: Add SPI device ID table 2021-09-27 14:00:41 -07:00
fsi
gnss
gpio gpio: rockchip: needs GENERIC_IRQ_CHIP to fix build errors 2021-11-25 09:48:36 +01:00
gpu drm/amd/pm: fix reading SMU FW version from amdgpu_firmware_info on YC 2021-12-22 09:32:49 +01:00
greybus
hid HID: Ignore battery for Elan touchscreen on Asus UX550VE 2021-12-14 10:57:06 +01:00
hsi
hv Drivers: hv: balloon: Use VMBUS_RING_SIZE() wrapper for dm_ring_size 2021-11-25 09:48:46 +01:00
hwmon hwmon: (corsair-psu) fix plain integer used as NULL pointer 2021-12-17 10:30:12 +01:00
hwspinlock
hwtracing coresight: trbe: Defer the probe on offline CPUs 2021-11-18 19:16:06 +01:00
i2c i2c: rk3x: Handle a spurious start completion interrupt flag 2021-12-17 10:30:15 +01:00
i3c
idle
iio iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove 2021-12-14 10:57:21 +01:00
infiniband RDMA/irdma: Don't arm the CQ more than two times if no CE for this CQ 2021-12-17 10:30:14 +01:00
input Input: st1232 - increase "wait ready" timeout 2021-11-18 19:17:01 +01:00
interconnect interconnect: qcom: sdm660: Add missing a2noc qos clocks 2021-09-13 15:49:55 +03:00
iommu iommu/amd: Clarify AMD IOMMUv2 initialization messages 2021-12-01 09:04:55 +01:00
ipack ipack: ipoctal: fix module reference leak 2021-09-27 17:38:49 +02:00
irqchip irqchip: nvic: Fix offset for Interrupt Priority Offsets 2021-12-14 10:57:23 +01:00
isdn mISDN: Fix return values of the probe function 2021-10-19 13:09:28 +01:00
leds
macintosh memblock: introduce saner 'memblock_free_ptr()' interface 2021-09-14 13:23:22 -07:00
mailbox mailbox: mtk-cmdq: Fix local clock ID usage 2021-11-18 19:16:35 +01:00
mcb mcb: fix error handling in mcb_alloc_bus() 2021-09-14 11:22:26 +02:00
md dm btree remove: fix use after free in rebalance_children() 2021-12-22 09:32:36 +01:00
media media: mxl111sf: change mutex_init() location 2021-12-22 09:32:50 +01:00
memory memory: tegra20-emc: Add runtime dependency on devfreq governor module 2021-11-25 09:48:30 +01:00
memstick memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() 2021-11-18 19:16:32 +01:00
message
mfd mfd: dln2: Add cell for initializing DLN2 ADC 2021-11-18 19:17:17 +01:00
misc misc: fastrpc: fix improper packet size calculation 2021-12-14 10:57:23 +01:00
mmc mmc: renesas_sdhi: initialize variable properly when tuning 2021-12-14 10:57:14 +01:00
most most: fix control-message timeouts 2021-11-18 19:16:08 +01:00
mtd mtd: rawnand: Fix nand_choose_best_timings() on unsupported interface 2021-12-17 10:30:13 +01:00
mux
net xen/netfront: harden netfront against event channel storms 2021-12-22 09:32:51 +01:00
nfc nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails 2021-11-18 19:17:10 +01:00
ntb Bug fixes and clean-ups for Linux v5.15 2021-09-07 13:05:02 -07:00
nubus
nvdimm nvdimm/pmem: cleanup the disk if pmem_release_disk() is yet assigned 2021-11-18 19:17:07 +01:00
nvme nvmet: use IOCB_NOWAIT only if the filesystem supports it 2021-12-01 09:04:52 +01:00
nvmem nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells 2021-10-13 15:09:58 +02:00
of of: unittest: fix EXPECT text for gpio hog errors 2021-11-18 19:16:45 +01:00
opp opp: Fix return in _opp_add_static_v2() 2021-11-18 19:17:00 +01:00
parisc parisc: Move pci_dev_is_behind_card_dino to where it is used 2021-09-09 12:44:31 +02:00
parport parisc architecture updates for kernel 5.15: 2021-09-02 13:16:00 -07:00
pci PCI/MSI: Mask MSI-X vectors only on success 2021-12-22 09:32:46 +01:00
pcmcia
perf KVM: arm64: Fix PMU probe ordering 2021-09-20 12:43:34 +01:00
phy phy: Sparx5 Eth SerDes: Fix return value check in sparx5_serdes_probe() 2021-11-18 19:16:56 +01:00
pinctrl pinctrl: amd: Fix wakeups when IRQ is shared with SCI 2021-12-22 09:32:37 +01:00
platform platform/x86: amd-pmc: Fix s2idle failures on certain AMD laptops 2021-12-14 10:57:08 +01:00
pnp
power power: supply: bq27xxx: Fix kernel crash on IRQ handler register error 2021-11-18 19:16:58 +01:00
powercap
pps
ps3
ptp ptp: ocp: Fix a couple NULL vs IS_ERR() checks 2021-11-25 09:48:40 +01:00
pwm pwm: mtk-disp: Implement atomic API .get_state() 2021-09-02 22:27:46 +02:00
rapidio
ras
regulator regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled 2021-11-18 19:15:57 +01:00
remoteproc remoteproc: imx_rproc: Fix rsc-table name 2021-11-18 19:17:18 +01:00
reset reset: tegra-bpmp: Revert Handle errors in BPMP response 2021-12-22 09:32:33 +01:00
rpmsg
rtc rtc: rv3032: fix error handling in rv3032_clkout_set_rate() 2021-11-18 19:17:01 +01:00
s390 s390/cio: make ccw_device_dma_* more robust 2021-11-18 19:17:18 +01:00
sbus
scsi scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() 2021-12-22 09:32:51 +01:00
sh maple: fix wrong return value of maple_bus_init(). 2021-11-25 09:48:31 +01:00
siox
slimbus Driver core update for 5.15-rc1 2021-09-01 08:44:42 -07:00
soc soc/tegra: fuse: Fix bitwise vs. logical OR warning 2021-12-22 09:32:43 +01:00
soundwire soundwire: bus: stop dereferencing invalid slave pointer 2021-11-18 19:16:54 +01:00
spi spi: fix use-after-free of the add_lock mutex 2021-11-25 09:48:46 +01:00
spmi
ssb
staging staging: most: dim2: use device release method 2021-12-17 10:30:16 +01:00
target scsi: target: Fix alua_tg_pt_gps_count tracking 2021-11-25 09:48:29 +01:00
tc
tee tee: amdtee: fix an IS_ERR() vs NULL bug 2021-12-22 09:32:38 +01:00
thermal thermal: int340x: Fix VCoRefLow MMIO bit offset for TGL 2021-12-14 10:57:14 +01:00
thunderbolt thunderbolt: build kunit tests without structleak plugin 2021-10-06 17:53:49 -06:00
tty xen/console: harden hvc_xen against event channel storms 2021-12-22 09:32:52 +01:00
uio
usb USB: core: Make do_proc_control() and do_proc_bulk() killable 2021-12-22 09:32:50 +01:00
vdpa vdpa: Consider device id larger than 31 2021-12-22 09:32:39 +01:00
vfio vfio/pci: add missing identifier name in argument of function prototype 2021-09-23 14:12:36 -06:00
vhost vdpa: check that offsets are within bounds 2021-12-22 09:32:36 +01:00
video vgacon: Propagate console boot parameters before calling `vc_resize' 2021-12-08 09:04:55 +01:00
virt
virtio virtio_ring: Fix querying of maximum DMA mapping size for virtio device 2021-12-22 09:32:36 +01:00
visorbus
vlynq
vme
w1
watchdog ar7: fix kernel builds for compiler test 2021-11-18 19:17:03 +01:00
xen xen/console: harden hvc_xen against event channel storms 2021-12-22 09:32:52 +01:00
zorro
Kconfig firmware: include drivers/firmware/Kconfig unconditionally 2021-10-07 16:51:26 +02:00
Makefile virtio: always enter drivers/virtio/ 2021-12-22 09:32:39 +01:00