linux

mirror of https://github.com/torvalds/linux.git synced 2026-06-10 07:32:29 +02:00

History

Andy Grover 173fd37a3d target/user: Fix use-after-free of tcmu_cmds if they are expired commit `d0905ca757` upstream. Don't free the cmd in tcmu_check_expired_cmd, it's still referenced by an entry in our cmd_id->cmd idr. If userspace ever resumes processing, tcmu_handle_completions() will use the now-invalid cmd pointer. Instead, don't free cmd. It will be freed by tcmu_handle_completion() if userspace ever recovers, or tcmu_free_device if not. Reported-by: Bryant G Ly <bgly@us.ibm.com> Tested-by: Bryant G Ly <bgly@us.ibm.com> Signed-off-by: Andy Grover <agrover@redhat.com> Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2017-01-09 08:32:25 +01:00
..
accessibility
acpi	ACPI / video: Add force_native quirk for HP Pavilion dv6	2017-01-09 08:32:18 +01:00
amba
android	ANDROID: binder: Clear binder and cookie when setting handle in flat binder struct	2016-10-24 19:37:48 +02:00
ata	libata-scsi: disable SCT Write Same for the moment	2016-12-07 16:29:09 -05:00
atm	atm: fix improper return value	2016-12-05 14:53:46 -05:00
auxdisplay	auxdisplay: img-ascii-lcd: driver for simple ASCII LCD displays	2016-10-06 17:03:41 +02:00
base	firmware: fix usermode helper fallback loading	2017-01-09 08:32:22 +01:00
bcma
block	loop: return proper error from loop_queue_rq()	2017-01-06 10:40:14 +01:00
bluetooth	Bluetooth: btwilink: Fix probe return value	2016-10-20 10:14:49 +02:00
bus	bus: qcom-ebi2: depend on ARCH_QCOM or COMPILE_TEST	2016-10-17 13:46:09 -07:00
cdrom
char	tpm xen: Remove bogus tpm_chip_unregister	2017-01-06 10:40:17 +01:00
clk	clk: bcm2835: Avoid overwriting the div info when disabling a pll_div clk	2017-01-09 08:32:18 +01:00
clocksource	Revert "clocksource/drivers/timer_sun5i: Replace code by clocksource_mmio_init"	2016-10-20 21:58:58 +02:00
connector
cpufreq	PM / OPP: Pass opp_table to dev_pm_opp_put_regulator()	2017-01-06 10:40:15 +01:00
cpuidle	Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus	2016-10-15 09:26:12 -07:00
crypto	crypto: caam - fix AEAD givenc descriptors	2017-01-06 10:40:13 +01:00
dax	device-dax: fix private mapping restriction, permit read-only	2016-12-06 17:42:37 -08:00
dca
devfreq	PM / devfreq: Skip status update on uninitialized previous_freq	2016-10-11 00:01:20 +02:00
dio
dma	dmaengine: cppi41: More PM runtime fixes	2016-11-17 16:09:23 +05:30
dma-buf	Merge tag 'drm-for-v4.9' of git://people.freedesktop.org/~airlied/linux	2016-10-11 18:12:22 -07:00
edac	* Altera Arria10 enablement of NAND, DMA, USB, QSPI and SD-MMC FIFO	2016-10-04 12:06:26 -07:00
eisa
extcon	extcon: qcom-spmi-misc: Sync the extcon state on interrupt	2016-10-26 16:04:29 +09:00
firewire	firewire: net: fix fragmented datagram_size off-by-one	2016-11-03 14:46:39 +01:00
firmware	efi/arm: Fix absolute relocation detection for older toolchains	2016-10-19 14:49:44 +02:00
fmc
fpga
gpio	gpio: chardev: Return error for seek operations	2017-01-09 08:32:18 +01:00
gpu	drivers/gpu/drm/ast: Fix infinite loop if read fails	2017-01-09 08:32:20 +01:00
hid	HID: hid-sensor-hub: clear memory to avoid random data	2016-11-23 17:54:58 +01:00
hsi
hv	hv: acquire vmbus_connection.channel_mutex in vmbus_free_channels()	2017-01-09 08:32:18 +01:00
hwmon	hwmon: (core) fix resource leak on devm_kcalloc failure	2016-10-24 06:05:13 -07:00
hwspinlock
hwtracing	stm class: Fix device leak in open error path	2017-01-09 08:32:21 +01:00
i2c	Revert "i2c: octeon: thunderx: Limit register access retries"	2016-11-29 20:04:21 +01:00
ide
idle	nmi_backtrace: generate one-line reports for idle cpus	2016-10-07 18:46:30 -07:00
iio	iio: maxim_thermocouple: detect invalid storage size in read()	2016-11-13 10:08:32 +01:00
infiniband	i40iw: Use correct src address in memcpy to rdma stats counters	2017-01-09 08:32:24 +01:00
input	Input: drv260x - fix input device's parent assignment	2017-01-09 08:32:24 +01:00
iommu	Merge git://git.infradead.org/intel-iommu	2016-11-27 08:24:46 -08:00
ipack	ipack: print a hex number after a 0x prefix	2016-10-27 18:43:43 -07:00
irqchip	GIC updates for Linux 4.9-rc2	2016-10-21 21:40:29 +02:00
isdn	ser_gigaset: return -ENOMEM on error instead of success	2016-12-08 14:19:17 -05:00
leds
lguest
lightnvm	Merge branch 'for-4.9/block' of git://git.kernel.dk/linux-block	2016-10-07 14:42:05 -07:00
macintosh
mailbox	mailbox: PCC: Fix lockdep warning when request PCC channel	2016-11-14 22:07:38 +01:00
mcb	mcb: Add a dma_device to mcb_device	2016-09-27 12:33:47 +02:00
md	md/raid5: limit request size according to implementation limits	2017-01-09 08:32:22 +01:00
media	v4l: tvp5150: Add missing break in set control handler	2017-01-09 08:32:24 +01:00
memory	ARM: SoC driver updates for v4.9	2016-10-07 21:23:40 -07:00
memstick	memstick: rtsx_usb_ms: Manage runtime PM when accessing the device	2016-10-17 15:43:05 +02:00
message
mfd	mfd: wm8994-core: Don't use managed regulator bulk get API	2016-11-25 11:10:55 +00:00
misc	mei: me: add lewisburg device ids	2017-01-09 08:32:20 +01:00
mmc	mmc: sd: Meet alignment requirements for raw_ssr DMA	2017-01-09 08:32:17 +01:00
mtd	MTD updates for 4.9-rc4:	2016-11-05 10:52:29 -07:00
net	ath9k: do not return early to fix rcu unlocking	2017-01-09 08:32:17 +01:00
nfc	mei: bus: fix received data size check in NFC fixup	2016-10-31 10:25:22 -06:00
ntb	ntb_perf: potential info leak in debugfs	2016-11-13 16:48:30 -05:00
nubus
nvdimm	libnvdimm, pfn: fix align attribute	2017-01-09 08:32:25 +01:00
nvme	nvmet: Fix possible infinite loop triggered on hot namespace removal	2017-01-06 10:40:14 +01:00
nvmem	ARM: SoC driver updates for v4.9	2016-10-07 21:23:40 -07:00
of	of, numa: Return NUMA_NO_NODE from disable of_node_to_nid() if nid not possible.	2017-01-09 08:32:25 +01:00
oprofile	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2016-10-10 20:16:43 -07:00
parisc
parport
pci	PCI: Check for PME in targeted sleep state	2017-01-09 08:32:24 +01:00
pcmcia	pcmcia: fix return value of soc_pcmcia_regulator_set	2016-11-11 08:45:08 -08:00
perf	perf: xgene: Remove bogus IS_ERR() check	2016-10-17 15:50:07 +01:00
phy	phy: twl4030-usb: Fix for musb session bit based PM	2016-11-17 16:25:40 +01:00
pinctrl	pinctrl-aspeed-g5: Never set SCU90[6]	2016-11-07 10:31:33 +01:00
platform	platform/x86: asus-nb-wmi.c: Add X45U quirk	2017-01-09 08:32:23 +01:00
pnp
power	power supply and reset changes for the v4.9 series	2016-10-06 18:21:15 -07:00
powercap
pps	pps: kc: fix non-tickless system config dependency	2016-10-11 15:06:32 -07:00
ps3
ptp	drivers/ptp: Fix kernel memory disclosure	2016-10-13 10:20:06 -04:00
pwm	pwm: Fix device reference leak	2016-11-29 16:43:24 +01:00
rapidio	mm: replace get_user_pages() write/force parameters with gup_flags	2016-10-19 08:11:43 -07:00
ras
regulator	regulator: stw481x-vmmc: fix ages old enable error	2017-01-09 08:32:17 +01:00
remoteproc	rpmsg updates for v4.9	2016-10-06 17:03:49 -07:00
reset	reset: uniphier: rename MIO reset to SD reset for Pro5, PXs2, LD20 SoCs	2016-10-22 18:31:42 +09:00
rpmsg
rtc	rtc: omap: prevent disabling of clock/module during suspend	2016-11-04 23:11:39 +01:00
s390	s390/vmlogrdr: fix IUCV buffer allocation	2017-01-09 08:32:22 +01:00
sbus
scsi	scsi: aacraid: remove wildcard for series 9 controllers	2017-01-09 08:32:22 +01:00
sfi
sh
sn
soc	powerpc updates for 4.9 #2	2016-10-14 11:07:42 -07:00
spi	Merge remote-tracking branches 'spi/fix/dt', 'spi/fix/fsl-dspi' and 'spi/fix/fsl-espi' into spi-linus	2016-10-29 12:51:55 -06:00
spmi	spmi: pmic-arb: Return an error code if sanity check fails	2016-09-27 12:43:34 +02:00
ssb	ssb: Fix error routine when fallback SPROM fails	2017-01-09 08:32:16 +01:00
staging	staging: comedi: ni_mio_common: fix E series ni_ai_insn_read() data	2017-01-09 08:32:18 +01:00
target	target/user: Fix use-after-free of tcmu_cmds if they are expired	2017-01-09 08:32:25 +01:00
tc
thermal	thermal: hwmon: Properly report critical temperature in sysfs	2017-01-09 08:32:18 +01:00
thunderbolt
tty	sc16is7xx: Drop bogus use of IRQF_ONESHOT	2017-01-09 08:32:22 +01:00
uio
usb	usb: gadget: composite: always set ep->mult to a sensible value	2017-01-06 10:40:15 +01:00
uwb	uwb: fix device reference leaks	2016-11-01 09:04:04 -06:00
vfio	vfio/pci: Fix integer overflows, bitmask check	2016-10-26 13:49:29 -06:00
vhost	vhost-vsock: fix orphan connection reset	2016-12-08 21:24:30 -05:00
video	video: ARM CLCD: fix Vexpress regression	2016-11-03 12:20:14 +02:00
virt	mm: replace get_user_pages() write/force parameters with gup_flags	2016-10-19 08:11:43 -07:00
virtio	virtio_ring: mark vring_dma_dev inline	2016-10-31 00:40:08 +02:00
vlynq
vme	vme: vme_get_size potentially returning incorrect value on failure	2016-10-28 08:25:18 -04:00
w1
watchdog	watchdog: qcom: fix kernel panic due to external abort on non-linefetch	2017-01-06 10:40:16 +01:00
xen	xen/gntdev: Use VM_MIXEDMAP instead of VM_IO to avoid NUMA balancing	2017-01-06 10:40:17 +01:00
zorro
Kconfig
Makefile	A small bug fix and a new driver for acting as an IPMI device.	2016-10-23 15:56:23 -07:00