github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 23:23:53 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
2a140e31c9
linux/drivers
History
Namhyung Kim 2a140e31c9 loop: limit 'max_part' module param to DISK_MAX_PARTS 
commit 78f4bb367f upstream.

The 'max_part' parameter controls the number of maximum partition
a loop block device can have. However if a user specifies very
large value it would exceed the limitation of device minor number
and can cause a kernel panic (or, at least, produce invalid
device nodes in some cases).

On my desktop system, following command kills the kernel. On qemu,
it triggers similar oops but the kernel was alive:

$ sudo modprobe loop max_part0000
 ------------[ cut here ]------------
 kernel BUG at /media/Linux_Data/project/linux/fs/sysfs/group.c:65!
 invalid opcode: 0000 [#1] SMP
 last sysfs file:
 CPU 0
 Modules linked in: loop(+)

 Pid: 43, comm: insmod Tainted: G        W   2.6.39-qemu+ #155 Bochs Bochs
 RIP: 0010:[<ffffffff8113ce61>]  [<ffffffff8113ce61>] internal_create_group=
+0x2a/0x170
 RSP: 0018:ffff880007b3fde8  EFLAGS: 00000246
 RAX: 00000000ffffffef RBX: ffff880007b3d878 RCX: 00000000000007b4
 RDX: ffffffff8152da50 RSI: 0000000000000000 RDI: ffff880007b3d878
 RBP: ffff880007b3fe38 R08: ffff880007b3fde8 R09: 0000000000000000
 R10: ffff88000783b4a8 R11: ffff880007b3d878 R12: ffffffff8152da50
 R13: ffff880007b3d868 R14: 0000000000000000 R15: ffff880007b3d800
 FS:  0000000002137880(0063) GS:ffff880007c00000(0000) knlGS:00000000000000=
00
 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: 0000000000422680 CR3: 0000000007b50000 CR4: 00000000000006b0
 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
 DR3: 0000000000000000 DR6: 0000000000000000 DR7: 0000000000000000
 Process insmod (pid: 43, threadinfo ffff880007b3e000, task ffff880007afb9c=
0)
 Stack:
  ffff880007b3fe58 ffffffff811e66dd ffff880007b3fe58 ffffffff811e570b
  0000000000000010 ffff880007b3d800 ffff880007a7b390 ffff880007b3d868
  0000000000400920 ffff880007b3d800 ffff880007b3fe48 ffffffff8113cfc8
 Call Trace:
  [<ffffffff811e66dd>] ? device_add+0x4bc/0x5af
  [<ffffffff811e570b>] ? dev_set_name+0x3c/0x3e
  [<ffffffff8113cfc8>] sysfs_create_group+0xe/0x12
  [<ffffffff810b420e>] blk_trace_init_sysfs+0x14/0x16
  [<ffffffff8116a090>] blk_register_queue+0x47/0xf7
  [<ffffffff8116f527>] add_disk+0xdf/0x290
  [<ffffffffa00060eb>] loop_init+0xeb/0x1b8 [loop]
  [<ffffffffa0006000>] ? 0xffffffffa0005fff
  [<ffffffff8100020a>] do_one_initcall+0x7a/0x12e
  [<ffffffff81096804>] sys_init_module+0x9c/0x1e0
  [<ffffffff813329bb>] system_call_fastpath+0x16/0x1b
 Code: c3 55 48 89 e5 41 57 41 56 41 89 f6 41 55 41 54 49 89 d4 53 48 89 fb=
 48 83 ec 28 48 85 ff 74 0b 85 f6 75 0b 48 83 7f 30 00 75 14 <0f> 0b eb fe =
48 83 7f 30 00 b9 ea ff ff ff 0f 84 18 01 00 00 49
 RIP  [<ffffffff8113ce61>] internal_create_group+0x2a/0x170
  RSP <ffff880007b3fde8>
 ---[ end trace a123eb592043acad ]---

Signed-off-by: Namhyung Kim <namhyung@gmail.com>
Cc: Laurent Vivier <Laurent.Vivier@bull.net>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2011-06-23 15:24:03 -07:00
..
accessibility
acpi ACPI: EC: Add another dmi match entry for MSI hardware 2011-01-07 14:43:07 -08:00
amba
ata libata: set queue DMA alignment to sector size for ATAPI too 2011-05-09 15:55:41 -07:00
atm atm/solos-pci: Don't include frame pseudo-header on transmit hex-dump 2011-04-14 16:53:44 -07:00
auxdisplay
base firmware_class: fix memory leak - free allocated pages 2010-08-02 10:21:25 -07:00
block loop: limit 'max_part' module param to DISK_MAX_PARTS 2011-06-23 15:24:03 -07:00
bluetooth Bluetooth: Add MacBookAir3,1(2) support 2011-05-09 15:55:26 -07:00
cdrom
char Fix gcc 4.5.1 miscompiling drivers/char/i8k.c (again) 2011-05-09 15:54:59 -07:00
clocksource clocksource: sh_tmu: compute mult and shift before registration 2010-09-26 17:21:37 -07:00
connector connector: Delete buggy notification code. 2010-02-09 04:50:59 -08:00
cpufreq Fix memory leak in cpufreq_stat 2011-06-23 15:24:00 -07:00
cpuidle cpuidle: Fix incorrect optimization 2010-05-12 14:57:16 -07:00
crypto crypto: padlock - Fix AES-CBC handling on odd-block-sized input 2010-12-09 13:27:10 -08:00
dca
dio
dma mv_xor: fix race in tasklet function 2011-01-07 14:43:17 -08:00
edac amd64_edac: Fix interleaving check 2011-01-07 14:43:06 -08:00
eisa
firewire firewire: ohci: fix race in AR split packet handling 2010-12-09 13:26:50 -08:00
firmware dcdbas: force SMI to happen when expected 2011-03-27 11:30:51 -07:00
gpio gpiolib: Actually set output state in wm831x_gpio_direction_output() 2010-03-15 08:49:57 -07:00
gpu drm/radeon/kms: fix bad shift in atom iio table parser 2011-05-09 15:54:47 -07:00
hid HID: add MacBookAir 3,1 and 3,2 support 2011-05-09 15:55:37 -07:00
hwmon hwmon: (applesmc) Add MacBookAir3,1(3,2) support 2011-05-09 15:55:17 -07:00
i2c i2c: Unregister dummy devices last on adapter removal 2011-02-17 15:37:03 -08:00
ide ide-cd: Do not access completed requests in the irq handler 2010-08-13 13:19:36 -07:00
idle
ieee1394 headers: remove sched.h from interrupt.h 2009-10-11 11:20:58 -07:00
ieee802154 ieee802154: dont leak skbs in ieee802154_fake_xmit() 2009-11-19 13:16:21 -08:00
infiniband IB/cm: Bump reference count on cm_id before invoking callback 2011-03-23 13:16:43 -07:00
input Input: elantech - discard the first 2 positions on some firmwares 2011-05-09 15:55:08 -07:00
isdn isdn: avoid calling tty_ldisc_flush() in atomic context 2011-03-23 13:16:55 -07:00
leds leds-gpio: fix default state handling on OF platforms 2010-04-01 15:58:53 -07:00
lguest lguest: fix bug in setting guest GDT entry 2010-01-06 15:05:19 -08:00
macintosh macintosh/therm_adt746x: Fix sysfs attributes lifetime 2010-03-15 08:49:46 -07:00
mca
md md: correctly handle probe of an 'mdp' device. 2011-03-02 09:47:05 -05:00
media V4L/DVB: Add Elgato EyeTV Diversity to dibcom driver 2011-05-09 15:55:30 -07:00
memstick memstick: fix hangs on unexpected device removal in mspro_blk 2010-08-26 16:41:32 -07:00
message mptfusion: Fix Incorrect return value in mptscsih_dev_reset 2011-03-02 09:46:33 -05:00
mfd mfd: ab3100: world-writable debugfs *_priv files 2011-04-14 16:53:37 -07:00
misc drivers/misc/ep93xx_pwm.c: world-writable sysfs files 2011-04-14 16:53:38 -07:00
mmc mmc: build fix: mmc_pm_notify is only available with CONFIG_PM=y 2011-05-09 15:55:32 -07:00
mtd mtd: mtdconcat: fix NAND OOB write 2011-06-23 15:24:01 -07:00
net netxen: Remove references to unified firmware file 2011-05-23 11:20:27 -07:00
nubus
of of: Remove nested function 2009-10-15 09:58:27 -06:00
oprofile oprofile: fix crash when accessing freed task structs 2010-09-20 13:17:50 -07:00
parisc PARISC: led.c - fix potential stack overflow in led_proc_write() 2010-08-10 10:20:37 -07:00
parport
pci PCI: allow matching of prefetchable resources to non-prefetchable windows 2011-06-23 15:24:03 -07:00
pcmcia pcmcia: avoid buffer overflow in pcmcia_setup_isa_irq 2010-08-26 16:41:53 -07:00
platform dell-laptop: Add another Dell laptop family to the DMI whitelist 2011-05-09 15:55:34 -07:00
pnp
power ds2760_battery: Fix calculation of time_to_empty_now 2011-02-17 15:37:02 -08:00
pps pps: events reporting fix up 2009-11-12 07:26:01 -08:00
ps3
rapidio
regulator regulator: Fix display of null constraints for regulators 2010-02-23 07:37:49 -08:00
rtc drivers/rtc/rtc-ds1511.c: world-writable sysfs nvram file 2011-04-14 16:53:37 -07:00
s390 dasd: correct device table 2011-05-09 15:54:50 -07:00
sbus
scsi Fix Ultrastor asm snippet 2011-06-23 15:24:01 -07:00
serial serial/imx: read cts state only after acking cts change irq 2011-05-09 15:54:48 -07:00
sfi
sh
sn
spi SPI: spi_txx9: Fix bit rate calculation 2009-12-02 23:58:32 +00:00
ssb ssb: b43-pci-bridge: Add new vendor for BCM4318 2010-12-09 13:26:41 -08:00
staging staging: usbip: fix wrong endian conversion 2011-06-23 15:24:02 -07:00
tc
telephony
thermal acpi: thermal: Add EOL to the trip_point_N_type strings 2009-11-05 17:33:24 -05:00
uio uio: pm_runtime_disable is needed if failed 2009-11-13 11:36:00 +09:00
usb usb: musb: core: set has_tt flag 2011-05-09 15:55:41 -07:00
uwb headers: remove sched.h from interrupt.h 2009-10-11 11:20:58 -07:00
video backlight: MacBookAir3,1(3,2) mbp-nvidia-bl support 2011-05-09 15:55:36 -07:00
virtio virtio: set pci bus master enable bit 2011-03-07 15:17:55 -08:00
vlynq
w1 w1: w1 temp: fix negative termperature calculation 2010-05-12 14:57:00 -07:00
watchdog WATCHDOG: iTCO_wdt: TCO Watchdog patch for additional Intel Cougar Point DeviceIDs 2010-04-26 07:41:18 -07:00
xen xen: ensure that all event channels start off bound to VCPU 0 2010-12-09 13:26:42 -08:00
zorro
Kconfig
Makefile virtio: initialize earlier 2010-05-12 14:57:15 -07:00