github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 05:55:44 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
4820847e8b
linux/drivers/net
History
Lorenzo Bianconi 9a56e2b271 mt76: dma: initialize skip_unmap in mt76_dma_rx_fill 
[ Upstream commit 577298ec55 ]

Even if it is only a false-positive since skip_buf0/skip_buf1 are only
used in mt76_dma_tx_cleanup_idx routine, initialize skip_unmap in
mt76_dma_rx_fill in order to fix the following UBSAN report:

[   13.924906] UBSAN: invalid-load in linux-5.15.0/drivers/net/wireless/mediatek/mt76/dma.c:162:13
[   13.924909] load of value 225 is not a valid value for type '_Bool'
[   13.924912] CPU: 9 PID: 672 Comm: systemd-udevd Not tainted 5.15.0-18-generic #18-Ubuntu
[   13.924914] Hardware name: LENOVO 21A0000CMX/21A0000CMX, BIOS R1MET43W (1.13 ) 11/05/2021
[   13.924915] Call Trace:
[   13.924917]  <TASK>
[   13.924920]  show_stack+0x52/0x58
[   13.924925]  dump_stack_lvl+0x4a/0x5f
[   13.924931]  dump_stack+0x10/0x12
[   13.924932]  ubsan_epilogue+0x9/0x45
[   13.924934]  __ubsan_handle_load_invalid_value.cold+0x44/0x49
[   13.924935]  ? __iommu_dma_map+0x84/0xf0
[   13.924939]  mt76_dma_add_buf.constprop.0.cold+0x23/0x85 [mt76]
[   13.924949]  mt76_dma_rx_fill.isra.0+0x102/0x1f0 [mt76]
[   13.924954]  mt76_dma_init+0xc9/0x150 [mt76]
[   13.924959]  ? mt7921_dma_enable+0x110/0x110 [mt7921e]
[   13.924966]  mt7921_dma_init+0x1e3/0x260 [mt7921e]
[   13.924970]  mt7921_register_device+0x29d/0x510 [mt7921e]
[   13.924975]  mt7921_pci_probe.part.0+0x17f/0x1b0 [mt7921e]
[   13.924980]  mt7921_pci_probe+0x43/0x60 [mt7921e]
[   13.924984]  local_pci_probe+0x4b/0x90
[   13.924987]  pci_device_probe+0x115/0x1f0
[   13.924989]  really_probe+0x21e/0x420
[   13.924992]  __driver_probe_device+0x115/0x190
[   13.924994]  driver_probe_device+0x23/0xc0
[   13.924996]  __driver_attach+0xbd/0x1d0
[   13.924998]  ? __device_attach_driver+0x110/0x110
[   13.924999]  bus_for_each_dev+0x7e/0xc0
[   13.925001]  driver_attach+0x1e/0x20
[   13.925003]  bus_add_driver+0x135/0x200
[   13.925005]  driver_register+0x95/0xf0
[   13.925008]  ? 0xffffffffc0766000
[   13.925010]  __pci_register_driver+0x68/0x70
[   13.925011]  mt7921_pci_driver_init+0x23/0x1000 [mt7921e]
[   13.925015]  do_one_initcall+0x48/0x1d0
[   13.925019]  ? kmem_cache_alloc_trace+0x19e/0x2e0
[   13.925022]  do_init_module+0x62/0x280
[   13.925025]  load_module+0xac9/0xbb0
[   13.925027]  __do_sys_finit_module+0xbf/0x120
[   13.925029]  __x64_sys_finit_module+0x18/0x20
[   13.925030]  do_syscall_64+0x5c/0xc0
[   13.925033]  ? do_syscall_64+0x69/0xc0
[   13.925034]  ? sysvec_reschedule_ipi+0x78/0xe0
[   13.925036]  ? asm_sysvec_reschedule_ipi+0xa/0x20
[   13.925039]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   13.925040] RIP: 0033:0x7fbf2b90f94d
[   13.925045] RSP: 002b:00007ffe2ec7e5d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[   13.925047] RAX: ffffffffffffffda RBX: 000056106b0634e0 RCX: 00007fbf2b90f94d
[   13.925048] RDX: 0000000000000000 RSI: 00007fbf2baa3441 RDI: 0000000000000013
[   13.925049] RBP: 0000000000020000 R08: 0000000000000000 R09: 0000000000000002
[   13.925050] R10: 0000000000000013 R11: 0000000000000246 R12: 00007fbf2baa3441
[   13.925051] R13: 000056106b062620 R14: 000056106b0610c0 R15: 000056106b0640d0
[   13.925053]  </TASK>

Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-04-13 21:00:56 +02:00
..
appletalk net: appletalk: cops: Fix data race in cops_probe1 2021-06-16 12:01:37 +02:00
arcnet net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() 2022-03-08 19:09:35 +01:00
bonding bonding: fix data-races around agg_select_timer 2022-02-23 12:01:02 +01:00
caif net: caif: fix memory leak in ldisc_open 2021-06-30 08:47:21 -04:00
can can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path 2022-04-08 14:40:44 +02:00
dsa net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list iterator 2022-04-08 14:40:30 +02:00
ethernet net: hns3: fix software vlan talbe of vlan 0 inconsistent with hardware 2022-04-08 14:40:40 +02:00
fddi net: fddi: fix UAF in fza_probe 2021-07-25 14:36:20 +02:00
fjes fjes: Check for error irq 2021-12-29 12:25:57 +01:00
hamradio drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() 2022-04-08 14:39:55 +02:00
hippi
hyperv hv_netvsc: Add check for kvmalloc_array 2022-03-23 09:13:28 +01:00
ieee802154 net: ieee802154: ca8210: Fix lifs/sifs periods 2022-02-23 12:01:02 +01:00
ipa net: ipa: prevent concurrent replenish 2022-02-05 12:37:55 +01:00
ipvlan
mdio net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE 2022-02-16 12:54:26 +01:00
netdevsim netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc 2021-12-22 09:30:55 +01:00
pcs
phy net: phy: broadcom: Fix brcm_fet_config_init() 2022-04-08 14:40:29 +02:00
plip
ppp ppp: ensure minimum packet size in ppp_write() 2022-01-27 10:54:01 +01:00
slip
team
usb smsc95xx: Ignore -ENODEV errors when device is unplugged 2022-03-23 09:13:29 +01:00
vmxnet3 vmxnet3: do not stop tx queues after netif_device_detach() 2021-11-18 14:03:43 +01:00
wan net: lapbether: Prevent racing when checking whether the netif is running 2021-05-14 09:50:29 +02:00
wimax
wireguard wireguard: socket: ignore v6 endpoints when ipv6 is disabled 2022-04-08 14:40:40 +02:00
wireless mt76: dma: initialize skip_unmap in mt76_dma_rx_fill 2022-04-13 21:00:56 +02:00
xen-netback Revert "xen-netback: Check for hotplug-status existence before watching" 2022-03-16 14:16:00 +01:00
bareudp.c bareudp: use ipv6_mod_enabled to check if IPv6 enabled 2022-04-08 14:40:22 +02:00
dummy.c
eql.c
geneve.c net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb 2021-05-14 09:50:43 +02:00
gtp.c
ifb.c ifb: fix building without CONFIG_NET_CLS_ACT 2021-11-18 14:03:49 +01:00
Kconfig ifb: Depend on netfilter alternatively to tc 2021-11-18 14:03:46 +01:00
LICENSE.SRC
loopback.c
macsec.c net: macsec: Verify that send_sci is on when setting Tx sci explicitly 2022-02-08 18:30:38 +01:00
macvlan.c
macvtap.c
Makefile
mdio.c
mii.c
net_failover.c
netconsole.c
nlmon.c
ntb_netdev.c
rionet.c
sb1000.c
Space.c
sungem_phy.c
tap.c
thunderbolt.c
tun.c tun: fix bonding active backup with arp monitoring 2021-11-26 10:39:18 +01:00
veth.c veth: fix races around rq->rx_notify_masked 2022-02-16 12:54:26 +01:00
virtio_net.c virtio-net: use NETIF_F_GRO_HW instead of NETIF_F_LRO 2021-08-26 08:35:48 -04:00
vrf.c vrf: don't run conntrack on vrf with !dflt qdisc 2021-12-14 11:32:36 +01:00
vsockmon.c
vxlan.c vxlan: add missing rcu_read_lock() in neigh_reduce() 2021-07-14 16:56:25 +02:00
xen-netfront.c xen/netfront: react properly to failing gnttab_end_foreign_access_ref() 2022-03-11 12:11:55 +01:00