Steven Rostedt (VMware) 9dc9648942 ring-buffer: Mask out the info bits when returning buffer page length ... commit 45d8b80c2a upstream. Two info bits were added to the "commit" part of the ring buffer data page when returned to be consumed. This was to inform the user space readers that events have been missed, and that the count may be stored at the end of the page. What wasn't handled, was the splice code that actually called a function to return the length of the data in order to zero out the rest of the page before sending it up to user space. These data bits were returned with the length making the value negative, and that negative value was not checked. It was compared to PAGE_SIZE, and only used if the size was less than PAGE_SIZE. Luckily PAGE_SIZE is unsigned long which made the compare an unsigned compare, meaning the negative size value did not end up causing a large portion of memory to be randomly zeroed out. Fixes: 66a8cb95ed ("ring-buffer: Add place holder recording of dropped events") Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2018-01-02 20:33:22 +01:00
..
bpf	bpf: don't let ldimm64 leak map addresses on unprivileged	2017-11-21 09:21:17 +01:00
configs	kconfig: tinyconfig: provide whole choice blocks to avoid warnings	2016-09-24 10:07:42 +02:00
debug	kdb: Fix handling of kallsyms_symbol_next() return value	2017-12-16 10:33:49 +01:00
events	bpf: one perf event close won't free bpf program attached by another perf event	2017-10-21 17:09:02 +02:00
gcov	gcov: support GCC 7.1	2017-09-02 07:06:51 +02:00
irq	genirq: Release resources in __setup_irq() error path	2017-06-26 07:13:10 +02:00
livepatch	livepatch: x86: fix relocation computation with kASLR	2015-11-11 17:36:04 +01:00
locking	locking/lockdep: Add nest_lock integrity test	2017-10-21 17:09:03 +02:00
power	sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs	2017-10-12 11:27:35 +02:00
printk	printk: use rcuidle console tracepoint	2017-02-23 17:43:10 +01:00
rcu	rcu: Allow for page faults in NMI handlers	2017-10-18 09:20:41 +02:00
sched	sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off()	2017-12-25 14:22:09 +01:00
time	timer/sysclt: Restrict timer migration sysctl values to 0 and 1	2017-10-05 09:41:47 +02:00
trace	ring-buffer: Mask out the info bits when returning buffer page length	2018-01-02 20:33:22 +01:00
.gitignore	certs: add .gitignore to stop git nagging about x509_certificate_list	2015-10-21 15:18:35 +01:00
acct.c
async.c
audit_fsnotify.c
audit_tree.c	audit: audit_tree_match can be boolean	2015-11-04 08:23:51 -05:00
audit_watch.c	audit: Fix use after free in audit_remove_watch_rule()	2017-08-24 17:02:35 -07:00
audit.c	audit: ensure that 'audit=1' actually enables audit for PID 1	2017-12-16 10:33:56 +01:00
audit.h	audit: audit_tree_match can be boolean	2015-11-04 08:23:51 -05:00
auditfilter.c	audit: fix comment block whitespace	2015-11-04 08:23:51 -05:00
auditsc.c	audit: fix a double fetch in audit_log_single_execve_arg()	2016-08-20 18:09:22 +02:00
backtracetest.c
bounds.c
capability.c	exec: Ensure mm->user_ns contains the execed files	2017-01-06 11:16:14 +01:00
cgroup_freezer.c	cgroup: fix handling of multi-destination migration from subtree_control enabling	2015-12-03 10:18:21 -05:00
cgroup_pids.c	cgroup_pids: don't account for the root cgroup	2015-12-03 10:18:21 -05:00
cgroup.c	cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups	2017-04-21 09:30:04 +02:00
compat.c
configs.c
context_tracking.c	context_tracking: avoid irq_save/irq_restore on guest entry and exit	2015-11-10 12:06:23 +01:00
cpu_pm.c
cpu.c	stable-fixup: hotplug: fix unused function warning	2017-01-12 11:22:48 +01:00
cpuset.c	sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs	2017-10-12 11:27:35 +02:00
crash_dump.c
cred.c	cred: Reject inodes with invalid ids in set_create_file_as()	2016-09-15 08:27:49 +02:00
delayacct.c
dma.c
elfcore.c
exec_domain.c
exit.c	wait/ptrace: assume __WALL if the child is traced	2016-06-07 18:14:35 -07:00
extable.c	kernel/extable.c: mark core_kernel_text notrace	2017-07-21 07:44:56 +02:00
fork.c	stackprotector: Increase the per-task stack canary's random range from 32 bits to 64 bits on 64-bit platforms	2017-06-14 13:16:23 +02:00
freezer.c
futex_compat.c	ptrace: use fsuid, fsgid, effective creds for fs access checks	2016-02-25 12:01:16 -08:00
futex.c	futex: Add missing error handling to FUTEX_REQUEUE_PI	2017-03-22 12:04:19 +01:00
groups.c
hung_task.c
irq_work.c	treewide: Remove old email address	2015-11-23 09:44:58 +01:00
jump_label.c	jump_label: Invoke jump_label_test() via early_initcall()	2017-12-16 10:33:55 +01:00
kallsyms.c
kcmp.c	ptrace: use fsuid, fsgid, effective creds for fs access checks	2016-02-25 12:01:16 -08:00
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kexec_core.c	kexec: use file name as the output message prefix	2015-11-06 17:50:42 -08:00
kexec_file.c	kexec: fix double-free when failing to relocate the purgatory	2016-09-24 10:07:36 +02:00
kexec_internal.h
kexec.c	kexec: use file name as the output message prefix	2015-11-06 17:50:42 -08:00
kmod.c	kmod: don't run async usermode helper as a child of kworker thread	2015-10-23 17:55:10 +09:00
kprobes.c	tracing/kprobes: Enforce kprobes teardown after testing	2017-05-25 14:30:17 +02:00
ksysfs.c
kthread.c	cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups	2017-04-21 09:30:04 +02:00
latencytop.c
Makefile
membarrier.c	Fix: Disable sys_membarrier when nohz_full is enabled	2017-03-12 06:37:26 +01:00
memremap.c	mm: fix devm_memremap_pages crash, use mem_hotplug_{begin, done}	2017-01-19 20:17:18 +01:00
module_signing.c	KEYS: Merge the type-specific data with the payload data	2015-10-21 15:18:36 +01:00
module-internal.h
module.c	module: Invalidate signatures on force-loaded modules	2016-08-20 18:09:27 +02:00
notifier.c
nsproxy.c
padata.c	padata: free correct variable	2017-05-20 14:27:02 +02:00
panic.c	kernel/panic.c: add missing \n	2017-07-05 14:37:19 +02:00
params.c	Nothing exciting, minor tweaks and cleanups.	2015-11-09 15:53:39 -08:00
pid_namespace.c	pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes	2017-05-25 14:30:11 +02:00
pid.c	pids: make task_tgid_nr_ns() safe	2017-08-24 17:02:36 -07:00
profile.c
ptrace.c	ptrace: Properly initialize ptracer_cred on fork	2017-06-14 13:16:20 +02:00
range.c
reboot.c
relay.c
resource.c	/proc/iomem: only expose physical resource addresses to privileged users	2017-08-06 19:19:42 -07:00
seccomp.c	seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()	2017-10-05 09:41:46 +02:00
signal.c	signal: protect SIGNAL_UNKILLABLE from unintentional clearing.	2017-08-11 09:08:59 -07:00
smp.c	mm, page_alloc: distinguish between being unable to sleep, unwilling to sleep and avoiding waking kswapd	2015-11-06 17:50:42 -08:00
smpboot.c	stop_machine: Kill smp_hotplug_thread->pre_unpark, introduce stop_machine_unpark()	2015-10-20 10:23:55 +02:00
smpboot.h
softirq.c
stacktrace.c
stop_machine.c	kernel: remove stop_machine() Kconfig dependency	2015-12-12 10:15:34 -08:00
sys_ni.c	mm: mlock: add new mlock system call	2015-11-05 19:34:48 -08:00
sys.c	prctl: take mmap sem for writing to protect against others	2016-02-25 12:01:25 -08:00
sysctl_binary.c	fs/coredump: prevent fsuid=0 dumps into user-controlled directories	2016-04-12 09:08:58 -07:00
sysctl.c	timer/sysclt: Restrict timer migration sysctl values to 0 and 1	2017-10-05 09:41:47 +02:00
task_work.c
taskstats.c
test_kprobes.c
torture.c	torture: Consolidate cond_resched_rcu_qs() into stutter_wait()	2015-10-06 11:25:01 -07:00
tracepoint.c	tracepoint: Give priority to probes of tracepoints	2015-10-25 21:33:54 -04:00
tsacct.c
uid16.c
up.c
user_namespace.c
user-return-notifier.c
user.c
utsname_sysctl.c
utsname.c
watchdog.c	kernel/watchdog: use nmi registers snapshot in hardlockup handler	2017-01-06 11:16:16 +01:00
workqueue_internal.h	workqueue: Fix NULL pointer dereference	2017-11-15 17:13:11 +01:00
workqueue.c	workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq	2017-12-16 10:33:52 +01:00