github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-05 13:06:59 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
d68ce834f8
linux/drivers/s390/cio
History
Danilo Krummrich ac4d8bb6e2 s390/cio: use generic driver_override infrastructure 
When a driver is probed through __driver_attach(), the bus' match()
callback is called without the device lock held, thus accessing the
driver_override field without a lock, which can cause a UAF.

Fix this by using the driver-core driver_override infrastructure taking
care of proper locking internally.

Note that calling match() from __driver_attach() without the device lock
held is intentional. [1]

Link: https://lore.kernel.org/driver-core/DGRGTIRHA62X.3RY09D9SOK77P@kernel.org/ [1]
Reported-by: Gui-Dong Han <hanguidong02@gmail.com>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220789
Fixes: ebc3d17915 ("s390/cio: introduce driver_override on the css bus")
Reviewed-by: Vineeth Vijayan <vneethv@linux.ibm.com>
Link: https://patch.msgid.link/20260324005919.2408620-10-dakr@kernel.org
Signed-off-by: Danilo Krummrich <dakr@kernel.org>
2026-04-04 00:48:40 +02:00
..
airq.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
blacklist.c kernel.h: drop hex.h and update all hex.h users 2026-01-20 19:44:19 -08:00
blacklist.h
ccwgroup.c Convert 'alloc_flex' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
ccwreq.c s390: Remove KMSG_COMPONENT macro 2025-11-24 11:45:21 +01:00
chp.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
chp.h s390/cio: Externalize full CMG characteristics 2024-11-13 14:31:31 +01:00
chsc_sch.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
chsc_sch.h
chsc.c s390: Remove KMSG_COMPONENT macro 2025-11-24 11:45:21 +01:00
chsc.h s390/cio: Externalize full CMG characteristics 2024-11-13 14:31:31 +01:00
cio_debug.h
cio_debugfs.c
cio_inject.c s390: Remove KMSG_COMPONENT macro 2025-11-24 11:45:21 +01:00
cio_inject.h
cio.c s390: Remove KMSG_COMPONENT macro 2025-11-24 11:45:21 +01:00
cio.h s390/cio: use generic driver_override infrastructure 2026-04-04 00:48:40 +02:00
cmf.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
crw.c s390/cio: Remove outdated email address 2025-02-18 18:53:47 +01:00
css.c s390/cio: use generic driver_override infrastructure 2026-04-04 00:48:40 +02:00
css.h
device_fsm.c s390/drivers: Explicitly include <linux/export.h> 2025-06-17 18:18:02 +02:00
device_id.c s390: Convert MACHINE_IS_[LPAR|VM|KVM], etc, machine_is_[lpar|vm|kvm]() 2025-03-04 17:18:07 +01:00
device_ops.c s390/cio: Use array indices instead of pointer arithmetic 2025-01-03 11:00:53 +01:00
device_pgid.c
device_status.c s390/cio: Use scnprintf() instead of sprintf() 2025-10-21 10:17:30 +02:00
device.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
device.h
eadm_sch.c treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
eadm_sch.h
fcx.c s390/drivers: Explicitly include <linux/export.h> 2025-06-17 18:18:02 +02:00
idset.c
idset.h
io_sch.h
ioasm.c s390/cio/ioasm: Fix __xsch() condition code handling 2025-09-29 13:52:08 +02:00
ioasm.h
isc.c s390/drivers: Explicitly include <linux/export.h> 2025-06-17 18:18:02 +02:00
itcw.c s390/drivers: Explicitly include <linux/export.h> 2025-06-17 18:18:02 +02:00
Makefile
orb.h
qdio_debug.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
qdio_debug.h
qdio_main.c treewide: Replace kmalloc with kmalloc_obj for non-scalar types 2026-02-21 01:02:28 -08:00
qdio_setup.c s390/qdio: Move memory alloc/pointer arithmetic for slib and sl into one place 2025-01-03 11:00:53 +01:00
qdio_thinint.c Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
qdio.h s390/qdio: Move memory alloc/pointer arithmetic for slib and sl into one place 2025-01-03 11:00:53 +01:00
scm.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
trace.c
trace.h
vfio_ccw_async.c
vfio_ccw_chp.c
vfio_ccw_cp.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
vfio_ccw_cp.h
vfio_ccw_drv.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
vfio_ccw_fsm.c
vfio_ccw_ops.c Convert more 'alloc_obj' cases to default GFP_KERNEL arguments 2026-02-21 20:03:00 -08:00
vfio_ccw_private.h s390/vfio-ccw: Make mdev_types not look like a fake flex array 2025-02-18 18:53:47 +01:00
vfio_ccw_trace.c
vfio_ccw_trace.h