From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, ChenXiaoSong <chenxiaosong2@huawei.com>,
Hawkins Jiawei <yin31149@gmail.com>,
Anton Altaparmakov <anton@tuxera.com>,
Yongqiang Liu <liuyongqiang13@huawei.com>,
Zhang Yi <yi.zhang@huawei.com>,
Zhang Xiaoxu <zhangxiaoxu5@huawei.com>,
Andrew Morton <akpm@linux-foundation.org>
Subject: [PATCH 4.14 002/229] ntfs: fix use-after-free in ntfs_ucsncmp()
Date: Tue, 23 Aug 2022 10:22:43 +0200 [thread overview]
Message-ID: <20220823080053.326718526@linuxfoundation.org> (raw)
In-Reply-To: <20220823080053.202747790@linuxfoundation.org>
From: ChenXiaoSong <chenxiaosong2@huawei.com>
commit 38c9c22a85aeed28d0831f230136e9cf6fa2ed44 upstream.
Syzkaller reported use-after-free bug as follows:
==================================================================
BUG: KASAN: use-after-free in ntfs_ucsncmp+0x123/0x130
Read of size 2 at addr ffff8880751acee8 by task a.out/879
CPU: 7 PID: 879 Comm: a.out Not tainted 5.19.0-rc4-next-20220630-00001-gcc5218c8bd2c-dirty #7
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
Call Trace:
<TASK>
dump_stack_lvl+0x1c0/0x2b0
print_address_description.constprop.0.cold+0xd4/0x484
print_report.cold+0x55/0x232
kasan_report+0xbf/0xf0
ntfs_ucsncmp+0x123/0x130
ntfs_are_names_equal.cold+0x2b/0x41
ntfs_attr_find+0x43b/0xb90
ntfs_attr_lookup+0x16d/0x1e0
ntfs_read_locked_attr_inode+0x4aa/0x2360
ntfs_attr_iget+0x1af/0x220
ntfs_read_locked_inode+0x246c/0x5120
ntfs_iget+0x132/0x180
load_system_files+0x1cc6/0x3480
ntfs_fill_super+0xa66/0x1cf0
mount_bdev+0x38d/0x460
legacy_get_tree+0x10d/0x220
vfs_get_tree+0x93/0x300
do_new_mount+0x2da/0x6d0
path_mount+0x496/0x19d0
__x64_sys_mount+0x284/0x300
do_syscall_64+0x3b/0xc0
entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7f3f2118d9ea
Code: 48 8b 0d a9 f4 0b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 76 f4 0b 00 f7 d8 64 89 01 48
RSP: 002b:00007ffc269deac8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3f2118d9ea
RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffc269dec00
RBP: 00007ffc269dec80 R08: 00007ffc269deb00 R09: 00007ffc269dec44
R10: 0000000000000000 R11: 0000000000000202 R12: 000055f81ab1d220
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
</TASK>
The buggy address belongs to the physical page:
page:0000000085430378 refcount:1 mapcount:1 mapping:0000000000000000 index:0x555c6a81d pfn:0x751ac
memcg:ffff888101f7e180
anon flags: 0xfffffc00a0014(uptodate|lru|mappedtodisk|swapbacked|node=0|zone=1|lastcpupid=0x1fffff)
raw: 000fffffc00a0014 ffffea0001bf2988 ffffea0001de2448 ffff88801712e201
raw: 0000000555c6a81d 0000000000000000 0000000100000000 ffff888101f7e180
page dumped because: kasan: bad access detected
Memory state around the buggy address:
ffff8880751acd80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff8880751ace00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff8880751ace80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
ffff8880751acf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff8880751acf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================
The reason is that struct ATTR_RECORD->name_offset is 6485, end address of
name string is out of bounds.
Fix this by adding sanity check on end address of attribute name string.
[akpm@linux-foundation.org: coding-style cleanups]
[chenxiaosong2@huawei.com: cleanup suggested by Hawkins Jiawei]
Link: https://lkml.kernel.org/r/20220709064511.3304299-1-chenxiaosong2@huawei.com
Link: https://lkml.kernel.org/r/20220707105329.4020708-1-chenxiaosong2@huawei.com
Signed-off-by: ChenXiaoSong <chenxiaosong2@huawei.com>
Signed-off-by: Hawkins Jiawei <yin31149@gmail.com>
Cc: Anton Altaparmakov <anton@tuxera.com>
Cc: ChenXiaoSong <chenxiaosong2@huawei.com>
Cc: Yongqiang Liu <liuyongqiang13@huawei.com>
Cc: Zhang Yi <yi.zhang@huawei.com>
Cc: Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/ntfs/attrib.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
--- a/fs/ntfs/attrib.c
+++ b/fs/ntfs/attrib.c
@@ -606,8 +606,12 @@ static int ntfs_attr_find(const ATTR_TYP
a = (ATTR_RECORD*)((u8*)ctx->attr +
le32_to_cpu(ctx->attr->length));
for (;; a = (ATTR_RECORD*)((u8*)a + le32_to_cpu(a->length))) {
- if ((u8*)a < (u8*)ctx->mrec || (u8*)a > (u8*)ctx->mrec +
- le32_to_cpu(ctx->mrec->bytes_allocated))
+ u8 *mrec_end = (u8 *)ctx->mrec +
+ le32_to_cpu(ctx->mrec->bytes_allocated);
+ u8 *name_end = (u8 *)a + le16_to_cpu(a->name_offset) +
+ a->name_length * sizeof(ntfschar);
+ if ((u8*)a < (u8*)ctx->mrec || (u8*)a > mrec_end ||
+ name_end > mrec_end)
break;
ctx->attr = a;
if (unlikely(le32_to_cpu(a->type) > le32_to_cpu(type) ||
next prev parent reply other threads:[~2022-08-23 9:32 UTC|newest]
Thread overview: 232+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-23 8:22 [PATCH 4.14 000/229] 4.14.291-rc1 review Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 001/229] Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put Greg Kroah-Hartman
2022-08-23 8:22 ` Greg Kroah-Hartman [this message]
2022-08-23 8:22 ` [PATCH 4.14 003/229] s390/archrandom: prevent CPACF trng invocations in interrupt context Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 004/229] scsi: ufs: host: Hold reference returned by of_parse_phandle() Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 005/229] net: ping6: Fix memleak in ipv6_renew_options() Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 006/229] net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 007/229] netfilter: nf_queue: do not allow packet truncation below transport header offset Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 008/229] ARM: crypto: comment out gcc warning that breaks clang builds Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 009/229] mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 010/229] ACPI: video: Force backlight native for some TongFang devices Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 011/229] ACPI: video: Shortening quirk list by identifying Clevo by board_name only Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 012/229] macintosh/adb: fix oob read in do_adb_query() function Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 013/229] Makefile: link with -z noexecstack --no-warn-rwx-segments Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 014/229] x86: link vdso and boot " Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 015/229] ALSA: bcd2000: Fix a UAF bug on the error path of probing Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 016/229] add barriers to buffer_uptodate and set_buffer_uptodate Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 017/229] HID: wacom: Dont register pad_input for touch switch Greg Kroah-Hartman
2022-08-23 8:22 ` [PATCH 4.14 018/229] KVM: SVM: Dont BUG if userspace injects an interrupt with GIF=0 Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 019/229] KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 020/229] KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 021/229] ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 022/229] ALSA: hda/cirrus - support for iMac 12,1 model Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 023/229] vfs: Check the truncate maximum size in inode_newsize_ok() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 024/229] fs: Add missing umask strip in vfs_tmpfile Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 025/229] usbnet: Fix linkwatch use-after-free on disconnect Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 026/229] parisc: Fix device names in /proc/iomem Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 027/229] drm/nouveau: fix another off-by-one in nvbios_addr Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 028/229] drm/amdgpu: Check BOs requested pinning domains against its preferred_domains Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 029/229] iio: light: isl29028: Fix the warning in isl29028_remove() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 030/229] fuse: limit nsec Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 031/229] md-raid10: fix KASAN warning Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 032/229] ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 033/229] PCI: Add defines for normal and subtractive PCI bridges Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 034/229] powerpc/fsl-pci: Fix Class Code of PCIe Root Port Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 035/229] powerpc/powernv: Avoid crashing if rng is NULL Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 036/229] MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 037/229] USB: HCD: Fix URB giveback issue in tasklet function Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 038/229] netfilter: nf_tables: fix null deref due to zeroed list head Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 039/229] arm64: Do not forget syscall when starting a new thread Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 040/229] arm64: fix oops in concurrently setting insn_emulation sysctls Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 041/229] ext2: Add more validity checks for inode counts Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 042/229] ARM: dts: imx6ul: add missing properties for sram Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 043/229] ARM: dts: imx6ul: fix qspi node compatible Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 044/229] ARM: OMAP2+: display: Fix refcount leak bug Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 045/229] ACPI: PM: save NVS memory for Lenovo G40-45 Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 046/229] ACPI: LPSS: Fix missing check in register_device_clock() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 047/229] PM: hibernate: defer device probing when resuming from hibernation Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 048/229] selinux: Add boundary check in put_entry() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 049/229] ARM: findbit: fix overflowing offset Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 050/229] ARM: bcm: Fix refcount leak in bcm_kona_smc_init Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 051/229] x86/pmem: Fix platform-device leak in error path Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 052/229] ARM: dts: ast2500-evb: fix board compatible Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 053/229] soc: fsl: guts: machine variable might be unset Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 054/229] cpufreq: zynq: Fix refcount leak in zynq_get_revision Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 055/229] ARM: dts: qcom: pm8841: add required thermal-sensor-cells Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 056/229] arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 057/229] regulator: of: Fix refcount leak bug in of_get_regulation_constraints() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 058/229] thermal/tools/tmon: Include pthread and time headers in tmon.h Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 059/229] dm: return early from dm_pr_call() if DM device is suspended Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 060/229] drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 061/229] drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 062/229] i2c: Fix a potential use after free Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 063/229] ath9k: fix use-after-free in ath9k_hif_usb_rx_cb Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 064/229] wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 065/229] drm: bridge: adv7511: Add check for mipi_dsi_driver_register Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 066/229] media: hdpvr: fix error value returns in hdpvr_read Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 067/229] drm/vc4: dsi: Correct DSI divider calculations Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 068/229] drm/rockchip: vop: Dont crash for invalid duplicate_state() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 069/229] drm/mediatek: dpi: Remove output format of YUV Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 070/229] drm: bridge: sii8620: fix possible off-by-one Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 071/229] media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 072/229] tcp: make retransmitted SKB fit into the send window Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 073/229] selftests: timers: valid-adjtimex: build fix for newer toolchains Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 074/229] selftests: timers: clocksource-switch: fix passing errors from child Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 075/229] fs: check FMODE_LSEEK to control internal pipe splicing Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 076/229] wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 077/229] wifi: p54: Fix an error handling path in p54spi_probe() Greg Kroah-Hartman
2022-08-23 8:23 ` [PATCH 4.14 078/229] wifi: p54: add missing parentheses in p54_flush() Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 079/229] can: pch_can: do not report txerr and rxerr during bus-off Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 080/229] can: rcar_can: " Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 081/229] can: sja1000: " Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 082/229] can: hi311x: " Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 083/229] can: sun4i_can: " Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 084/229] can: usb_8dev: " Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 085/229] can: error: specify the values of data[5..7] of CAN error frames Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 086/229] can: pch_can: pch_can_error(): initialize errc before using it Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 087/229] Bluetooth: hci_intel: Add check for platform_driver_register Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 088/229] i2c: cadence: Support PEC for SMBus block read Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 089/229] i2c: mux-gpmux: Add of_node_put() when breaking out of loop Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 090/229] wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 091/229] wifi: libertas: Fix possible refcount leak in if_usb_probe() Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 092/229] net: rose: fix netdev reference changes Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 093/229] dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 094/229] mtd: maps: Fix refcount leak in of_flash_probe_versatile Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 095/229] mtd: maps: Fix refcount leak in ap_flash_init Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 096/229] mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 097/229] mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()s error path Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 098/229] fpga: altera-pr-ip: fix unsigned comparison with less than zero Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 099/229] usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 100/229] usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 101/229] misc: rtsx: Fix an error handling path in rtsx_pci_probe() Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 102/229] mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 103/229] memstick/ms_block: Fix some incorrect memory allocation Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 104/229] memstick/ms_block: Fix a memory leak Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 105/229] mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 106/229] scsi: smartpqi: Fix DMA direction for RAID requests Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 107/229] usb: gadget: udc: amd5536 depends on HAS_DMA Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 108/229] RDMA/hfi1: fix potential memory leak in setup_base_ctxt() Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 109/229] gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 110/229] mmc: cavium-octeon: Add of_node_put() when breaking out of loop Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 111/229] mmc: cavium-thunderx: " Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 112/229] USB: serial: fix tty-port initialized comments Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 113/229] platform/olpc: Fix uninitialized data in debugfs write Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 114/229] mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 115/229] RDMA/rxe: Fix error unwind in rxe_create_qp() Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 116/229] ext4: recover csum seed of tmp_inode after migrating to extents Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 117/229] jbd2: fix assertion jh->b_frozen_data == NULL failure when journal aborted Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 118/229] ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 119/229] ASoC: codecs: da7210: add check for i2c_add_driver Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 120/229] ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 121/229] profiling: fix shift too large makes kernel panic Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 122/229] tty: n_gsm: fix non flow control frames during mux flow off Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 123/229] tty: n_gsm: fix packet re-transmission without open control channel Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 124/229] tty: n_gsm: fix race condition in gsmld_write() Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 125/229] remoteproc: qcom: wcnss: Fix handling of IRQs Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 126/229] vfio/ccw: Do not change FSM state in subchannel event Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 127/229] tty: n_gsm: fix wrong T1 retry count handling Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 128/229] tty: n_gsm: fix DM command Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 129/229] iommu/exynos: Handle failed IOMMU device registration properly Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 130/229] kfifo: fix kfifo_to_user() return type Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 131/229] mfd: t7l66xb: Drop platform disable callback Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 132/229] iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 133/229] s390/zcore: fix race when reading from hardware system area Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 134/229] video: fbdev: amba-clcd: Fix refcount leak bugs Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 135/229] video: fbdev: sis: fix typos in SiS_GetModeID() Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 136/229] powerpc/pci: Prefer PCI domain assignment via DT linux,pci-domain and alias Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 137/229] powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader Greg Kroah-Hartman
2022-08-23 8:24 ` [PATCH 4.14 138/229] powerpc/xive: Fix refcount leak in xive_get_max_prio Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 139/229] powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 140/229] kprobes: Forbid probing on trampoline and BPF code areas Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 141/229] powerpc/pci: Fix PHB numbering when using opal-phbid Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 142/229] genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined HAVE_LIBCRYPTO Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 143/229] x86/numa: Use cpumask_available instead of hardcoded NULL check Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 144/229] video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 145/229] tools/thermal: Fix possible path truncations Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 146/229] video: fbdev: vt8623fb: Check the size of screen before memset_io() Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 147/229] video: fbdev: arkfb: " Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 148/229] video: fbdev: s3fb: " Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 149/229] scsi: zfcp: Fix missing auto port scan and thus missing target ports Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 150/229] x86/olpc: fix logical not is only applied to the left hand side Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 151/229] spmi: trace: fix stack-out-of-bound access in SPMI tracing functions Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 152/229] ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 153/229] ext4: make sure ext4_append() always allocates new block Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 154/229] ext4: fix use-after-free in ext4_xattr_set_entry Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 155/229] ext4: update s_overhead_clusters in the superblock during an on-line resize Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 156/229] ext4: fix extent status tree race in writeback error recovery path Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 157/229] ext4: correct max_inline_xattr_value_size computing Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 158/229] ext4: correct the misjudgment in ext4_iget_extra_inode Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 159/229] intel_th: pci: Add Raptor Lake-S CPU support Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 160/229] intel_th: pci: Add Raptor Lake-S PCH support Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 161/229] intel_th: pci: Add Meteor Lake-P support Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 162/229] dm raid: fix address sanitizer warning in raid_resume Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 163/229] dm raid: fix address sanitizer warning in raid_status Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 164/229] net_sched: cls_route: remove from list when handle is 0 Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 165/229] btrfs: reject log replay if there is unsupported RO compat flag Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 166/229] KVM: Add infrastructure and macro to mark VM as bugged Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 167/229] KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 168/229] KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 169/229] tcp: fix over estimation in sk_forced_mem_schedule() Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 170/229] scsi: sg: Allow waiting for commands to complete on removed device Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 171/229] Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP" Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 172/229] Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 173/229] net/9p: Initialize the iounit field during fid creation Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 174/229] net_sched: cls_route: disallow handle of 0 Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 175/229] powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 176/229] ALSA: info: Fix llseek return value when using callback Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 177/229] rds: add missing barrier to release_refill Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 178/229] ata: libata-eh: Add missing command name Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 179/229] btrfs: fix lost error handling when looking up extended ref on log replay Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 180/229] can: ems_usb: fix clangs -Wunaligned-access warning Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 181/229] apparmor: fix quiet_denied for file rules Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 182/229] apparmor: Fix failed mount permission check error message Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 183/229] apparmor: fix aa_label_asxprint return check Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 184/229] apparmor: fix reference count leak in aa_pivotroot() Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 185/229] NFSv4: Fix races in the legacy idmapper upcall Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 186/229] NFSv4.1: RECLAIM_COMPLETE must handle EACCES Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 187/229] SUNRPC: Reinitialise the backchannel request buffers before reuse Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 188/229] pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 189/229] pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 190/229] ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 191/229] geneve: do not use RT_TOS for IPv6 flowlabel Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 192/229] vsock: Fix memory leak in vsock_connect() Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 193/229] vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 194/229] tools build: Switch to new openssl API for test-libcrypto Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 195/229] xen/xenbus: fix return type in xenbus_file_read() Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 196/229] atm: idt77252: fix use-after-free bugs caused by tst_timer Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 197/229] nios2: page fault et.al. are *not* restartable syscalls Greg Kroah-Hartman
2022-08-23 8:25 ` [PATCH 4.14 198/229] nios2: dont leave NULLs in sys_call_table[] Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 199/229] nios2: traced syscall does need to check the syscall number Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 200/229] nios2: fix syscall restart checks Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 201/229] nios2: restarts apply only to the first sigframe we build Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 202/229] nios2: add force_successful_syscall_return() Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 203/229] netfilter: nf_tables: really skip inactive sets when allocating name Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 204/229] powerpc/pci: Fix get_phb_number() locking Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 205/229] i40e: Fix to stop tx_timeout recovery if GLOBR fails Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 206/229] fec: Fix timer capture timing in `fec_ptp_enable_pps()` Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 207/229] igb: Add lock to avoid data race Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 208/229] kbuild: clear LDFLAGS in the top Makefile Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 209/229] btrfs: only write the sectors in the vertical stripe which has data stripes Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 210/229] btrfs: raid56: dont trust any cached sector in __raid56_parity_recover() Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 211/229] drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 212/229] PCI: Add ACS quirk for Broadcom BCM5750x NICs Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 213/229] irqchip/tegra: Fix overflow implicit truncation warnings Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 214/229] usb: host: ohci-ppc-of: Fix refcount leak bug Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 215/229] clk: qcom: ipq8074: dont disable gcc_sleep_clk_src Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 216/229] gadgetfs: ep_io - wait until IRQ finishes Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 217/229] cxl: Fix a memory leak in an error handling path Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 218/229] drivers:md:fix a potential use-after-free bug Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 219/229] ext4: avoid remove directory when directory is corrupted Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 220/229] ext4: avoid resizing to a partial cluster size Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 221/229] tty: serial: Fix refcount leak bug in ucc_uart.c Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 222/229] vfio: Clear the caps->buf to NULL after free Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 223/229] mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 224/229] ALSA: core: Add async signal helpers Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 225/229] ALSA: timer: Use deferred fasync helper Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 226/229] smb3: check xattr value length earlier Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 227/229] powerpc/64: Init jump labels before parse_early_param() Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 228/229] video: fbdev: i740fb: Check the argument of i740_calc_vclk() Greg Kroah-Hartman
2022-08-23 8:26 ` [PATCH 4.14 229/229] MIPS: tlbex: Explicitly compare _PAGE_NO_EXEC against 0 Greg Kroah-Hartman
2022-08-23 21:22 ` [PATCH 4.14 000/229] 4.14.291-rc1 review Guenter Roeck
2022-08-24 6:23 ` Naresh Kamboju
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220823080053.326718526@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=akpm@linux-foundation.org \
--cc=anton@tuxera.com \
--cc=chenxiaosong2@huawei.com \
--cc=linux-kernel@vger.kernel.org \
--cc=liuyongqiang13@huawei.com \
--cc=stable@vger.kernel.org \
--cc=yi.zhang@huawei.com \
--cc=yin31149@gmail.com \
--cc=zhangxiaoxu5@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox