android_kernel_xiaomi_sm8350/lib
Alexander Potapenko 9bb971b335 lib/stackdepot.c: fix global out-of-bounds in stack_slabs
commit 305e519ce48e935702c32241f07d393c3c8fed3e upstream.

Walter Wu has reported a potential case in which init_stack_slab() is
called after stack_slabs[STACK_ALLOC_MAX_SLABS - 1] has already been
initialized.  In that case init_stack_slab() will overwrite
stack_slabs[STACK_ALLOC_MAX_SLABS], which may result in a memory
corruption.

Link: http://lkml.kernel.org/r/20200218102950.260263-1-glider@google.com
Fixes: cd11016e5f ("mm, kasan: stackdepot implementation. Enable stackdepot for SLAB")
Signed-off-by: Alexander Potapenko <glider@google.com>
Reported-by: Walter Wu <walter-zh.wu@mediatek.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Matthias Brugger <matthias.bgg@gmail.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Kate Stewart <kstewart@linuxfoundation.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-02-28 17:22:20 +01:00
..
842
crypto crypto: sha256 - Remove sha256/224_init code duplication 2019-09-05 14:54:54 +10:00
dim lib/dim: Fix -Wunused-const-variable warnings 2019-07-25 11:34:39 -07:00
fonts
livepatch
lz4 lz4: do not export static symbol 2019-09-20 09:06:26 -07:00
lzo lib/lzo/lzo1x_compress.c: fix alignment bug in lzo-rle 2019-09-25 17:51:41 -07:00
math
mpi lib/mpi: Eliminate unused umul_ppmm definitions for MIPS 2019-08-22 14:39:36 +10:00
raid6 raid6/test: fix a compilation warning 2020-02-24 08:36:47 +01:00
reed_solomon
vdso lib/vdso: Make clock_getres() POSIX compliant again 2019-10-23 14:48:23 +02:00
xz lib/xz: fix XZ_DYNALLOC to avoid useless memory reallocations 2019-11-15 18:34:00 -08:00
zlib_deflate
zlib_inflate
zstd lib/zstd/mem.h: replace __inline by inline 2019-09-15 19:42:16 +02:00
.gitignore
argv_split.c
ashldi3.c
ashrdi3.c
asn1_decoder.c
assoc_array.c
atomic64_test.c
atomic64.c
audit.c
bcd.c
bch.c
bitmap.c cpumask: Implement cpumask_or_equal() 2019-07-25 15:47:37 +02:00
bitrev.c
bsearch.c
btree.c
bucket_locks.c
bug.c bug: move WARN_ON() "cut here" into exception handler 2019-09-25 17:51:41 -07:00
build_OID_registry
bust_spinlocks.c
chacha.c
check_signature.c
checksum.c
clz_ctz.c
clz_tab.c
cmdline.c
cmpdi2.c
compat_audit.c
cpu_rmap.c
cpumask.c
crc4.c
crc7.c
crc8.c
crc16.c
crc32.c
crc32defs.h
crc32test.c
crc64.c
crc-ccitt.c
crc-itu-t.c
crc-t10dif.c
ctype.c
debug_info.c
debug_locks.c
debugobjects.c debugobjects: Fix various data races 2020-02-24 08:36:52 +01:00
dec_and_lock.c
decompress_bunzip2.c
decompress_inflate.c
decompress_unlz4.c
decompress_unlzma.c
decompress_unlzo.c
decompress_unxz.c
decompress.c
devres.c
digsig.c
dump_stack.c dump_stack: avoid the livelock of the dump_lock 2019-11-06 08:47:50 -08:00
dynamic_debug.c
dynamic_queue_limits.c
earlycpio.c
error-inject.c
errseq.c
extable.c lib/extable.c: add missing prototypes 2019-09-25 17:51:39 -07:00
fault-inject.c
fdt_empty_tree.c
fdt_ro.c
fdt_rw.c
fdt_strerror.c
fdt_sw.c
fdt_wip.c
fdt.c
find_bit_benchmark.c
find_bit.c
flex_proportions.c
gen_crc32table.c
gen_crc64table.c
genalloc.c dma-mapping updates for Linux 5.3 2019-07-12 15:13:55 -07:00
generic-radix-tree.c lib/generic-radix-tree.c: add kmemleak annotations 2019-10-14 15:04:00 -07:00
glob.c
globtest.c
hexdump.c lib/hexdump: make print_hex_dump_bytes() a nop on !DEBUG builds 2019-09-25 17:51:39 -07:00
hweight.c
idr.c idr: Fix idr_get_next_ul race with idr_remove 2019-11-01 22:26:34 -04:00
inflate.c
interval_tree_test.c
interval_tree.c
iomap_copy.c
iomap.c
iommu-helper.c
ioremap.c mm/ioremap: probe platform for p4d huge map support 2019-07-16 19:23:22 -07:00
iov_iter.c mm: introduce page_size() 2019-09-24 15:54:08 -07:00
irq_poll.c
irq_regs.c
is_single_threaded.c
kasprintf.c
Kconfig lib: Remove select of inexistant GENERIC_IO 2019-11-10 10:38:43 -08:00
Kconfig.debug compiler: enable CONFIG_OPTIMIZE_INLINING forcibly 2019-09-25 17:51:40 -07:00
Kconfig.kasan kasan: add memory corruption identification for software tag-based mode 2019-09-24 15:54:07 -07:00
Kconfig.kgdb
Kconfig.ubsan
kfifo.c Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()" 2019-08-30 18:47:15 -07:00
klist.c
kobject_uevent.c
kobject.c
kstrtox.c
kstrtox.h
libcrc32c.c
list_debug.c
list_sort.c
llist.c
locking-selftest-hardirq.h
locking-selftest-mutex.h
locking-selftest-rlock-hardirq.h
locking-selftest-rlock-softirq.h
locking-selftest-rlock.h
locking-selftest-rsem.h
locking-selftest-rtmutex.h
locking-selftest-softirq.h
locking-selftest-spin-hardirq.h
locking-selftest-spin-softirq.h
locking-selftest-spin.h
locking-selftest-wlock-hardirq.h
locking-selftest-wlock-softirq.h
locking-selftest-wlock.h
locking-selftest-wsem.h
locking-selftest.c
lockref.c
logic_pio.c lib: logic_pio: Add logic_pio_unregister_range() 2019-08-13 14:54:24 +08:00
lru_cache.c
lshrdi3.c
Makefile Merge branch 'x86/cleanups' into x86/cpu, to pick up dependent changes 2019-09-06 07:30:23 +02:00
memcat_p.c
memory-notifier-error-inject.c
memweight.c
muldi3.c
net_utils.c
netdev-notifier-error-inject.c
nlattr.c
nmi_backtrace.c
nodemask.c
notifier-error-inject.c
notifier-error-inject.h
objagg.c
of-reconfig-notifier-error-inject.c
oid_registry.c
once.c
packing.c
parman.c
parser.c
pci_iomap.c
percpu_counter.c
percpu_test.c
percpu-refcount.c Merge branch 'for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/dennis/percpu 2019-07-14 16:17:18 -07:00
plist.c
pm-notifier-error-inject.c
radix-tree.c idr: Fix idr_alloc_u32 on 32-bit systems 2019-11-03 06:36:50 -05:00
random32.c
ratelimit.c
rbtree_test.c augmented rbtree: add new RB_DECLARE_CALLBACKS_MAX macro 2019-09-25 17:51:39 -07:00
rbtree.c lib/rbtree: avoid generating code twice for the cached versions 2019-07-16 19:23:22 -07:00
refcount.c
rhashtable.c
sbitmap.c sbitmap: only queue kyber's wait callback if not already active 2020-01-12 12:21:44 +01:00
scatterlist.c lib/scatterlist.c: adjust indentation in __sg_alloc_table 2020-02-24 08:37:00 +01:00
seq_buf.c
sg_pool.c SCSI sg on 20190709 2019-07-11 15:17:41 -07:00
sg_split.c lib: scatterlist: Fix to support no mapped sg 2019-08-08 07:45:01 -06:00
sha1.c
show_mem.c mm: remove quicklist page table caches 2019-09-24 15:54:09 -07:00
siphash.c
smp_processor_id.c
sort.c media: lib/sort.c: implement sort() variant taking context argument 2019-08-19 13:14:53 -03:00
stackdepot.c lib/stackdepot.c: fix global out-of-bounds in stack_slabs 2020-02-28 17:22:20 +01:00
stmp_device.c
string_helpers.c lib/string_helpers: fix some kerneldoc warnings 2019-07-16 19:23:22 -07:00
string.c lib/string: Make memzero_explicit() inline instead of external 2019-10-08 13:27:05 +02:00
strncpy_from_user.c lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() 2020-01-29 16:45:29 +01:00
strnlen_user.c lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() 2020-01-29 16:45:29 +01:00
syscall.c
test_bitfield.c
test_bitmap.c
test_blackhole_dev.c
test_bpf.c test_bpf: Fix a new clang warning about xor-ing two numbers 2019-08-20 17:07:29 +02:00
test_debug_virtual.c
test_firmware.c test_firmware: add support for request_firmware_into_buf 2019-09-04 13:31:28 +02:00
test_hash.c
test_hexdump.c
test_ida.c
test_kasan.c lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more() 2020-02-11 04:35:14 -08:00
test_kmod.c
test_list_sort.c
test_memcat_p.c
test_meminit.c lib/test_meminit: add a kmem_cache_alloc_bulk() test 2019-10-14 15:04:01 -07:00
test_module.c
test_objagg.c
test_overflow.c lib/test_overflow.c: avoid tainting the kernel and fix wrap size 2019-07-16 19:23:22 -07:00
test_parman.c
test_printf.c lib/test_printf: Remove obvious comments from %pd and %pD tests 2019-08-15 17:03:16 +02:00
test_rhashtable.c
test_siphash.c
test_sort.c
test_stackinit.c
test_static_key_base.c
test_static_keys.c
test_string.c lib/test_string.c: add some testcases for strchr and strnchr 2019-07-16 19:23:22 -07:00
test_strscpy.c
test_sysctl.c
test_ubsan.c
test_user_copy.c usercopy: Avoid soft lockups in test_check_nonzero_user() 2019-10-16 14:56:21 +02:00
test_uuid.c
test_vmalloc.c
test_xarray.c XArray: Fix xas_pause at ULONG_MAX 2020-02-05 21:22:47 +00:00
test-kstrtox.c
test-string_helpers.c
textsearch.c lib: textsearch: fix escapes in example code 2019-10-03 12:12:23 -04:00
timerqueue.c lib/timerqueue: Rely on rbtree semantics for next timer 2019-07-24 17:38:01 +02:00
ts_bm.c
ts_fsm.c
ts_kmp.c
ubsan.c lib/ubsan: don't serialize UBSAN report 2020-01-09 10:20:07 +01:00
ubsan.h
ucmpdi2.c
ucs2_string.c
usercopy.c lib: introduce copy_struct_from_user() helper 2019-10-01 15:45:03 +02:00
uuid.c
vsprintf.c vsprintf: Prevent crash when dereferencing invalid pointers for %pD 2019-08-15 16:40:10 +02:00
win_minmax.c
xarray.c XArray: Fix xas_pause at ULONG_MAX 2020-02-05 21:22:47 +00:00
xxhash.c