android_kernel_xiaomi_sm8350

Kernel Tree For Xiaomi 11 Lite NE 5G

Go to file

Kees Cook b849a38e18 Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name commit cb3871b1cd135a6662b732fbc6b3db4afcdb4a64 upstream. The code pattern of memcpy(dst, src, strlen(src)) is almost always wrong. In this case it is wrong because it leaves memory uninitialized if it is less than sizeof(ni->name), and overflows ni->name when longer. Normally strtomem_pad() could be used here, but since ni->name is a trailing array in struct hci_mon_new_index, compilers that don't support -fstrict-flex-arrays=3 can't tell how large this array is via __builtin_object_size(). Instead, open-code the helper and use sizeof() since it will work correctly. Additionally mark ni->name as __nonstring since it appears to not be a %NUL terminated C string. Cc: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Cc: Edward AD <twuufnxlz@gmail.com> Cc: Marcel Holtmann <marcel@holtmann.org> Cc: Johan Hedberg <johan.hedberg@gmail.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: Eric Dumazet <edumazet@google.com> Cc: Jakub Kicinski <kuba@kernel.org> Cc: Paolo Abeni <pabeni@redhat.com> Cc: linux-bluetooth@vger.kernel.org Cc: netdev@vger.kernel.org Fixes: 18f547f3fc07 ("Bluetooth: hci_sock: fix slab oob read in create_monitor_event") Link: https://lore.kernel.org/lkml/202310110908.F2639D3276@keescook/ Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2023-10-25 11:53:25 +02:00
arch	s390/pci: fix iommu bitmap allocation	2023-10-25 11:53:24 +02:00
block	block/partition: fix signedness issue for Amiga partitions	2023-07-27 08:37:29 +02:00
certs
crypto	X.509: if signature is unsupported skip validation	2023-09-23 10:59:55 +02:00
Documentation	Documentation: sysctl: align cells in second content column	2023-10-25 11:53:20 +02:00
drivers	phy: mapphone-mdm6600: Fix pinctrl_pm handling for sleep pins	2023-10-25 11:53:25 +02:00
fs	btrfs: fix some -Wmaybe-uninitialized warnings in ioctl.c	2023-10-25 11:53:23 +02:00
include	Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name	2023-10-25 11:53:25 +02:00
init	x86/mm: Initialize text poking earlier	2023-08-08 19:56:36 +02:00
ipc
kernel	perf: Disallow mis-matched inherited group reads	2023-10-25 11:53:24 +02:00
lib	lib/test_meminit: fix off-by-one error in test_pages()	2023-10-25 11:53:17 +02:00
LICENSES
mm	tmpfs: verify {g,u}id mount options correctly	2023-09-23 10:59:40 +02:00
net	Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name	2023-10-25 11:53:25 +02:00
samples	samples/bpf: Fix buffer overflow in tcp_basertt	2023-07-27 08:37:07 +02:00
scripts	modpost: add missing else to the "of" check	2023-10-10 21:46:44 +02:00
security	ima: rework CONFIG_IMA dependency block	2023-10-10 21:46:46 +02:00
sound	ASoC: pxa: fix a memory leak in probe()	2023-10-25 11:53:24 +02:00
tools	cpupower: add Makefile dependencies for install targets	2023-10-10 21:46:45 +02:00
usr
virt
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS	iio: stx104: Move to addac subdirectory	2023-08-30 16:27:12 +02:00
Makefile	Linux 5.4.258	2023-10-10 21:46:46 +02:00
README

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.