microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
WSL2-Linux-Kernel/drivers/input/misc
История
Dmitry Torokhov 9719687398 Input: uinput - reject requests with unreasonable number of slots 
[ Upstream commit 206f533a0a7c683982af473079c4111f4a0f9f5e ]

From: Dmitry Torokhov <dmitry.torokhov@gmail.com>

When exercising uinput interface syzkaller may try setting up device
with a really large number of slots, which causes memory allocation
failure in input_mt_init_slots(). While this allocation failure is
handled properly and request is rejected, it results in syzkaller
reports. Additionally, such request may put undue burden on the
system which will try to free a lot of memory for a bogus request.

Fix it by limiting allowed number of slots to 100. This can easily
be extended if we see devices that can track more than 100 contacts.

Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Reported-by: syzbot <syzbot+0122fa359a69694395d5@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=0122fa359a69694395d5
Link: https://lore.kernel.org/r/Zqgi7NYEbpRsJfa2@google.com
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2024-09-12 11:07:50 +02:00
..
88pm80x_onkey.c Input: remove dev_err() usage after platform_get_irq() 2019-08-14 10:49:01 -07:00
88pm860x_onkey.c Input: remove dev_err() usage after platform_get_irq() 2019-08-14 10:49:01 -07:00
Kconfig Input: wistron_btns - disable on UML 2022-12-31 13:14:14 +01:00
Makefile Input: remove dead CSR Prima2 PWRC driver 2021-08-30 15:55:19 -07:00
ab8500-ponkey.c Input: ab8500-ponkey - fix incorrect name in 'ab8500_ponkey' doc header 2020-11-08 22:27:54 -08:00
ad714x-i2c.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 149 2019-05-30 11:25:18 -07:00
ad714x-spi.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 149 2019-05-30 11:25:18 -07:00
ad714x.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 149 2019-05-30 11:25:18 -07:00
ad714x.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 149 2019-05-30 11:25:18 -07:00
adxl34x-i2c.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 149 2019-05-30 11:25:18 -07:00
adxl34x-spi.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 149 2019-05-30 11:25:18 -07:00
adxl34x.c Input: adxl34x - do not hardcode interrupt trigger type 2023-07-23 13:46:59 +02:00
adxl34x.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 149 2019-05-30 11:25:18 -07:00
apanel.c Input: apanel - switch to using polled mode of input devices 2019-10-29 17:14:14 -07:00
ariel-pwrbutton.c Input: ariel-pwrbutton - add SPI device ID table 2021-11-18 19:16:59 +01:00
arizona-haptics.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
atc260x-onkey.c input: atc260x: Add onkey driver for ATC260x PMICs 2021-03-10 11:10:30 +00:00
ati_remote2.c Input: ati_remote2 - add missing newlines when printing module parameters 2020-07-21 22:33:28 -07:00
atlas_btns.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
atmel_captouch.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282 2019-06-05 17:36:37 +02:00
axp20x-pek.c Input: axp20x-pek - always register interrupt handlers 2020-05-05 19:09:12 -07:00
bma150.c Input: bma150 - switch to using polled mode of input devices 2019-10-29 17:15:50 -07:00
cm109.c Input: cm109 - do not stomp on control URB 2020-12-11 13:17:36 -08:00
cma3000_d0x.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
cma3000_d0x.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
cma3000_d0x_i2c.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
cobalt_btns.c Input: cobalt_btns - switch to using polled mode of input devices 2019-10-29 17:14:17 -07:00
cpcap-pwrbutton.c Input: cpcap-pwrbutton - handle errors from platform_get_irq() 2022-07-12 16:34:51 +02:00
da7280.c Input: da7280 - protect OF match table with CONFIG_OF 2020-12-18 10:04:34 -08:00
da9052_onkey.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
da9055_onkey.c Input: remove dev_err() usage after platform_get_irq() 2019-08-14 10:49:01 -07:00
da9063_onkey.c Input: da9063 - fix capability and drop KEY_SLEEP 2019-10-02 14:04:41 -07:00
dm355evm_keys.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
drv260x.c Input: drv260x - sleep between polling GO bit 2023-07-23 13:46:57 +02:00
drv2665.c Input: use input_device_enabled() 2020-12-02 22:10:33 -08:00
drv2667.c Input: use input_device_enabled() 2020-12-02 22:10:33 -08:00
e3x0-button.c Input: remove dev_err() usage after platform_get_irq() 2019-08-14 10:49:01 -07:00
gpio-beeper.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
gpio-vibra.c Input: add a driver for GPIO controllable vibrators 2019-04-30 00:11:25 -07:00
gpio_decoder.c Input: gpio_decoder - switch to using polled mode of input devices 2019-10-29 17:15:47 -07:00
hisi_powerkey.c Input: remove dev_err() usage after platform_get_irq() 2019-08-14 10:49:01 -07:00
hp_sdc_rtc.c Input: hp_sdc_rtc - remove dead chardev code 2019-10-23 15:56:08 -07:00
ideapad_slidebar.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ims-pcu.c Input: ims-pcu - fix printf string overflow 2024-06-16 13:39:41 +02:00
iqs269a.c Input: iqs269a - do not poll during ATI 2024-03-01 13:21:54 +01:00
iqs626a.c Input: iqs626a - prohibit inlining of channel parsing functions 2021-12-29 12:29:00 +01:00
keyspan_remote.c Input: keyspan-remote - fix control-message timeouts 2020-01-16 20:26:45 -08:00
kxtj9.c Input: use input_device_enabled() 2020-12-02 22:10:33 -08:00
m68kspkr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
max8925_onkey.c Input: remove dev_err() usage after platform_get_irq() 2019-08-14 10:49:01 -07:00
max8997_haptic.c Input: max8997 - simplify open coding of a division using up to 64 divisions 2021-03-25 11:14:08 -07:00
max77650-onkey.c Input: max77650-onkey - add of_match table 2020-01-16 20:23:24 -08:00
max77693-haptic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
mc13783-pwrbutton.c Input: mc13783-pwrbutton - file headers are not good candidates for kernel-doc 2020-11-19 19:18:22 -08:00
mma8450.c Input: mma8450 - switch to using polled mode of input devices 2019-10-29 17:15:48 -07:00
palmas-pwrbutton.c
pcap_keys.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
pcf8574_keypad.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 149 2019-05-30 11:25:18 -07:00
pcf50633-input.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
pcspkr.c Input: pcspkr - fix fall-through warnings for Clang 2020-11-22 22:16:21 -08:00
pm8xxx-vibrator.c Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation 2024-06-16 13:39:42 +02:00
pm8941-pwrkey.c Input: pm8941-pwrkey - fix comma vs semicolon issue 2021-07-23 17:37:14 -07:00
pmic8xxx-pwrkey.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 284 2019-06-05 17:36:37 +02:00
powermate.c Input: powermate - fix use-after-free in powermate_config_complete 2023-10-19 23:05:36 +02:00
pwm-beeper.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 151 2019-05-30 11:26:28 -07:00
pwm-vibra.c Input: Use fallthrough pseudo-keyword 2020-07-07 11:25:54 -07:00
rave-sp-pwrbutton.c Input: add RAVE SP Powerbutton driver 2018-03-08 15:34:45 -08:00
rb532_button.c Input: rb532_button - switch to using polled mode of input devices 2019-10-29 17:15:46 -07:00
regulator-haptic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
retu-pwrbutton.c
rk805-pwrkey.c Input: rk805-pwrkey - fix module autoloading 2022-09-08 12:28:05 +02:00
rotary_encoder.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
sc27xx-vibra.c Input: sc27xx - add support for sc2730 and sc2721 2020-12-11 19:00:21 -08:00
sgi_btns.c Input: sgi_btns - switch to using polled mode of input devices 2019-10-29 17:15:26 -07:00
soc_button_array.c Input: soc_button_array - add mapping for airplane mode button 2024-01-05 15:13:34 +01:00
sparcspkr.c Input: sparcspkr - fix refcount leak in bbc_beep_probe 2022-06-09 10:23:11 +02:00
stpmic1_onkey.c Input: remove dev_err() usage after platform_get_irq() 2019-08-14 10:49:01 -07:00
tps65218-pwrbutton.c Input: remove dev_err() usage after platform_get_irq() 2019-08-14 10:49:01 -07:00
twl4030-pwrbutton.c mfd: twl: Move header file out of I2C realm 2017-09-04 14:41:02 +01:00
twl4030-vibra.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 336 2019-06-05 17:37:07 +02:00
twl6040-vibra.c Input: remove dev_err() usage after platform_get_irq() 2019-08-14 10:49:01 -07:00
uinput.c Input: uinput - reject requests with unreasonable number of slots 2024-09-12 11:07:50 +02:00
wistron_btns.c Input: wistron_btns - switch to using polled mode of input devices 2019-10-29 17:14:15 -07:00
wm831x-on.c Input: wm831x-on - source file headers are not good candidates for kernel-doc 2020-11-19 19:18:43 -08:00
xen-kbdfront.c Input: Use fallthrough pseudo-keyword 2020-07-07 11:25:54 -07:00
yealink.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
yealink.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00