microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
WSL2-Linux-Kernel/drivers/spi
История
Zhou Qingyang 3c32405d64 spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() 
[ Upstream commit ab3824427b ]

In zynq_qspi_exec_mem_op(), kzalloc() is directly used in memset(),
which could lead to a NULL pointer dereference on failure of
kzalloc().

Fix this bug by adding a check of tmpbuf.

This bug was found by a static analyzer. The analysis employs
differential checking to identify inconsistent security operations
(e.g., checks or kfrees) between two code paths and confirms that the
inconsistent operations are not recovered in the current function or
the callers, so they constitute bugs.

Note that, as a bug found by static analysis, it can be a false
positive or hard to trigger. Multiple researchers have cross-reviewed
the bug.

Builds with CONFIG_SPI_ZYNQ_QSPI=m show no new warnings,
and our static analyzer no longer warns about this code.

Fixes: 67dca5e580 ("spi: spi-mem: Add support for Zynq QSPI controller")
Signed-off-by: Zhou Qingyang <zhou1615@umn.edu>
Link: https://lore.kernel.org/r/20211130172253.203700-1-zhou1615@umn.edu
Signed-off-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2022-03-02 11:48:01 +01:00
..
Kconfig spi: rockchip-sfc: add rockchip serial flash controller 2021-08-17 13:36:04 +01:00
Makefile spi: rockchip-sfc: add rockchip serial flash controller 2021-08-17 13:36:04 +01:00
atmel-quadspi.c spi: Fixed division by zero warning 2021-11-18 19:16:24 +01:00
internals.h
spi-altera-core.c spi: altera: separate core code from platform code 2021-04-20 17:26:40 +01:00
spi-altera-dfl.c spi: altera: Change to dynamic allocation of spi id 2021-10-20 01:53:15 +01:00
spi-altera-platform.c spi: altera: Change to dynamic allocation of spi id 2021-10-20 01:53:15 +01:00
spi-amd.c
spi-ar934x.c
spi-armada-3700.c spi: change clk_disable_unprepare to clk_unprepare 2021-12-29 12:28:39 +01:00
spi-at91-usart.c
spi-ath79.c spi: ath79: set number of chipselect lines 2021-05-24 09:51:38 +01:00
spi-atmel.c spi: atmel: Fix PDC transfer setup bug 2021-10-01 19:34:55 +01:00
spi-au1550.c
spi-axi-spi-engine.c spi: spi-axi-spi-engine: remove usage of delay_usecs 2021-03-12 14:30:42 +00:00
spi-bcm-qspi.c spi: bcm-qspi: check for valid cs before applying chip select 2022-02-08 18:34:08 +01:00
spi-bcm-qspi.h
spi-bcm63xx-hsspi.c spi: bcm63xx-hsspi: fix pm_runtime 2021-03-10 12:25:12 +00:00
spi-bcm63xx.c spi: bcm63xx-spi: don't check 'delay_usecs' field 2021-03-12 14:30:43 +00:00
spi-bcm2835.c spi: spi-bcm2835: Fix deadlock 2021-07-20 13:34:05 +01:00
spi-bcm2835aux.c spi: bcm2835aux: use 'unsigned int' instead of 'unsigned' 2021-08-03 18:27:25 +01:00
spi-bitbang-txrx.h
spi-bitbang.c spi: Cleanup on failure of initial setup 2021-06-01 14:03:12 +01:00
spi-brcmstb-qspi.c
spi-butterfly.c spi: butterfly: Switch to use module_parport_driver() 2021-03-10 12:46:05 +00:00
spi-cadence-quadspi.c spi: cadence-quadspi: Fix check condition for DTR ops 2021-08-05 20:18:10 +01:00
spi-cadence.c spi: cadence: Correct initialisation of runtime PM again 2021-07-19 12:58:44 +01:00
spi-cavium-octeon.c
spi-cavium-thunderx.c
spi-cavium.c
spi-cavium.h
spi-clps711x.c
spi-coldfire-qspi.c spi: coldfire-qspi: Use clk_disable_unprepare in the remove function 2021-08-19 18:20:10 +01:00
spi-davinci.c spi: davinci: invoke chipselect callback 2021-08-24 20:53:24 +01:00
spi-dln2.c spi: dln2: Fix reference leak to master 2021-04-09 13:43:57 +01:00
spi-dw-bt1.c
spi-dw-core.c
spi-dw-dma.c
spi-dw-mmio.c spi: delete repeated words in comments 2021-05-10 13:07:52 +01:00
spi-dw-pci.c
spi-dw.h
spi-ep93xx.c spi: spi-ep93xx: Prepare clock before using it 2021-08-03 18:27:24 +01:00
spi-falcon.c spi: spi-falcon: remove check for 'delay_usecs' 2021-03-12 14:30:48 +00:00
spi-fsi.c spi: fsi: Reduce max transfer size to 8 bytes 2021-07-19 16:56:14 +01:00
spi-fsl-cpm.c
spi-fsl-cpm.h
spi-fsl-dspi.c spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config 2021-08-10 13:22:19 +01:00
spi-fsl-espi.c spi: fsl-espi: remove usage of 'delay_usecs' field 2021-03-12 14:30:49 +00:00
spi-fsl-lib.c
spi-fsl-lib.h
spi-fsl-lpspi.c spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware() 2021-04-09 13:43:59 +01:00
spi-fsl-qspi.c
spi-fsl-spi.c spi: Cleanup on failure of initial setup 2021-06-01 14:03:12 +01:00
spi-fsl-spi.h
spi-geni-qcom.c spi: spi-geni-qcom: Remove confusing comment about setting the watermark 2021-07-14 16:37:58 +01:00
spi-gpio.c
spi-hisi-kunpeng.c spi: hisi-kunpeng: Fix the debugfs directory name incorrect 2022-01-27 11:03:12 +01:00
spi-hisi-sfc-v3xx.c spi: hisi-sfc-v3xx: drop unnecessary ACPI_PTR and related ifendif protection 2021-04-12 17:07:38 +01:00
spi-img-spfi.c
spi-imx.c ARM: SoC drivers for 5.15 2021-09-01 15:25:28 -07:00
spi-iproc-qspi.c
spi-jcore.c spi: jcore: Fix trailing statements should be on next line 2021-03-24 19:51:09 +00:00
spi-lantiq-ssc.c
spi-lm70llp.c spi: lm70llp: add parenthesis for sizeof 2021-05-20 18:00:34 +01:00
spi-loopback-test.c spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' 2021-05-10 13:07:53 +01:00
spi-lp8841-rtc.c
spi-mem.c spi: spi-mem: fix doc warning in spi-mem.c 2021-06-14 15:05:00 +01:00
spi-meson-spicc.c spi: meson-spicc: add IRQ check in meson_spicc_probe 2022-02-08 18:34:08 +01:00
spi-meson-spifc.c spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe 2022-01-27 11:03:59 +01:00
spi-mpc52xx-psc.c spi: mpc52xx-psc: add parenthesis for sizeof 2021-05-20 18:00:37 +01:00
spi-mpc52xx.c spi: mpc52xx: add parenthesis for sizeof 2021-05-20 18:00:36 +01:00
spi-mpc512x-psc.c spi: mpc512x-psc: add parenthesis for sizeof 2021-05-20 18:00:35 +01:00
spi-mt65xx.c spi: mediatek: Avoid NULL pointer crash in interrupt 2022-02-08 18:34:08 +01:00
spi-mt7621.c
spi-mtk-nor.c spi: Fixed division by zero warning 2021-11-18 19:16:24 +01:00
spi-mux.c spi-mux: Fix false-positive lockdep splats 2021-10-14 13:32:19 +01:00
spi-mxic.c spi: mxic: add missing braces 2021-08-12 12:19:19 +01:00
spi-mxs.c
spi-npcm-fiu.c
spi-npcm-pspi.c spi: npcm-pspi: Use SPI_MODE_X_MASK 2021-05-11 15:42:48 +01:00
spi-nxp-fspi.c spi: spi-nxp-fspi: don't depend on a specific node name erratum workaround 2021-10-02 01:31:49 +01:00
spi-oc-tiny.c spi: oc-tiny: Use SPI_MODE_X_MASK 2021-05-11 15:42:49 +01:00
spi-omap-100k.c spi: fix some invalid char occurrences 2021-05-20 17:58:33 +01:00
spi-omap-uwire.c Merge branch 'for-5.13' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi into spi-5.14 2021-06-01 18:33:33 +01:00
spi-omap2-mcspi.c Merge branch 'for-5.13' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi into spi-5.14 2021-06-01 18:33:33 +01:00
spi-orion.c spi: orion: Prevent incorrect chip select behaviour 2021-08-16 13:28:14 +01:00
spi-pic32-sqi.c
spi-pic32.c spi: spi-pic32: Fix issue with uninitialized dma_slave_config 2021-08-10 13:22:20 +01:00
spi-pl022.c spi: spl022: fix Microwire full duplex mode 2021-10-26 11:53:57 +01:00
spi-ppc4xx.c spi: ppc4xx: add parenthesis for sizeof 2021-05-20 18:00:40 +01:00
spi-pxa2xx-dma.c spi: pxa2xx: Fix style of and typos in the comments and messages 2021-05-18 14:05:35 +01:00
spi-pxa2xx-pci.c spi: pxa2xx: Fix inconsistent indenting 2021-05-21 13:13:42 +01:00
spi-pxa2xx.c spi: pxa2xx: Adapt reset_sccr1() to the case when no message available 2021-07-22 12:41:19 +01:00
spi-pxa2xx.h spi: pxa2xx: Fix style of and typos in the comments and messages 2021-05-18 14:05:35 +01:00
spi-qcom-qspi.c spi: spi-qcom-qspi: Convert to use resource-managed OPP API 2021-03-16 10:14:11 +05:30
spi-qup.c spi: qup: fix PM reference leak in spi_qup_remove() 2021-04-09 13:44:03 +01:00
spi-rb4xx.c
spi-realtek-rtl.c
spi-rockchip-sfc.c spi: rockchip-sfc: Fix assigned but never used return error codes 2021-08-23 16:41:08 +01:00
spi-rockchip.c spi: rockchip: handle zero length transfers without timing out 2021-09-03 13:31:49 +01:00
spi-rpc-if.c spi: spi-rpc-if: Check return value of rpcif_sw_init() 2021-11-18 19:16:42 +01:00
spi-rspi.c spi: spi-rspi: : use proper DMAENGINE API for termination 2021-06-23 16:33:52 +01:00
spi-s3c24xx-regs.h
spi-s3c24xx.c
spi-s3c64xx.c spi: s3c64xx: constify driver/match data 2021-04-15 16:07:58 +01:00
spi-sc18is602.c spi: sc18is602: implement .max_{transfer,message}_size() for the controller 2021-05-21 13:13:33 +01:00
spi-sh-hspi.c
spi-sh-msiof.c spi: spi-sh-msiof: : use proper DMAENGINE API for termination 2021-06-23 16:33:53 +01:00
spi-sh-sci.c
spi-sh.c spi: spi-sh: replace 'delay_usecs' with 'delay.value' in pr_debug 2021-03-12 14:30:45 +00:00
spi-sifive.c
spi-slave-mt27xx.c spi: mediatek: add mt8195 spi slave support 2021-03-23 17:19:45 +00:00
spi-slave-system-control.c
spi-slave-time.c
spi-sprd-adi.c spi: sprd: Add ADI r3 support 2021-08-26 12:09:38 +01:00
spi-sprd.c spi: sprd: Add missing MODULE_DEVICE_TABLE 2021-05-12 13:01:43 +01:00
spi-st-ssc4.c
spi-stm32-qspi.c spi: stm32-qspi: Update spi registering 2022-02-08 18:34:03 +01:00
spi-stm32.c spi: stm32: fix excluded_middle.cocci warnings 2021-08-20 13:07:27 +01:00
spi-sun4i.c
spi-sun6i.c spi: spi-sun6i: Fix chipselect/clock bug 2021-06-23 11:48:36 +01:00
spi-synquacer.c
spi-tegra20-sflash.c spi: spi-tegra20-flash: don't check 'delay_usecs' field for spi transfer 2021-03-12 14:30:46 +00:00
spi-tegra20-slink.c spi: Fix tegra20 build with CONFIG_PM=n once again 2021-10-25 10:46:41 -07:00
spi-tegra114.c spi: modify set_cs_timing parameter 2021-08-05 16:42:54 +01:00
spi-tegra210-quad.c spi: tegra210-quad: Fix an error message 2021-05-10 13:17:19 +01:00
spi-test.h
spi-ti-qspi.c
spi-tle62x0.c
spi-topcliff-pch.c spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() 2021-05-10 13:17:16 +01:00
spi-uniphier.c spi: uniphier: fix reference count leak in uniphier_spi_probe() 2022-02-08 18:34:08 +01:00
spi-xcomm.c
spi-xilinx.c
spi-xlp.c
spi-xtensa-xtfpga.c
spi-zynq-qspi.c spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() 2022-03-02 11:48:01 +01:00
spi-zynqmp-gqspi.c spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails 2021-04-16 13:44:15 +01:00
spi.c spi: Fix incorrect cs_setup delay handling 2022-01-27 11:03:36 +01:00
spidev.c spi: spidev: Add SPI ID table 2021-09-27 12:59:15 +01:00