microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
WSL2-Linux-Kernel/drivers
История
Zheng Wang e84282efc8 scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition 
[ Upstream commit f486893288 ]

mptlan_probe() calls mpt_register_lan_device() which initializes the
&priv->post_buckets_task workqueue. A call to
mpt_lan_wake_post_buckets_task() will subsequently start the work.

During driver unload in mptlan_remove() the following race may occur:

CPU0                  CPU1

                    |mpt_lan_post_receive_buckets_work()
mptlan_remove()     |
  free_netdev()     |
    kfree(dev);     |
                    |
                    | dev->mtu
                    |   //use

Fix this by finishing the work prior to cleaning up in mptlan_remove().

[mkp: we really should remove mptlan instead of attempting to fix it]

Signed-off-by: Zheng Wang <zyytlz.wz@163.com>
Link: https://lore.kernel.org/r/20230318081635.796479-1-zyytlz.wz@163.com
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-05-24 17:36:45 +01:00
..
accessibility
acpi ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects 2023-05-24 17:36:44 +01:00
amba
android binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0 2023-02-25 12:06:45 +01:00
ata ata: libata: Fix sata_down_spd_limit() when no link speed is reported 2023-02-09 11:26:37 +01:00
atm atm: idt77252: fix kmemleak when rmmod idt77252 2023-03-30 12:47:48 +02:00
auxdisplay auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() 2023-03-11 13:57:22 +01:00
base regmap: cache: Return error in cache sync operations for REGCACHE_NONE 2023-05-24 17:36:43 +01:00
bcma
block drbd: correctly submit flush bio on barrier 2023-05-17 11:50:31 +02:00
bluetooth Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" 2023-05-11 23:00:31 +09:00
bus bus: mhi: host: Range check CHDBOFF and ERDBOFF 2023-05-17 11:50:14 +02:00
cdrom
char ipmi: ASPEED_BT_IPMI_BMC: select REGMAP_MMIO instead of depending on it 2023-05-11 23:00:31 +09:00
clk clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent 2023-05-11 23:00:39 +09:00
clocksource clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails 2023-05-11 23:00:37 +09:00
comedi
connector
counter counter: 104-quad-8: Fix race condition between FLAG and CNTR reads 2023-04-26 13:51:55 +02:00
cpufreq cpufreq: use correct unit when verify cur freq 2023-05-11 23:00:25 +09:00
cpuidle cpuidle: psci: Iterate backwards over list in psci_pd_remove() 2023-03-22 13:31:36 +01:00
crypto crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs() 2023-05-17 11:50:20 +02:00
cxl
dax dax/kmem: Fix leak of memory-hotplug resources 2023-03-10 09:40:08 +01:00
dca
devfreq
dio
dma dmaengine: at_xdmac: do not enable all cyclic channels 2023-05-11 23:00:38 +09:00
dma-buf
edac EDAC/skx: Fix overflows on the DRAM row address mapping arrays 2023-05-11 23:00:20 +09:00
eisa
extcon extcon: usbc-tusb320: fix kernel-doc warning 2023-02-06 07:59:01 +01:00
firewire firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region 2023-02-09 11:26:32 +01:00
firmware firmware: arm_sdei: Fix sleep from invalid context BUG 2023-05-24 17:36:44 +01:00
fpga fpga: bridge: fix kernel-doc parameter description 2023-05-11 23:00:31 +09:00
fsi WRITE is "data source", not destination... 2023-02-09 11:26:34 +01:00
gnss
gpio gpio: davinci: Add irq chip flag to skip set wake 2023-04-13 16:48:19 +02:00
gpu drm/amd: Fix an out of bounds error in BIOS parser 2023-05-24 17:36:44 +01:00
greybus
hid HID: wacom: insert timestamp to packed Bluetooth (BT) events 2023-05-17 11:50:26 +02:00
hsi
hv Drivers: vmbus: Check for channel allocation before looking up relids 2023-04-13 16:48:17 +02:00
hwmon hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E 2023-05-11 23:00:25 +09:00
hwspinlock
hwtracing coresight: etm_pmu: Set the module field 2023-05-11 23:00:33 +09:00
i2c i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path 2023-05-11 23:00:33 +09:00
i3c
idle
iio iio: light: max44009: add missing OF device matching 2023-05-11 23:00:32 +09:00
infiniband RDMA/mlx5: Use correct device num_ports when modify DC 2023-05-11 23:00:37 +09:00
input Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe 2023-05-11 23:00:36 +09:00
interconnect interconnect: qcom: osm-l3: fix icc_onecell_data allocation 2023-03-30 12:47:41 +02:00
iommu iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE 2023-05-11 23:00:18 +09:00
ipack
irqchip genirq: Add and use an irq_data_update_affinity helper 2023-03-11 13:57:31 +01:00
isdn
leds leds: tca6507: Fix error handling of using fwnode_property_read_string 2023-05-11 23:00:37 +09:00
macintosh macintosh: via-pmu-led: requires ATA to be set 2023-05-11 23:00:34 +09:00
mailbox mailbox: zynqmp: Fix counts of child nodes 2023-05-17 11:50:14 +02:00
mcb
md dm: don't lock fs when the map is NULL in process of resume 2023-05-11 23:00:40 +09:00
media media: Prefer designated initializers over memset for subdev pad ops 2023-05-24 17:36:44 +01:00
memory
memstick memstick: r592: Fix UAF bug in r592_remove due to race condition 2023-05-24 17:36:43 +01:00
message scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition 2023-05-24 17:36:45 +01:00
mfd mfd: tqmx86: Correct board names for TQMxE39x 2023-05-11 23:00:38 +09:00
misc vmci_host: fix a race condition in vmci_host_poll() causing GPF 2023-05-11 23:00:32 +09:00
mmc mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data 2023-05-11 23:00:23 +09:00
most
mtd mtd: core: fix error path for nvmem provider 2023-05-11 23:00:39 +09:00
mux
net net: pasemi: Fix return type of pasemi_mac_start_tx() 2023-05-24 17:36:45 +01:00
nfc nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition 2023-03-22 13:31:26 +01:00
ntb
nubus
nvdimm
nvme nvme-fcloop: fix "inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage" 2023-05-11 23:00:28 +09:00
nvmem nvmem: core: fix return value 2023-02-22 12:57:03 +01:00
of of: Fix modalias string generation 2023-05-11 23:00:32 +09:00
opp OPP: fix error checking in opp_migrate_dentry() 2023-03-10 09:39:15 +01:00
parisc genirq: Add and use an irq_data_update_affinity helper 2023-03-11 13:57:31 +01:00
parport
pci PCI/EDR: Clear Device Status after EDR error recovery 2023-05-11 23:00:32 +09:00
pcmcia
perf
phy phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and ulpi_port 2023-05-11 23:00:38 +09:00
pinctrl pinctrl: renesas: r8a779a0: Remove incorrect AVB[01] pinmux configuration 2023-05-11 23:00:37 +09:00
platform platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i 2023-05-17 11:50:22 +02:00
pnp
power power: supply: generic-adc-battery: fix unit scaling 2023-05-11 23:00:36 +09:00
powercap powercap: fix possible name leak in powercap_register_zone() 2023-03-10 09:39:12 +01:00
pps
ps3
ptp ptp_qoriq: fix memory leak in probe() 2023-04-05 11:24:55 +02:00
pwm pwm: mtk-disp: Configure double buffering before reading in .get_state() 2023-05-11 23:00:38 +09:00
rapidio
ras
regulator regulator: stm32-pwr: fix of_iomap leak 2023-05-11 23:00:24 +09:00
remoteproc remoteproc: stm32_rproc: Add mutex protection for workqueue 2023-05-24 17:36:44 +01:00
reset
rpmsg rpmsg: glink: Avoid infinite loop on intent for missing channel 2023-03-10 09:39:46 +01:00
rtc rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time 2023-05-11 23:00:35 +09:00
s390 s390/dasd: fix hanging blockdevice after request requeue 2023-05-11 23:00:39 +09:00
sbus
scsi scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow 2023-05-24 17:36:44 +01:00
sh genirq: Add and use an irq_data_update_affinity helper 2023-03-11 13:57:31 +01:00
siox
slimbus
soc soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe 2023-05-11 23:00:20 +09:00
soundwire soundwire: qcom: correct setting ignore bit on v1.5.1 2023-05-11 23:00:17 +09:00
spi spi: cadence-quadspi: fix suspend-resume implementations 2023-05-11 23:00:33 +09:00
spmi spmi: Add a check for remove callback when removing a SPMI driver 2023-05-11 23:00:34 +09:00
ssb
staging media: Prefer designated initializers over memset for subdev pad ops 2023-05-24 17:36:44 +01:00
target scsi: target: iscsit: Free cmds before session free 2023-05-24 17:36:45 +01:00
tc
tee tee: amdtee: fix race condition in amdtee_open_session 2023-03-30 12:47:59 +02:00
thermal thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe 2023-05-11 23:00:38 +09:00
thunderbolt thunderbolt: Rename shadowed variables bit to interrupt_bit and auto_clear_bit 2023-03-30 12:47:52 +02:00
tty serial: 8250: Fix serial8250_tx_empty() race with DMA Tx 2023-05-17 11:50:31 +02:00
uio
usb usb: mtu3: fix kernel panic at qmu transfer done irq handler 2023-05-11 23:00:33 +09:00
vdpa vdpa_sim: set last_used_idx as last_avail_idx in vdpasim_queue_ready 2023-03-22 13:31:24 +01:00
vfio vfio/type1: restore locked_vm 2023-03-10 09:40:13 +01:00
vhost vhost/net: Clear the pending messages when the backend is removed 2023-02-09 11:26:34 +01:00
video fbdev: arcfb: Fix error handling in arcfb_probe() 2023-05-24 17:36:42 +01:00
virt
virtio virtio_ring: don't update event idx on get_buf 2023-05-11 23:00:34 +09:00
visorbus
vlynq
vme
w1
watchdog watchdog: dw_wdt: Fix the error handling path of dw_wdt_drv_probe() 2023-05-17 11:50:16 +02:00
xen ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 2023-05-11 23:00:22 +09:00
zorro
Kconfig
Makefile