linux

korg/linux

mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-09-21 20:22:13 +08:00

Go to file

Desmond Cheong Zhi Xi 56f0729a51 drm: protect drm_master pointers in drm_lease.c drm_file->master pointers should be protected by drm_device.master_mutex or drm_file.master_lookup_lock when being dereferenced. However, in drm_lease.c, there are multiple instances where drm_file->master is accessed and dereferenced while neither lock is held. This makes drm_lease.c vulnerable to use-after-free bugs. We address this issue in 2 ways: 1. Add a new drm_file_get_master() function that calls drm_master_get on drm_file->master while holding on to drm_file.master_lookup_lock. Since drm_master_get increments the reference count of master, this prevents master from being freed until we unreference it with drm_master_put. 2. In each case where drm_file->master is directly accessed and eventually dereferenced in drm_lease.c, we wrap the access in a call to the new drm_file_get_master function, then unreference the master pointer once we are done using it. Reported-by: Daniel Vetter <daniel.vetter@ffwll.ch> Signed-off-by: Desmond Cheong Zhi Xi <desmondcheongzx@gmail.com> Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch> Link: https://patchwork.freedesktop.org/patch/msgid/20210712043508.11584-6-desmondcheongzx@gmail.com		2021-07-20 20:22:19 +02:00
arch	arm64: dts: qcom: sc7180-trogdor: Move panel under the bridge chip	2021-06-11 12:31:59 -07:00
block	block-5.13-2021-05-22	2021-05-22 07:40:34 -10:00
certs	Kbuild updates for v5.13 (2nd)	2021-05-08 10:00:11 -07:00
crypto
Documentation	dma-buf: Delete the DMA-BUF attachment sysfs statistics	2021-07-20 11:06:59 +02:00
drivers	drm: protect drm_master pointers in drm_lease.c	2021-07-20 20:22:19 +02:00
fs	userfaultfd: hugetlbfs: fix new flag usage in error path	2021-05-22 15:09:07 -10:00
include	drm: protect drm_master pointers in drm_lease.c	2021-07-20 20:22:19 +02:00
init	Merge branch 'akpm' (patches from Andrew)	2021-05-07 00:34:51 -07:00
ipc	ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry	2021-05-22 15:09:07 -10:00
kernel	Two locking fixes:	2021-05-23 06:30:08 -10:00
lib	lib: kunit: suppress a compilation warning of frame size	2021-05-22 15:09:07 -10:00
LICENSES
mm	userfaultfd: hugetlbfs: fix new flag usage in error path	2021-05-22 15:09:07 -10:00
net	Char/misc driver fixes for 5.13-rc3	2021-05-20 06:31:52 -10:00
samples	Kbuild updates for v5.13 (2nd)	2021-05-08 10:00:11 -07:00
scripts	kbuild: dummy-tools: adjust to stricter stackprotector check	2021-05-17 12:10:03 +09:00
security	trusted-keys: match tpm_get_ops on all return paths	2021-05-12 22:36:37 +03:00
sound	Merge tag 'asoc-hdmi-codec-improvements-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/mripard/linux into drm-misc-next	2021-06-23 14:32:27 +02:00
tools	powerpc fixes for 5.13 #4	2021-05-23 06:07:33 -10:00
usr
virt	kvm: Cap halt polling at kvm->max_halt_poll_ns	2021-05-07 06:06:22 -04:00
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap	Merge drm/drm-fixes into drm-misc-fixes	2021-05-11 13:35:52 +02:00
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS	drm/panel: ws2401: Add driver for WideChips WS2401	2021-07-17 13:10:29 +02:00
Makefile	Linux 5.13-rc3	2021-05-23 11:42:48 -10:00
README

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.