korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-23 20:24:12 +08:00
Code Issues Packages Projects Releases Wiki Activity
ca59f9956d
linux/drivers
History
Qiu-ji Chen ca59f9956d media: wl128x: Fix atomicity violation in fmc_send_cmd() 
Atomicity violation occurs when the fmc_send_cmd() function is executed
simultaneously with the modification of the fmdev->resp_skb value.
Consider a scenario where, after passing the validity check within the
function, a non-null fmdev->resp_skb variable is assigned a null value.
This results in an invalid fmdev->resp_skb variable passing the validity
check. As seen in the later part of the function, skb = fmdev->resp_skb;
when the invalid fmdev->resp_skb passes the check, a null pointer
dereference error may occur at line 478, evt_hdr = (void *)skb->data;

To address this issue, it is recommended to include the validity check of
fmdev->resp_skb within the locked section of the function. This
modification ensures that the value of fmdev->resp_skb does not change
during the validation process, thereby maintaining its validity.

This possible bug is found by an experimental static analysis tool
developed by our team. This tool analyzes the locking APIs
to extract function pairs that can be concurrently executed, and then
analyzes the instructions in the paired functions to identify possible
concurrency bugs including data races and atomicity violations.

Fixes: e8454ff7b9 ("[media] drivers:media:radio: wl128x: FM Driver Common sources")
Cc: stable@vger.kernel.org
Signed-off-by: Qiu-ji Chen <chenqiuji666@gmail.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
2024-10-12 16:28:26 +02:00
..
accel dma-mapping updates for linux 6.12 2024-09-19 11:12:49 +02:00
accessibility
acpi cxl changes for v6.12 2024-09-27 11:42:03 -07:00
amba
android
ata ata fixes for 6.12-rc1 2024-09-27 09:05:18 -07:00
atm
auxdisplay [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
base Driver core update for 6.12-rc1 2024-09-27 08:48:37 -07:00
bcma
block 19 hotfixes. 13 are cc:stable. 2024-09-27 10:27:22 -07:00
bluetooth [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
bus Driver core update for 6.12-rc1 2024-09-27 08:48:37 -07:00
cache
cdrom
cdx
char [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
clk soc: convert ep93xx to devicetree 2024-09-26 12:00:25 -07:00
clocksource Updates for x86 timers: 2024-09-17 15:27:01 +02:00
comedi comedi: ni_routing: tools: Check when the file could not be opened 2024-09-11 16:03:28 +02:00
connector
counter [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
cpufreq In the v6.12 scheduler development cycle we had 63 commits from 18 contributors: 2024-09-19 15:55:58 +02:00
cpuidle pmdomain core: 2024-09-18 10:49:45 +02:00
crypto This push fixes the following issues: 2024-09-24 10:46:54 -07:00
cxl cxl changes for v6.12 2024-09-27 11:42:03 -07:00
dax
dca
devfreq
dio
dma soc: convert ep93xx to devicetree 2024-09-26 12:00:25 -07:00
dma-buf drm next for 6.12-rc1 2024-09-19 10:18:15 +02:00
dpll
edac - Drop a now obsolete ppc4xx_edac driver 2024-09-16 06:36:37 +02:00
eisa
extcon Char/Misc and other driver changes for 6.12-rc1 2024-09-26 10:13:08 -07:00
firewire [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
firmware [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
fpga
fsi
gnss [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
gpio [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
gpu drm fixes for 6.12-rc1 2024-09-28 08:47:46 -07:00
greybus greybus: gb-beagleplay: Add firmware upload API 2024-09-12 09:04:09 +02:00
hid [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
hsi
hte
hv drm next for 6.12-rc1 2024-09-19 10:18:15 +02:00
hwmon [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
hwspinlock
hwtracing [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
i2c i2c-for-6.12-rc1-additional_fixes 2024-09-29 09:47:33 -07:00
i3c i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition 2024-09-17 16:51:45 +02:00
idle intel_idle: fix ACPI _CST matching for newer Xeon platforms 2024-09-25 22:30:33 +02:00
iio
infiniband [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
input [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
interconnect
iommu [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
ipack
irqchip Merge tag 'irq-core-2024-09-16' into loongarch-next 2024-09-17 22:20:12 +08:00
isdn [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
leds [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
macintosh [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
mailbox mailbox, remoteproc: omap2+: fix compile testing 2024-09-27 09:11:05 -05:00
mcb
md - Misc VDO fixes 2024-09-27 09:12:51 -07:00
media media: wl128x: Fix atomicity violation in fmc_send_cmd() 2024-10-12 16:28:26 +02:00
memory
memstick
message SCSI misc on 20240928 2024-09-29 09:22:34 -07:00
mfd - Added support for the Analog Devices ADP5585 GPIO and PWM functions. 2024-09-23 14:17:08 -07:00
misc [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
mmc [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
most
mtd [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
mux
net [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
nfc
ntb ntb: Force physically contiguous allocation of rx ring buffers 2024-09-20 10:51:25 -04:00
nubus
nvdimm virtio: features, fixes, cleanups 2024-09-26 08:43:17 -07:00
nvme for-6.12/block-20240925 2024-09-25 14:56:40 -07:00
nvmem Char/Misc and other driver changes for 6.12-rc1 2024-09-26 10:13:08 -07:00
of Kbuild updates for v6.12 2024-09-24 13:02:06 -07:00
opp Merge branches 'pm-sleep', 'pm-opp' and 'pm-tools' 2024-09-11 19:02:23 +02:00
parisc
parport
pci pci-v6.12-changes 2024-09-23 12:47:06 -07:00
pcmcia
peci
perf RISC-V Patches for the 6.12 Merge Window, Part 1 2024-09-24 10:59:17 -07:00
phy phy-for-6.12 2024-09-23 14:05:10 -07:00
pinctrl soc: convert ep93xx to devicetree 2024-09-26 12:00:25 -07:00
platform [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
pmdomain pmdomain: core: Reduce debug summary table width 2024-09-13 13:41:33 +02:00
pnp
power soc: convert ep93xx to devicetree 2024-09-26 12:00:25 -07:00
powercap
pps [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
ps3
ptp
pwm soc: convert ep93xx to devicetree 2024-09-26 12:00:25 -07:00
rapidio
ras
regulator regulator: sm5703: Remove because it is unused and fails to build 2024-09-13 19:08:14 +01:00
remoteproc mhu-v3, omap2+ : fix kconfig dependencies 2024-09-29 09:53:04 -07:00
reset
rpmsg rpmsg: glink: Avoid -Wflex-array-member-not-at-end warnings 2024-09-13 14:09:47 -07:00
rtc [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
s390 more s390 updates for 6.12 merge window 2024-09-28 09:11:46 -07:00
sbus [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
scsi SCSI misc on 20240928 2024-09-29 09:22:34 -07:00
sh sh: intc: Replace simple_strtoul() with kstrtoul() 2024-09-26 17:25:29 +02:00
siox
slimbus
soc soc: convert ep93xx to devicetree 2024-09-26 12:00:25 -07:00
soundwire soundwire updates for 6.12 2024-09-23 14:00:46 -07:00
spi [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
spmi
ssb
staging media: staging: drop omap4iss 2024-10-08 13:43:47 +02:00
target
tc
tee
thermal [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
thunderbolt
tty [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
ufs SCSI misc on 20240928 2024-09-29 09:22:34 -07:00
uio uio: Constify struct kobj_type 2024-09-11 16:02:54 +02:00
usb [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
vdpa virtio: features, fixes, cleanups 2024-09-26 08:43:17 -07:00
vfio [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
vhost virtio: features, fixes, cleanups 2024-09-26 08:43:17 -07:00
video fbdev: sisfb: Fix strbuf array overflow 2024-09-28 00:42:11 +02:00
virt [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
virtio virtio: features, fixes, cleanups 2024-09-26 08:43:17 -07:00
w1
watchdog [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
xen xen: branch for v6.12-rc1a 2024-09-27 09:55:30 -07:00
zorro
Kconfig
Makefile