Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-09 22:50:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,105,319 Commits 106 Branches 5,190 Tags 6 GiB
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
huangjie.albert a7722890fd virtio_ring : keep used_wrap_counter in vq->last_used_idx 
the used_wrap_counter and the vq->last_used_idx may get
out of sync if they are separate assignment,and interrupt
might use an incorrect value to check for the used index.

for example:OOB access
ksoftirqd may consume the packet and it will call:
virtnet_poll
	-->virtnet_receive
		-->virtqueue_get_buf_ctx
			-->virtqueue_get_buf_ctx_packed
and in virtqueue_get_buf_ctx_packed:

vq->last_used_idx += vq->packed.desc_state[id].num;
if (unlikely(vq->last_used_idx >= vq->packed.vring.num)) {
         vq->last_used_idx -= vq->packed.vring.num;
         vq->packed.used_wrap_counter ^= 1;
}

if at the same time, there comes a vring interrupt,in vring_interrupt:
we will call:
vring_interrupt
	-->more_used
		-->more_used_packed
			-->is_used_desc_packed
in is_used_desc_packed, the last_used_idx maybe >= vq->packed.vring.num.
so this could case a memory out of bounds bug.

this patch is to keep the used_wrap_counter in vq->last_used_idx
so we can get the correct value to check for used index in interrupt.

v3->v4:
- use READ_ONCE/WRITE_ONCE to get/set vq->last_used_idx

v2->v3:
- add inline function to get used_wrap_counter and last_used
- when use vq->last_used_idx, only read once
  if vq->last_used_idx is read twice, the values can be inconsistent.
- use last_used_idx & ~(-(1 << VRING_PACKED_EVENT_F_WRAP_CTR))
  to get the all bits below VRING_PACKED_EVENT_F_WRAP_CTR

v1->v2:
- reuse the VRING_PACKED_EVENT_F_WRAP_CTR
- Remove parameter judgment in is_used_desc_packed,
because it can't be illegal

Signed-off-by: huangjie.albert <huangjie.albert@bytedance.com>
Message-Id: <20220617020411.80367-1-huangjie.albert@bytedance.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-06-24 02:49:48 -04:00
arch
X86 updates:
2022-06-19 09:58:28 -05:00
block
block/bfq: Enable I/O statistics
2022-06-16 16:59:28 -06:00
certs
certs: fix and refactor CONFIG_SYSTEM_BLACKLIST_HASH_LIST build
2022-06-15 21:52:32 +03:00
crypto
crypto: memneq - move into lib/
2022-06-12 14:51:51 +08:00
Documentation
A set of interrupt subsystem updates:
2022-06-19 09:45:16 -05:00
drivers
virtio_ring : keep used_wrap_counter in vq->last_used_idx
2022-06-24 02:49:48 -04:00
fs
Fixes for 5.19-rc3:
2022-06-19 09:24:49 -05:00
include
Build tool updates:
2022-06-19 09:54:16 -05:00
init
gcc-12: disable '-Warray-bounds' universally for now
2022-06-09 10:11:12 -07:00
ipc
These changes update the ipc sysctls so that they are fundamentally
2022-06-03 15:54:57 -07:00
kernel
A single scheduler fix plugging a race between sched_setscheduler() and
2022-06-19 09:51:00 -05:00
lib
Build tool updates:
2022-06-19 09:54:16 -05:00
LICENSES
LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers
2021-12-16 14:33:10 +01:00
mm
Merge tag 'fs_for_v5.19-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2022-06-17 10:09:24 -07:00
net
NFS Client Fixes for Linux 5.19-rc
2022-06-17 15:17:57 -05:00
samples
drm for 5.19-rc1
2022-05-25 16:18:27 -07:00
scripts
Build tool updates:
2022-06-19 09:54:16 -05:00
security
selinux: free contexts previously transferred in selinux_add_opt()
2022-06-15 21:20:45 -04:00
sound
sound fixes for 5.19-rc2
2022-06-10 10:20:57 -07:00
tools
Build tool updates:
2022-06-19 09:54:16 -05:00
usr
Not a lot of material this cycle. Many singleton patches against various
2022-05-27 11:22:03 -07:00
virt
KVM: x86: disable preemption around the call to kvm_arch_vcpu_{un|}blocking
2022-06-09 10:52:20 -04:00
.clang-format
clang-format: Fix space after for_each macros
2022-05-20 19:27:16 +02:00
.cocciconfig
scripts: add Linux .cocciconfig for coccinelle
2016-07-22 12:13:39 +02:00
.get_maintainer.ignore
Opt out of scripts/get_maintainer.pl
2019-05-16 10:53:40 -07:00
.gitattributes
.gitattributes: use 'dts' diff driver for dts files
2019-12-04 19:44:11 -08:00
.gitignore
kbuild: split the second line of *.mod into *.usyms
2022-05-08 03:16:59 +09:00
.mailmap
Hot fixes for 5.19-rc1.
2022-06-05 17:05:38 -07:00
COPYING
COPYING: state that all contributions really are covered by this file
2020-02-10 13:32:20 -08:00
CREDITS
MAINTAINERS: replace a Microchip AT91 maintainer
2022-02-09 11:30:01 +01:00
Kbuild
kbuild: rename hostprogs-y/always to hostprogs/always-y
2020-02-04 01:53:07 +09:00
Kconfig
kbuild: ensure full rebuild when the compiler is updated
2020-05-12 13:28:33 +09:00
MAINTAINERS
MAINTAINERS rectifications and a few minor driver fixes
2022-06-19 09:35:09 -05:00
Makefile
Linux 5.19-rc3
2022-06-19 15:06:47 -05:00
README
Drop all 00-INDEX files from Documentation/
2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Description
Linux kernel stable tree
Readme
Languages
C 97.5%
Assembly 1%
Shell 0.6%
Python 0.3%
Makefile 0.3%