Kernel/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-18 19:05:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux/drivers
History
Mathias Krause fbf8d71742 Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal 
Calling irq_domain_remove() will lead to freeing the IRQ domain
prematurely. The domain is still referenced and will be attempted to get
used via rmi_free_function_list() -> rmi_unregister_function() ->
irq_dispose_mapping() -> irq_get_irq_data()'s ->domain pointer.

With PaX's MEMORY_SANITIZE this will lead to an access fault when
attempting to dereference embedded pointers, as in Torsten's report that
was faulting on the 'domain->ops->unmap' test.

Fix this by releasing the IRQ domain only after all related IRQs have
been deactivated.

Fixes: 24d28e4f1271 ("Input: synaptics-rmi4 - convert irq distribution to irq_domain")
Reported-by: Torsten Hilbrich <torsten.hilbrich@secunet.com>
Signed-off-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lore.kernel.org/r/20240222142654.856566-1-minipli@grsecurity.net
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
2024-03-07 15:29:52 -08:00
..
accel
One EPROBE_DEFER handling fix for the JDI LT070ME05000, a timing fix for
2023-08-18 06:08:58 +10:00
accessibility
acpi
ACPI: resource: Fix IRQ override quirk for PCSpecialist Elimina Pro 16 M
2023-08-21 12:48:52 +02:00
amba
android
binder: fix memory leak in binder_init()
2023-08-04 15:25:01 +02:00
ata
ata,scsi: do not issue START STOP UNIT on resume
2023-08-02 17:01:12 +09:00
atm
auxdisplay
drm changes for 6.5-rc1:
2023-06-29 11:00:17 -07:00
base
driver core: cpu: Fix the fallback cpu_show_gds() name
2023-08-11 20:36:02 +02:00
bcma
block
block-6.5-2023-08-19
2023-08-19 17:31:46 +02:00
bluetooth
Bluetooth: btusb: Fix bluetooth on Intel Macbook 2014
2023-07-20 11:26:56 -07:00
bus
Merge branch 'omap-for-v6.5/ti-sysc' into omap-for-v6.5/fixes
2023-08-02 10:49:57 +03:00
cdrom
cdrom/gdrom: Fix build error
2023-06-29 08:09:31 -06:00
cdx
cdx: Replace custom mcdi logging with print_hex_dump_debug()
2023-06-15 13:42:16 +02:00
char
tpm_tis: Opt-in interrupts
2023-08-12 02:36:28 +03:00
clk
clk: Fix slab-out-of-bounds error in devm_clk_release()
2023-08-22 15:25:18 -07:00
clocksource
RISC-V Patches for the 6.5 Merge Window, Part 1
2023-06-30 09:37:26 -07:00
comedi
comedi: make all 'class' structures const
2023-06-23 10:29:02 +02:00
connector
counter
First set of Counter fixes for 6.5
2023-08-04 15:17:29 +02:00
cpufreq
cpufreq: amd-pstate: fix global sysfs attribute type
2023-08-07 19:41:48 +02:00
cpuidle
cpuidle: psci: Move enabling OSI mode after power domains creation
2023-08-08 16:07:01 +02:00
crypto
Revert "crypto: caam - adjust RNG timing to support more devices"
2023-08-18 16:47:02 +08:00
cxl
cxl/memdev: Only show sanitize sysfs files when supported
2023-07-28 13:16:54 -06:00
dax
dax: enable dax fault handler to report VM_FAULT_HWPOISON
2023-06-26 07:54:23 -06:00
dca
devfreq
dio
dma
dmaengine: xilinx: xdma: Fix typo
2023-08-07 00:01:41 +05:30
dma-buf
dma-buf/sw_sync: Avoid recursive lock during fence signal
2023-08-23 10:22:49 +02:00
edac
- Add initial support for RAS hardware found on AMD server GPUs (MI200).
2023-06-26 15:09:18 -07:00
eisa
extcon
firewire
firewire: net: fix use after free in fwnet_finish_incoming_packet()
2023-06-24 14:03:46 +09:00
firmware
firmware: arm_scmi: Fix chan_free cleanup on SMC
2023-07-20 13:31:58 +01:00
fpga
Char/Misc and other driver subsystem updates for 6.5-rc1
2023-07-03 12:46:47 -07:00
fsi
gnss
gpio
gpio: sim: pass the GPIO device's software node to irq domain
2023-08-23 21:05:28 +02:00
gpu
- Fix power consumption at s2idle on DG2 (Anshuman)
2023-08-25 09:12:02 +10:00
greybus
hid
for-linus-2023071101
2023-07-12 11:56:22 -07:00
hsi
hte
hv
x86/hyperv: Improve code for referencing hyperv_pcpu_input_arg
2023-06-28 17:53:25 +00:00
hwmon
hwmon: (aquacomputer_d5next) Add selective 200ms delay after sending ctrl report
2023-08-09 21:09:47 -07:00
hwspinlock
hwspinlock: omap: drop of_match_ptr for ID table
2023-06-14 08:15:24 -07:00
hwtracing
Char/Misc and other driver subsystem updates for 6.5-rc1
2023-07-03 12:46:47 -07:00
i2c
i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue
2023-08-14 18:17:13 +02:00
i3c
idle
Revert "intel_idle: Add support for using intel_idle in a VM guest using just hlt"
2023-07-19 20:10:03 +02:00
iio
iio: cros_ec: Fix the allocation size for cros_ec_command
2023-07-29 12:21:21 +01:00
infiniband
RDMA/bnxt_re: Initialize dpi_tbl_lock mutex
2023-08-10 16:35:54 -03:00
input
Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal
2024-03-07 15:29:52 -08:00
interconnect
interconnect: qcom: sa8775p: add enable_mask for bcm nodes
2023-07-11 15:44:43 +03:00
iommu
iommufd: Set end correctly when doing batch carry
2023-07-27 11:27:20 -03:00
ipack
irqchip
- Work around an erratum on GIC700, where a race between a CPU
2023-07-30 10:59:19 -07:00
isdn
mISDN: Update parameter type of dsp_cmx_send()
2023-08-03 18:08:32 -07:00
leds
leds: trigger: netdev: rename 'hw_control' sysfs entry to 'offloaded'
2023-08-22 11:02:29 -07:00
macintosh
macintosh: Use of_property_read_reg() to parse "reg"
2023-06-21 14:08:54 +10:00
mailbox
mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
2023-06-30 17:35:45 -05:00
mcb
md
dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
2023-07-25 11:55:50 -04:00
media
media fixes for v6.5-rc8
2023-08-24 19:10:53 -07:00
memory
memory: tegra: make icc_set_bw return zero if BWMGR not supported
2023-07-25 22:09:20 +02:00
memstick
memstick r592: make memstick_debug_get_tpc_name() static
2023-06-12 15:16:19 +02:00
message
mfd
- New Drivers
2023-07-03 10:55:04 -07:00
misc
misc: tps6594-esm: Disable ESM for rev 1 PMIC
2023-08-04 15:52:51 +02:00
mmc
mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove
2023-08-15 13:24:29 +02:00
most
mtd
mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()
2023-07-27 16:54:23 +02:00
mux
mux: adg792a: Switch back to use i2c_driver's .probe()
2023-06-15 13:42:18 +02:00
net
bonding: fix macvlan over alb bond support
2023-08-24 10:07:13 +02:00
nfc
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2023-06-22 18:40:38 -07:00
ntb
ntb: hw: amd: Fix debugfs_create_dir error checking
2023-07-08 13:55:44 -04:00
nubus
nvdimm
dax: enable dax fault handler to report VM_FAULT_HWPOISON
2023-06-26 07:54:23 -06:00
nvme
block-6.5-2023-08-11
2023-08-11 12:14:08 -07:00
nvmem
nvmem: rmem: Use NVMEM_DEVID_AUTO
2023-06-15 13:42:18 +02:00
of
of/platform: increase refcount of fwnode
2023-08-21 16:12:28 -05:00
opp
OPP: Properly propagate error along when failing to get icc_path
2023-06-27 07:35:14 +05:30
parisc
parisc: Move proc_mckinley_root and proc_runway_root to sba_iommu
2023-08-10 22:22:03 +02:00
parport
parport: gsc: remove DMA leftover code
2023-08-03 14:40:37 +02:00
pci
pci-v6.5-fixes-1
2023-08-11 09:39:17 -07:00
pcmcia
pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
2023-06-15 13:42:18 +02:00
peci
perf
perf: RISC-V: Remove PERF_HES_STOPPED flag checking in riscv_pmu_start()
2023-07-12 07:41:23 -07:00
phy
phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
2023-07-24 16:23:37 +05:30
pinctrl
pinctrl: amd: Mask wake bits on probe again
2023-08-21 12:28:28 +02:00
platform
platform/mellanox: Fix mlxbf-tmfifo not handling all virtio CONSOLE notifications
2023-08-23 17:13:36 +02:00
pnp
power
power supply and reset changes for the 6.5 series
2023-07-03 17:23:16 -07:00
powercap
powercap: intel_rapl: Fix a sparse warning in TPMI interface
2023-08-01 13:45:08 +02:00
pps
ps3
ptp
ptp: Make max_phase_adjustment sysfs device attribute invisible when not supported
2023-07-03 13:17:25 -07:00
pwm
pwm: Changes for v6.5-rc1
2023-07-05 12:55:06 -07:00
rapidio
ras
regulator
regulator: qcom-rpmh: Fix LDO 12 regulator for PM8550
2023-08-07 15:13:27 +01:00
remoteproc
remoteproc updates for v6.5
2023-07-03 17:03:05 -07:00
reset
ARM: SoC drivers for 6.5
2023-06-29 15:22:19 -07:00
rpmsg
rtc
RTC for 6.5
2023-07-03 10:43:10 -07:00
s390
Including fixes from bpf and wireless.
2023-08-03 14:00:02 -07:00
sbus
oradax: make 'cl' a static const structure
2023-06-23 10:27:02 +02:00
scsi
SCSI fixes on 20230827
2023-08-27 07:33:54 -07:00
sh
siox
slimbus
soc
soc: aspeed: socinfo: Add kfree for kstrdup
2023-08-12 12:12:58 +02:00
soundwire
soundwire: amd: Fix a check for errors in probe()
2023-07-13 11:09:07 +05:30
spi
spi: spi-cadence: Fix data corruption issues in slave mode
2023-08-21 13:09:57 +01:00
spmi
ssb
staging
Staging driver fixes for 6.5-rc4
2023-07-30 11:47:56 -07:00
target
SCSI misc on 20230708
2023-07-08 12:35:18 -07:00
tc
tee
ARM: SoC drivers for 6.5
2023-06-29 15:22:19 -07:00
thermal
powercap: intel_rapl: Fix a sparse warning in TPMI interface
2023-08-01 13:45:08 +02:00
thunderbolt
thunderbolt: Fix memory leak in tb_handle_dp_bandwidth_request()
2023-08-04 16:17:47 +03:00
tty
serial: core: Fix serial core port id, including multiport devices
2023-08-11 21:19:22 +02:00
ufs
scsi: ufs: ufs-qcom: Clear qunipro_g4_sel for HW major version > 5
2023-08-21 17:32:55 -04:00
uio
usb
usb: dwc3: Properly handle processing of pending events
2023-08-04 14:57:23 +02:00
vdpa
pds_vdpa: fix up debugfs feature bit printing
2023-08-10 15:51:46 -04:00
vfio
VFIO updates for v6.5-rc1
2023-06-30 15:22:09 -07:00
vhost
vhost-scsi: Rename vhost_scsi_iov_to_sgl
2023-08-10 15:24:28 -04:00
video
fbdev: goldfishfb: Do not check 0 for platform_get_irq()
2023-08-15 23:39:33 +02:00
virt
workqueue: Ordered workqueue creation cleanups
2023-06-27 16:46:06 -07:00
virtio
virtio-mem: check if the config changed before fake offlining memory
2023-08-10 15:51:46 -04:00
vlynq
w1
watchdog
watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller Hub)
2023-06-26 14:30:07 +02:00
xen
xen: speed up grant-table reclaim
2023-07-27 07:53:12 +02:00
zorro
Kconfig
Makefile