OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/fs
History
Eiichi Tsukata 538c74a9cb xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init 
[ Upstream commit 96cf2a2c75 ]

If xfs_sysfs_init is called with parent_kobj == NULL, UBSAN
shows the following warning:

  UBSAN: null-ptr-deref in ./fs/xfs/xfs_sysfs.h:37:23
  member access within null pointer of type 'struct xfs_kobj'
  Call Trace:
   dump_stack+0x10e/0x195
   ubsan_type_mismatch_common+0x241/0x280
   __ubsan_handle_type_mismatch_v1+0x32/0x40
   init_xfs_fs+0x12b/0x28f
   do_one_initcall+0xdd/0x1d0
   do_initcall_level+0x151/0x1b6
   do_initcalls+0x50/0x8f
   do_basic_setup+0x29/0x2b
   kernel_init_freeable+0x19f/0x20b
   kernel_init+0x11/0x1e0
   ret_from_fork+0x22/0x30

Fix it by checking parent_kobj before the code accesses its member.

Signed-off-by: Eiichi Tsukata <devel@etsukata.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
[darrick: minor whitespace edits]
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2020-08-26 10:40:58 +02:00
..
9p 9p: Fix memory leak in v9fs_mount 2020-08-19 08:16:24 +02:00
adfs
affs affs: fix a memory leak in affs_remount 2020-01-17 19:48:50 +01:00
afs afs: Fix storage of cell names 2020-06-30 15:37:02 -04:00
autofs
befs
bfs
btrfs btrfs: add wrapper for transaction abort predicate 2020-08-26 10:40:49 +02:00
cachefiles cachefiles: Fix race between read_waiter and read_copier involving op->to_do 2020-06-03 08:21:11 +02:00
ceph ceph: fix use-after-free for fsc->mdsc 2020-08-26 10:40:56 +02:00
cifs cifs: Fix leak when handling lease break for cached root fid 2020-08-21 13:05:24 +02:00
coda
configfs configfs: fix config_item refcnt leak in configfs_rmdir() 2020-05-27 17:46:30 +02:00
cramfs
crypto fscrypt: don't evict dirty inodes after removing key 2020-03-18 07:17:53 +01:00
debugfs debugfs: Check module state before warning in {full/open}_proxy_open() 2020-04-17 10:50:02 +02:00
devpts
dlm dlm: Fix kobject memleak 2020-08-19 08:16:21 +02:00
ecryptfs ecryptfs: replace BUG_ON with error handling code 2020-02-28 17:22:26 +01:00
efivarfs
efs
erofs erofs: fix extended inode could cross boundary 2020-08-19 08:16:26 +02:00
exportfs
ext2 ext2: fix missing percpu_counter_inc 2020-08-21 13:05:26 +02:00
ext4 ext4: fix checking of directory entry validity for inline directories 2020-08-26 10:40:52 +02:00
f2fs f2fs: avoid utf8_strncasecmp() with unstable name 2020-06-24 17:50:50 +02:00
fat fat: don't allow to mount if the FAT length == 0 2020-06-17 16:40:36 +02:00
freevxfs
fscache
fuse fuse: fix weird page warning 2020-07-29 10:18:28 +02:00
gfs2 gfs2: Never call gfs2_block_zero_range with an open transaction 2020-08-26 10:40:48 +02:00
hfs
hfsplus hfsplus: fix crash and filesystem corruption when deleting files 2020-04-17 10:50:22 +02:00
hostfs
hpfs
hugetlbfs
iomap
isofs
jbd2 jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() 2020-08-26 10:40:52 +02:00
jffs2 jffs2: fix UAF problem 2020-08-26 10:40:56 +02:00
jfs
kernfs kernfs: do not call fsnotify() with name without a parent 2020-08-19 08:16:12 +02:00
lockd
minix fs/minix: remove expected error message in block_to_path() 2020-08-21 13:05:37 +02:00
nfs nfs: Fix getxattr kernel panic and memory overflow 2020-08-21 13:05:37 +02:00
nfs_common
nfsd nfsd: Fix NFSv4 READ on RDMA when using readv 2020-08-11 15:33:42 +02:00
nilfs2 nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() 2020-06-17 16:40:29 +02:00
nls
notify fanotify: fix ignore mask logic for events on child and on dir 2020-06-17 16:40:24 +02:00
ntfs utimes: Clamp the timestamps in notify_change() 2020-02-11 04:35:12 -08:00
ocfs2 ocfs2: change slot number type s16 to u16 2020-08-21 13:05:26 +02:00
omfs
openpromfs
orangefs orangefs: get rid of knob code... 2020-08-21 13:05:29 +02:00
overlayfs ovl: fix unneeded call to ovl_change_flags() 2020-07-22 09:33:12 +02:00
proc proc: Use new_inode not new_inode_pseudo 2020-06-17 16:40:33 +02:00
pstore pstore: Fix linking when crypto API disabled 2020-08-19 08:16:27 +02:00
qnx4
qnx6
quota fs: avoid softlockups in s_inodes iterators 2020-01-12 12:21:37 +01:00
ramfs
reiserfs reiserfs: prevent NULL pointer dereference in reiserfs_insert_item() 2020-02-24 08:37:00 +01:00
romfs romfs: fix uninitialized memory leak in romfs_dev_read() 2020-08-26 10:40:51 +02:00
squashfs
sysfs
sysv
tracefs
ubifs ubifs: Fix wrong orphan node deletion in ubifs_jnl_update|rename 2020-08-21 13:05:35 +02:00
udf udf: Fix free space reporting for metadata and virtual partitions 2020-02-24 08:36:44 +01:00
ufs fs/ufs: avoid potential u32 multiplication overflow 2020-08-21 13:05:37 +02:00
unicode
verity
xfs xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init 2020-08-26 10:40:58 +02:00
Kconfig
Kconfig.binfmt
Makefile
aio.c aio: fix async fsync creds 2020-06-17 16:40:24 +02:00
anon_inodes.c
attr.c utimes: Clamp the timestamps in notify_change() 2020-02-11 04:35:12 -08:00
bad_inode.c
binfmt_aout.c
binfmt_elf.c fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() 2020-06-03 08:21:27 +02:00
binfmt_elf_fdpic.c
binfmt_em86.c
binfmt_flat.c
binfmt_misc.c
binfmt_script.c
block_dev.c block: Fix use-after-free in blkdev_get() 2020-06-24 17:50:47 +02:00
buffer.c ext4: use non-movable memory for superblock readahead 2020-04-23 10:36:15 +02:00
char_dev.c chardev: Avoid potential use-after-free in 'chrdev_open()' 2020-01-14 20:08:18 +01:00
compat.c
compat_binfmt_elf.c
compat_ioctl.c fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP 2020-01-09 10:20:05 +01:00
coredump.c coredump: fix crash when umh is disabled 2020-05-14 07:58:27 +02:00
d_path.c
dax.c dax: pass NOWAIT flag to iomap_apply 2020-03-05 16:43:36 +01:00
dcache.c
dcookies.c
direct-io.c
drop_caches.c fs: avoid softlockups in s_inodes iterators 2020-01-12 12:21:37 +01:00
eventfd.c eventfd: track eventfd_signal() recursion depth 2020-02-11 04:35:37 -08:00
eventpoll.c eventpoll: fix missing wakeup for ovflist in ep_poll_callback 2020-05-14 07:58:26 +02:00
exec.c exec: Move would_dump into flush_old_exec 2020-05-20 08:20:34 +02:00
fcntl.c
fhandle.c
file.c fix multiplication overflow in copy_fdtable() 2020-05-27 17:46:12 +02:00
file_table.c
filesystems.c fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once() 2020-04-17 10:50:21 +02:00
fs-writeback.c memcg: fix a crash in wb_workfn when a device disappears 2020-02-11 04:35:11 -08:00
fs_context.c
fs_parser.c
fs_pin.c
fs_struct.c
fs_types.c
fsopen.c
inode.c futex: Fix inode life-time issue 2020-03-25 08:25:58 +01:00
internal.h fs: move guard_bio_eod() after bio_set_op_attrs 2020-01-17 19:48:21 +01:00
io_uring.c io_uring: Fix NULL pointer dereference in loop_rw_iter() 2020-08-19 08:16:29 +02:00
ioctl.c
libfs.c libfs: fix infoleak in simple_attr_read() 2020-04-01 11:02:17 +02:00
locks.c locks: reinstate locks_delete_block optimization 2020-03-25 08:25:41 +01:00
mbcache.c
mount.h
mpage.c fs: move guard_bio_eod() after bio_set_op_attrs 2020-01-17 19:48:21 +01:00
namei.c namei: only return -ECHILD from follow_dotdot_rcu() 2020-03-05 16:43:48 +01:00
namespace.c
no-block.c
nsfs.c
open.c cifs_atomic_open(): fix double-put on late allocation failure 2020-03-18 07:17:51 +01:00
pipe.c
pnode.c propagate_one(): mnt_set_mountpoint() needs mount_lock 2020-05-02 08:48:44 +02:00
pnode.h
posix_acl.c
proc_namespace.c
read_write.c fs: allow deduplication of eof block into the end of the destination file 2020-02-11 04:35:23 -08:00
readdir.c readdir: be more conservative with directory entry names 2020-01-29 16:45:31 +01:00
select.c
seq_file.c
signalfd.c
splice.c
stack.c
stat.c
statfs.c
super.c Fix use after free in get_tree_bdev() 2020-05-06 08:15:15 +02:00
sync.c
timerfd.c
userfaultfd.c
utimes.c utimes: Clamp the timestamps in notify_change() 2020-02-11 04:35:12 -08:00
xattr.c xattr: break delegations in {set,remove}xattr 2020-08-11 15:33:39 +02:00