linux_dsm_epyc7002/drivers
Bhaumik Bhatt 3efec3b4b1 bus: mhi: core: Validate channel ID when processing command completions
commit 546362a9ef2ef40b57c6605f14e88ced507f8dd0 upstream.

MHI reads the channel ID from the event ring element sent by the
device which can be any value between 0 and 255. In order to
prevent any out of bound accesses, add a check against the maximum
number of channels supported by the controller and those channels
not configured yet so as to skip processing of that event ring
element.

Link: https://lore.kernel.org/r/1624558141-11045-1-git-send-email-bbhatt@codeaurora.org
Fixes: 1d3173a3ba ("bus: mhi: core: Add support for processing events from client device")
Cc: stable@vger.kernel.org #5.10
Reviewed-by: Hemant Kumar <hemantk@codeaurora.org>
Reviewed-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Reviewed-by: Jeffrey Hugo <quic_jhugo@quicinc.com>
Signed-off-by: Bhaumik Bhatt <bbhatt@codeaurora.org>
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Link: https://lore.kernel.org/r/20210716075106.49938-3-manivannan.sadhasivam@linaro.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-07-28 14:35:45 +02:00
..
accessibility
acpi ACPI: Kconfig: Fix table override from built-in initrd 2021-07-28 14:35:39 +02:00
amba
android
ata ata: ahci_sunxi: Disable DIPM 2021-07-19 09:44:59 +02:00
atm atm: nicstar: register the interrupt handler in the right place 2021-07-19 09:44:52 +02:00
auxdisplay
base drivers: base: Fix device link removal 2021-06-03 09:00:34 +02:00
bcma
block virtio-blk: Fix memory leak among suspend/resume procedure 2021-07-20 16:05:49 +02:00
bluetooth Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. 2021-07-19 09:44:54 +02:00
bus bus: mhi: core: Validate channel ID when processing command completions 2021-07-28 14:35:45 +02:00
cdrom cdrom: gdrom: initialize global variable at init time 2021-05-26 12:06:55 +02:00
char virtio_console: Assure used length from device is limited 2021-07-20 16:05:49 +02:00
clk clk: tegra: Ensure that PLLU configuration is applied properly 2021-07-19 09:44:43 +02:00
clocksource clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround 2021-07-19 09:44:59 +02:00
connector
counter counter: stm32-timer-cnt: fix ceiling miss-alignment with reload register 2021-03-25 09:04:16 +01:00
cpufreq cpufreq: Make cpufreq_online() call driver->offline() on errors 2021-07-14 16:56:13 +02:00
cpuidle cpuidle: Fix ARM_QCOM_SPM_CPUIDLE configuration 2021-05-14 09:50:16 +02:00
crypto crypto: qce - fix error return code in qce_skcipher_async_req_handle() 2021-07-14 16:56:54 +02:00
dax
dca
devfreq PM / devfreq: Add missing error code in devfreq_add_device() 2021-07-14 16:56:11 +02:00
dio
dma dmaengine: fsl-qdma: check dma_set_mask return value 2021-07-20 16:05:38 +02:00
dma-buf dma-buf/sync_file: Don't leak fences on merge failure 2021-07-25 14:36:20 +02:00
edac EDAC/Intel: Do not load EDAC driver when running as a guest 2021-07-14 16:56:00 +02:00
eisa
extcon extcon: intel-mrfld: Sync hardware and software state on init 2021-07-19 09:45:00 +02:00
firewire firewire: nosy: Fix a use-after-free bug in nosy_ioctl() 2021-04-07 15:00:11 +02:00
firmware firmware/efi: Tell memblock about EFI iomem reservations 2021-07-28 14:35:44 +02:00
fpga fpga: stratix10-soc: Add missing fpga_mgr_free() call 2021-07-19 09:44:59 +02:00
fsi fsi: Add missing MODULE_DEVICE_TABLE 2021-07-20 16:05:42 +02:00
gnss
gpio gpio: pca953x: Add support for the On Semi pca9655 2021-07-20 16:05:43 +02:00
gpu drm/panel: raspberrypi-touchscreen: Prevent double-free 2021-07-28 14:35:41 +02:00
greybus
hid HID: wacom: Correct base usage for capacitive ExpressKey status bits 2021-07-14 16:56:01 +02:00
hsi HSI: core: fix resource leaks in hsi_add_client_from_dt() 2021-05-14 09:50:28 +02:00
hv drivers: hv: Fix missing error code in vmbus_connect() 2021-07-14 16:55:59 +02:00
hwmon hwmon: (max31790) Fix fan speed reporting for fan7..12 2021-07-14 16:56:08 +02:00
hwspinlock
hwtracing intel_th: Wait until port is in reset before programming it 2021-07-20 16:05:46 +02:00
i2c i2c: core: Disable client irq on reboot/shutdown 2021-07-20 16:05:46 +02:00
i3c Revert "i3c master: fix missing destroy_workqueue() on error in i3c_master_register" 2021-05-14 09:50:05 +02:00
ide
idle
iio iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() 2021-07-20 16:05:39 +02:00
infiniband RDMA/cma: Fix rdma_resolve_route() memory leak 2021-07-19 09:44:53 +02:00
input Input: hideep - fix the uninitialized use in hideep_nvm_unlock() 2021-07-20 16:05:44 +02:00
interconnect interconnect: qcom: Add missing MODULE_DEVICE_TABLE 2021-06-03 09:00:46 +02:00
iommu iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation 2021-07-20 16:05:43 +02:00
ipack ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe 2021-07-19 09:45:01 +02:00
irqchip irqchip/gic-v3: Workaround inconsistent PMR setting on NMI entry 2021-06-23 14:42:49 +02:00
isdn mISDN: fix possible use-after-free in HFC_cleanup() 2021-07-19 09:44:38 +02:00
leds leds: turris-omnia: add missing MODULE_DEVICE_TABLE 2021-07-20 16:05:45 +02:00
lightnvm
macintosh
mailbox mailbox: qcom-ipcc: Fix IPCC mbox channel exhaustion 2021-07-14 16:56:53 +02:00
mcb
md dm writecache: write at least 4k when committing 2021-07-19 09:45:02 +02:00
media media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() 2021-07-28 14:35:45 +02:00
memory memory: tegra: Fix compilation warnings on 64bit platforms 2021-07-25 14:36:14 +02:00
memstick memstick: rtsx_usb_ms: fix UAF 2021-07-14 16:55:53 +02:00
message
mfd mfd: cpcap: Fix cpcap dmamask not set warnings 2021-07-20 16:05:42 +02:00
misc misc: alcor_pci: fix inverted branch condition 2021-07-20 16:05:50 +02:00
mmc mmc: core: Don't allocate IDA for OF aliases 2021-07-28 14:35:42 +02:00
most
mtd mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() 2021-07-14 16:56:47 +02:00
mux
net ixgbe: Fix packet corruption due to missing DMA sync 2021-07-28 14:35:45 +02:00
nfc nfc: pn533: prevent potential memory corruption 2021-05-14 09:50:32 +02:00
ntb
nubus
nvdimm libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC 2021-04-21 13:00:55 +02:00
nvme nvme: set the PRACT bit when using Write Zeroes with T10 PI 2021-07-28 14:35:41 +02:00
nvmem nvmem: core: add a missing of_node_put 2021-07-19 09:45:00 +02:00
of of: Fix truncation of memory sizes on 32-bit platforms 2021-07-14 16:56:46 +02:00
opp
oprofile
parisc
parport
pci PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift 2021-07-20 16:05:52 +02:00
pcmcia
perf perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same IRQ number 2021-07-14 16:56:08 +02:00
phy phy: intel: Fix for warnings due to EMMC clock 175Mhz change in FIP 2021-07-20 16:05:46 +02:00
pinctrl pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() 2021-07-19 09:45:02 +02:00
platform platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() 2021-07-14 16:56:00 +02:00
pnp
power power: supply: rt5033_battery: Fix device tree enumeration 2021-07-20 16:05:50 +02:00
powercap
pps
ps3
ptp ptp: improve max_adj check against unreasonable values 2021-06-23 14:42:45 +02:00
pwm pwm: sprd: Ensure configuring period and duty_cycle isn't wrongly skipped 2021-07-28 14:35:34 +02:00
rapidio rapidio: handle create_workqueue() failure 2021-05-26 12:06:52 +02:00
ras RAS/CEC: Correct ce_add_elem()'s returned values 2021-04-14 08:42:12 +02:00
regulator regulator: hi6421: Fix getting wrong drvdata 2021-07-28 14:35:36 +02:00
remoteproc remoteproc: k3-r5: Fix an error message 2021-07-20 16:05:50 +02:00
reset reset: ti-syscon: fix to_ti_syscon_reset_data macro 2021-07-25 14:36:11 +02:00
rpmsg rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() 2021-05-19 10:13:02 +02:00
rtc rtc: max77686: Do not enforce (incorrect) interrupt trigger type 2021-07-25 14:36:16 +02:00
s390 s390/sclp_vt220: fix console name to match device 2021-07-20 16:05:42 +02:00
sbus
scsi scsi: iscsi: Fix iface sysfs attr detection 2021-07-28 14:35:39 +02:00
sfi
sh
siox
slimbus
soc soc/tegra: fuse: Fix Tegra234-only builds 2021-07-25 14:36:15 +02:00
soundwire soundwire: stream: Fix test for DP prepare complete 2021-07-14 16:56:47 +02:00
spi spi: spi-bcm2835: Fix deadlock 2021-07-28 14:35:40 +02:00
spmi
ssb ssb: Fix error return code in ssb_bus_scan() 2021-07-14 16:56:21 +02:00
staging staging: rtl8723bs: fix macro value for 2.4Ghz only device 2021-07-20 16:05:45 +02:00
target scsi: target: Fix protect handling in WRITE SAME(32) 2021-07-28 14:35:39 +02:00
tc
tee optee: use export_uuid() to copy client UUID 2021-06-10 13:39:21 +02:00
thermal thermal/core/thermal_of: Stop zone device before unregistering it 2021-07-25 14:36:17 +02:00
thunderbolt thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() 2021-07-14 16:56:44 +02:00
tty serial: tty: uartlite: fix console setup 2021-07-20 16:05:42 +02:00
uio uio_hv_generic: Fix a memory leak in error handling paths 2021-05-26 12:06:52 +02:00
usb usb: typec: stusb160x: register role switch before interrupt registration 2021-07-28 14:35:44 +02:00
vdpa vdpa/mlx5: Clear vq ready indication upon device reset 2021-07-20 16:05:53 +02:00
vfio vfio/pci: Handle concurrent vma faults 2021-07-14 16:56:50 +02:00
vhost vhost-vdpa: fix vm_flags for virtqueue doorbell mapping 2021-05-11 14:47:12 +02:00
video backlight: lm3630a: Fix return code of .update_status() callback 2021-07-20 16:05:45 +02:00
virt nitro_enclaves: Fix stale file descriptors on failed usercopy 2021-05-11 14:47:11 +02:00
virtio
visorbus visorbus: fix error return code in visorchipset_init() 2021-07-14 16:56:41 +02:00
vlynq
vme
w1 w1: ds2438: fixing bug that would always get page0 2021-07-20 16:05:39 +02:00
watchdog watchdog: jz4740: Fix return value check in jz4740_wdt_probe() 2021-07-20 16:05:51 +02:00
xen xen/events: reset active flag for lateeoi events later 2021-07-11 12:53:31 +02:00
zorro
Kconfig
Makefile