AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-02-16 03:55:38 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
85f7ffd5d2
linux_dsm_epyc7002/drivers
History
Clemens Ladisch 85f7ffd5d2 firewire: ohci: fix buffer overflow in AR split packet handling 
When the controller had to split a received asynchronous packet into two
buffers, the driver tries to reassemble it by copying both parts into
the first page.  However, if size + rest > PAGE_SIZE, i.e., if the yet
unhandled packets before the split packet, the split packet itself, and
any received packets after the split packet are together larger than one
page, then the memory after the first page would get overwritten.

To fix this, do not try to copy the data of all unhandled packets at
once, but copy the possibly needed data every time when handling
a packet.

This gets rid of most of the infamous crashes and data corruptions when
using firewire-net.

Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Cc: 2.6.22-2.6.36 <stable@kernel.org>
Tested-by: Maxim Levitsky <maximlevitsky@gmail.com>
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> (cast PAGE_SIZE to size_t)
2010-10-30 23:37:19 +02:00
..
accessibility
acpi Merge branch 'msi-dmi' into release 2010-10-08 22:37:46 -04:00
amba
ata
atm ATM: iphase, remove sleep-inside-atomic 2010-10-11 11:05:42 -07:00
auxdisplay
base
block ps3disk: passing wrong variable to bvec_kunmap_irq() 2010-10-12 18:56:33 +02:00
bluetooth
cdrom
char virtio: console: Don't block entire guest if host doesn't read data 2010-10-20 13:18:04 -07:00
clocksource
connector
cpufreq
cpuidle
crypto
dca
dio
dma ioat2: fix performance regression 2010-10-13 15:43:10 -07:00
edac
eisa
firewire firewire: ohci: fix buffer overflow in AR split packet handling 2010-10-30 23:37:19 +02:00
firmware
gpio
gpu drm/radeon/kms: avivo cursor workaround applies to evergreen as well 2010-10-18 09:14:35 +10:00
hid HID: Add Cando touch screen 15.6-inch product id 2010-10-13 10:47:32 +02:00
hwmon hwmon: f71882fg: use a muxed resource lock for the Super I/O port 2010-10-03 05:57:04 -07:00
i2c i2c-imx: do not allow interruptions when waiting for I2C to complete 2010-10-18 01:29:04 +01:00
ide
idle intel_idle: enable Atom C6 2010-10-08 22:16:27 -04:00
ieee1394
ieee802154
infiniband
input Input: evdev - fix EVIOCSABS regression 2010-10-18 08:45:08 -07:00
isdn isdn: strcpy() => strlcpy() 2010-10-08 10:21:22 -07:00
leds
lguest
macintosh
mca
md md: check return code of read_sb_page 2010-10-07 12:02:50 +11:00
media v4l1: fix 32-bit compat microcode loading translation 2010-10-15 11:12:38 -07:00
memstick
message
mfd
misc
mmc mmc: sdio: fix SDIO suspend/resume regression 2010-10-15 12:54:55 -04:00
mtd mxc_nand: do not depend on disabling the irq in the interrupt handler 2010-10-18 13:09:05 -07:00
net ehea: Fix a checksum issue on the receive path 2010-10-13 14:24:59 -07:00
nubus
of
oprofile
parisc
parport
pci
pcmcia
platform IPS driver: Fix limit clamping when reducing CPU power 2010-10-05 14:59:35 -04:00
pnp
power
pps
ps3
rapidio
regulator Merge branch 'i2c-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging 2010-10-07 13:44:30 -07:00
rtc
s390
sbus
scsi
serial SERIAL: ioc3_serial: Return -ENOMEM on memory allocation failure 2010-10-19 18:32:40 +01:00
sfi
sh
sn
spi of/spi: Fix OF-style driver binding of spi devices 2010-10-02 21:28:29 -06:00
ssb
staging Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6 2010-10-07 13:45:00 -07:00
tc
telephony
thermal
uio
usb
uwb
vhost
video
virtio
vlynq
w1
watchdog
xen xen: do not set xenstored_ready before xenbus_probe on hvm 2010-10-05 13:37:28 +01:00
zorro
Kconfig
Makefile