leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6ae6ff6f6e
linux/drivers/block
History
Jason Wang 6ae6ff6f6e virtio-blk: validate num_queues during probe 
If an untrusted device neogitates BLK_F_MQ but advertises a zero
num_queues, the driver may end up trying to allocating zero size
buffers where ZERO_SIZE_PTR is returned which may pass the checking
against the NULL. This will lead unexpected results.

Fixing this by failing the probe in this case.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Cc: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Link: https://lore.kernel.org/r/20211019070152.8236-2-jasowang@redhat.com
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2021-11-01 05:26:48 -04:00
..
aoe for-5.14/drivers-2021-06-29 2021-06-30 12:21:16 -07:00
drbd block: move the bdi from the request_queue to the gendisk 2021-08-09 11:53:23 -06:00
mtip32xx mtip32xx: use blk_mq_alloc_disk and blk_cleanup_disk 2021-06-30 15:34:04 -06:00
null_blk null_blk: add error handling support for add_disk() 2021-08-23 12:55:46 -06:00
paride SCSI misc on 20210902 2021-09-02 15:09:46 -07:00
rnbd block/rnbd-clt-sysfs: fix a couple uninitialized variable bugs 2021-10-12 10:39:57 -06:00
rsxx for-5.14/drivers-2021-06-29 2021-06-30 12:21:16 -07:00
xen-blkback isystem: trim/fixup stdarg.h and other headers 2021-08-19 09:02:55 +09:00
zram Merge branch 'akpm' (patches from Andrew) 2021-07-02 12:08:10 -07:00
amiflop.c amiflop: use blk_mq_alloc_disk and blk_cleanup_disk 2021-06-11 11:54:43 -06:00
ataflop.c ataflop: use blk_mq_alloc_disk and blk_cleanup_disk 2021-06-11 11:54:43 -06:00
brd.c brd: reduce the brd_devices_mutex scope 2021-10-17 06:51:19 -06:00
cryptoloop.c cryptoloop: add a deprecation warning 2021-08-27 10:44:54 -06:00
floppy.c Revert "floppy: reintroduce O_NDELAY fix" 2021-08-28 11:16:47 +03:00
Kconfig virtio-blk: avoid preallocating big SGL for data 2021-11-01 04:29:47 -04:00
loop.c loop: reduce the loop_ctl_mutex scope 2021-09-03 22:14:40 -06:00
loop.h loop: reduce the loop_ctl_mutex scope 2021-09-03 22:14:40 -06:00
Makefile drivers/block: remove the umem driver 2021-03-24 06:57:40 -06:00
n64cart.c n64cart: fix return value check in n64cart_probe() 2021-09-09 14:24:02 -06:00
nbd.c nbd: use shifts rather than multiplies 2021-09-29 20:31:41 -06:00
pktcdvd.c block: move the bdi from the request_queue to the gendisk 2021-08-09 11:53:23 -06:00
ps3disk.c ps3disk: use memcpy_{from,to}_bvec 2021-08-02 13:37:27 -06:00
ps3vram.c ps3vram: use bvec_virt 2021-08-16 10:50:33 -06:00
rbd_types.h libceph, rbd: replace zero-length array with flexible-array 2020-06-01 13:22:53 +02:00
rbd.c rbd: use bvec_virt 2021-08-16 10:50:33 -06:00
sunvdc.c Char / Misc driver updates for 5.14-rc1 2021-07-05 13:42:16 -07:00
swim3.c swim3: use blk_mq_alloc_disk 2021-06-11 11:53:02 -06:00
swim_asm.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
swim.c swim: use blk_mq_alloc_disk 2021-06-11 11:53:03 -06:00
sx8.c sx8: use the internal state machine to check if del_gendisk needs to be called 2021-08-12 10:29:36 -06:00
virtio_blk.c virtio-blk: validate num_queues during probe 2021-11-01 05:26:48 -04:00
xen-blkfront.c xen: branch for v5.15-rc1 2021-09-02 13:20:11 -07:00
z2ram.c for-5.14/drivers-2021-06-29 2021-06-30 12:21:16 -07:00