qiurui
/
Ubuntu-focal-kernel
mirror of https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Ubuntu-focal-kernel/lib
History
Eric Dumazet 61c36df9bf netlink: prevent potential spectre v1 gadgets 
BugLink: https://bugs.launchpad.net/bugs/2011226

[ Upstream commit f0950402e8c76e7dcb08563f1b4e8000fbc62455 ]

Most netlink attributes are parsed and validated from
__nla_validate_parse() or validate_nla()

    u16 type = nla_type(nla);

    if (type == 0 || type > maxtype) {
        /* error or continue */
    }

@type is then used as an array index and can be used
as a Spectre v1 gadget.

array_index_nospec() can be used to prevent leaking
content of kernel memory to malicious users.

This should take care of vast majority of netlink uses,
but an audit is needed to take care of others where
validation is not yet centralized in core netlink functions.

Fixes: bfa83a9e03 ("[NETLINK]: Type-safe netlink messages/attributes interface")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Link: https://lore.kernel.org/r/20230119110150.2678537-1-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger@canonical.com>
Acked-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
 		2023-03-21 10:09:00 +01:00
..
842 lib: 842: no need to check return value of debugfs_create functions 2019-07-03 16:57:17 +02:00
crypto lib/crypto: blake2s: move hmac construction into wireguard 2022-08-26 11:09:35 +02:00
dim dim: initialize all struct fields 2022-07-11 16:40:02 +02:00
fonts lib/fonts: fix undefined behavior in bit shift for get_default_font 2023-02-01 15:22:13 +01:00
livepatch
lz4 lz4: fix LZ4_decompress_safe_partial read out of bound 2022-05-20 15:20:00 +02:00
lzo lib/lzo: fix ambiguous encoding bug in lzo-rle 2020-08-08 01:53:12 -04:00
math treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
mpi lib/mpi: use kcalloc in mpi_resize 2021-10-11 17:08:45 -06:00
raid6 lib/raid6/test/Makefile: Use $(pound) instead of \# for Make 4.3 2022-05-20 15:19:19 +02:00
reed_solomon rslib: Make some functions static 2019-07-02 08:41:37 +02:00
vdso lib/vdso: use "grep -E" instead of "egrep" 2023-02-01 15:21:25 +01:00
xz lib/xz: Validate the value before assigning it to an enum variable 2022-01-13 18:42:11 +01:00
zlib_deflate lib/zlib: add zlib_deflate_dfltcc_enabled() function 2020-03-07 08:42:39 -06:00
zlib_dfltcc lib/zlib: add zlib_deflate_dfltcc_enabled() function 2020-03-07 08:42:39 -06:00
zlib_inflate lib/zlib: remove outdated and incorrect pre-increment optimization 2020-08-08 01:53:12 -04:00
zstd lib/zstd/mem.h: replace __inline by inline 2019-09-15 19:42:16 +02:00
.gitignore
Kconfig ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE 2022-05-20 15:17:55 +02:00
Kconfig.debug Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is enabled 2023-02-01 15:21:47 +01:00
Kconfig.kasan kasan: add memory corruption identification for software tag-based mode 2019-09-24 15:54:07 -07:00
Kconfig.kgdb treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Kconfig.ubsan treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile avoid __memcat_p link failure 2021-05-19 10:53:23 +02:00
argv_split.c
ashldi3.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
ashrdi3.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
asn1_decoder.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
assoc_array.c assoc_array: Fix BUG_ON during garbage collect 2022-08-26 11:07:00 +02:00
atomic64.c locking/atomic: Use s64 for atomic64 2019-06-03 12:32:56 +02:00
atomic64_test.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
audit.c
bcd.c
bch.c
bitmap.c cpumask: Implement cpumask_or_equal() 2019-07-25 15:47:37 +02:00
bitrev.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
bsearch.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 372 2019-06-05 17:37:10 +02:00
btree.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 431 2019-06-05 17:37:16 +02:00
bucket_locks.c
bug.c bug: Remove redundant condition check in report_bug 2021-05-26 15:39:19 +02:00
build_OID_registry treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
bust_spinlocks.c
chacha.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
check_signature.c
checksum.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
clz_ctz.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
clz_tab.c
cmdline.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
cmpdi2.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
compat_audit.c
cpu_rmap.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
cpumask.c
crc-ccitt.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crc-itu-t.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crc-t10dif.c crc-t10dif: Fix potential crypto notify dead-lock 2020-09-04 16:28:56 -03:00
crc4.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crc7.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crc8.c
crc16.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
crc32.c lib/crc32.c: fix trivial typo in preprocessor condition 2020-11-09 14:49:00 +01:00
crc32defs.h
crc32test.c lib/crc32test: remove extra local_irq_disable/enable 2020-12-10 12:05:50 +01:00
crc64.c
ctype.c
debug_info.c
debug_locks.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
debugobjects.c debugobjects: Fix various data races 2020-02-24 16:20:00 +01:00
dec_and_lock.c
decompress.c
decompress_bunzip2.c
decompress_inflate.c lib/zlib: add s390 hardware support for kernel zlib_inflate 2020-03-07 08:42:30 -06:00
decompress_unlz4.c UBUNTU: SAUCE: lib/decompress_unlz4.c: correctly handle zero-padding around initrds. 2021-01-18 17:26:31 +01:00
decompress_unlzma.c
decompress_unlzo.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 95 2019-05-24 17:37:53 +02:00
decompress_unxz.c lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression 2022-01-13 18:42:11 +01:00
devres.c devres: keep both device name and resource name in pretty name 2020-09-04 16:30:00 -03:00
digsig.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
dump_stack.c dump_stack: avoid the livelock of the dump_lock 2019-11-06 08:47:50 -08:00
dynamic_debug.c dyndbg: let query-modname override actual module name 2023-01-06 08:43:59 -08:00
dynamic_queue_limits.c
earlycpio.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 283 2019-06-05 17:36:37 +02:00
error-inject.c treewide: Switch printk users from %pf and %pF to %ps and %pS, respectively 2019-04-09 14:19:06 +02:00
errseq.c
extable.c lib/extable.c: add missing prototypes 2019-09-25 17:51:39 -07:00
fault-inject.c fault-inject: clean up debugfs file creation logic 2019-06-18 13:47:24 +02:00
fdt.c
fdt_empty_tree.c
fdt_ro.c
fdt_rw.c
fdt_strerror.c
fdt_sw.c
fdt_wip.c
find_bit.c uapi: rename ext2_swab() to swab() and share globally in swab.h 2020-05-05 12:32:22 +02:00
find_bit_benchmark.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
flex_proportions.c
gen_crc32table.c
gen_crc64table.c
genalloc.c lib/genalloc: fix the overflow when size is too big 2021-02-19 16:43:37 +01:00
generic-radix-tree.c lib/generic-radix-tree.c: add kmemleak annotations 2019-10-14 15:04:00 -07:00
glob.c
globtest.c
hexdump.c hex2bin: fix access beyond string end 2022-06-22 14:51:05 +02:00
hweight.c x86/kconfig: Disable CONFIG_GENERIC_HWEIGHT and remove __HAVE_ARCH_SW_HWEIGHT 2019-05-13 11:07:33 +02:00
idr.c ida: don't use BUG_ON() for debugging 2022-09-16 10:59:05 +02:00
inflate.c
interval_tree.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
interval_tree_test.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
iomap.c
iomap_copy.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 504 2019-06-19 17:09:56 +02:00
iommu-helper.c
ioremap.c mm/ioremap: probe platform for p4d huge map support 2019-07-16 19:23:22 -07:00
iov_iter.c mm/highmem: Lift memcpy_[to|from]_page to core 2023-02-01 15:23:36 +01:00
irq_poll.c
irq_regs.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
is_single_threaded.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
kasprintf.c
kfifo.c Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()" 2019-08-30 18:47:15 -07:00
klist.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 248 2019-06-19 17:09:08 +02:00
kobject.c kobject: Restore old behaviour of kobject_del(NULL) 2020-11-09 14:46:47 +01:00
kobject_uevent.c kobject_uevent: remove warning in init_uevent_argv() 2021-06-18 15:02:22 +02:00
kstrtox.c lib: vsprintf: Fix handling of number field widths in vsscanf 2021-08-13 09:45:14 +02:00
kstrtox.h lib: vsprintf: Fix handling of number field widths in vsscanf 2021-08-13 09:45:14 +02:00
libcrc32c.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
list_debug.c lib/list_debug.c: Detect uninitialized lists 2022-10-17 15:02:00 +02:00
list_sort.c lib: list_sort.c: add a blank line to avoid kernel-doc warnings 2019-06-20 14:07:34 -06:00
llist.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 333 2019-06-05 17:37:06 +02:00
locking-selftest-hardirq.h
locking-selftest-mutex.h
locking-selftest-rlock-hardirq.h
locking-selftest-rlock-softirq.h
locking-selftest-rlock.h
locking-selftest-rsem.h
locking-selftest-rtmutex.h
locking-selftest-softirq.h
locking-selftest-spin-hardirq.h
locking-selftest-spin-softirq.h
locking-selftest-spin.h
locking-selftest-wlock-hardirq.h
locking-selftest-wlock-softirq.h
locking-selftest-wlock.h
locking-selftest-wsem.h
locking-selftest.c
lockref.c lockref: stop doing cpu_relax in the cmpxchg loop 2023-03-21 10:08:59 +01:00
logic_pio.c PCI: Fix pci_register_io_range() memory leak 2021-04-14 18:31:56 +02:00
lru_cache.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 91 2019-05-24 17:37:53 +02:00
lshrdi3.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
memcat_p.c
memory-notifier-error-inject.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
memweight.c
muldi3.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
net_utils.c
netdev-notifier-error-inject.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
nlattr.c netlink: prevent potential spectre v1 gadgets 2023-03-21 10:09:00 +01:00
nmi_backtrace.c
nodemask.c nodemask: Fix return values to be unsigned 2022-08-26 11:09:27 +02:00
notifier-error-inject.c lib/notifier-error-inject: fix error when writing -errno to debugfs file 2023-02-01 15:22:16 +01:00
notifier-error-inject.h
objagg.c lib: objagg: Use struct_size() in kzalloc() 2019-06-05 19:03:39 -07:00
of-reconfig-notifier-error-inject.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
oid_registry.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
once.c once: add DO_ONCE_SLOW() for sleepable contexts 2023-01-06 08:43:56 -08:00
packing.c lib: Add support for generic packing operations 2019-05-03 10:49:17 -04:00
parman.c
parser.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 230 2019-06-19 17:09:06 +02:00
pci_iomap.c
percpu-refcount.c Merge branch 'for-5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/dennis/percpu 2019-07-14 16:17:18 -07:00
percpu_counter.c
percpu_test.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
plist.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 10 2019-05-21 11:28:45 +02:00
pm-notifier-error-inject.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
radix-tree.c idr: Fix idr_alloc_u32 on 32-bit systems 2019-11-03 06:36:50 -05:00
random32.c random: replace custom notifier chain with standard one 2022-08-26 11:10:14 +02:00
ratelimit.c ratelimit: Fix data-races in ___ratelimit(). 2022-10-17 15:02:14 +02:00
rbtree.c lib/rbtree: avoid generating code twice for the cached versions 2019-07-16 19:23:22 -07:00
rbtree_test.c augmented rbtree: add new RB_DECLARE_CALLBACKS_MAX macro 2019-09-25 17:51:39 -07:00
refcount.c locking/refcount: Consolidate implementations of refcount_t 2022-09-16 10:59:59 +02:00
rhashtable.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
sbitmap.c sbitmap: only queue kyber's wait callback if not already active 2020-01-30 16:23:16 +01:00
scatterlist.c sgl_alloc_order: fix memory leak 2020-12-10 12:03:00 +01:00
seq_buf.c seq_buf: Fix overflow in seq_buf_putmem_hex() 2021-08-13 09:46:59 +02:00
sg_pool.c SCSI sg on 20190709 2019-07-11 15:17:41 -07:00
sg_split.c lib: scatterlist: Fix to support no mapped sg 2019-08-08 07:45:01 -06:00
sha1.c lib/crypto: sha1: re-roll loops to reduce code size 2022-08-26 11:09:35 +02:00
show_mem.c mm: remove quicklist page table caches 2019-09-24 15:54:09 -07:00
siphash.c siphash: use one source of truth for siphash permutations 2022-08-26 11:10:29 +02:00
smp_processor_id.c sched/core: Provide a pointer to the valid CPU mask 2019-06-03 11:49:37 +02:00
sort.c media: lib/sort.c: implement sort() variant taking context argument 2019-08-19 13:14:53 -03:00
stackdepot.c lib: stackdepot: turn depot_lock spinlock to raw_spinlock 2021-06-18 15:02:25 +02:00
stmp_device.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
string.c lib/string.c: implement stpcpy 2020-11-09 14:48:03 +01:00
string_helpers.c lib/string_helpers: fix some kerneldoc warnings 2019-07-16 19:23:22 -07:00
strncpy_from_user.c lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() 2020-01-30 16:28:22 +01:00
strnlen_user.c lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user() 2020-01-30 16:28:22 +01:00
syscall.c lib/syscall: fix syscall registers retrieval on 32-bit platforms 2021-01-20 14:25:04 +01:00
test-kstrtox.c
test-string_helpers.c
test_bitfield.c
test_bitmap.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_blackhole_dev.c blackhole_dev: add a selftest 2019-07-01 19:34:46 -07:00
test_bpf.c bpf/tests: Do not PASS tests without actually testing the result 2021-10-12 16:31:30 -06:00
test_debug_virtual.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_firmware.c test_firmware: fix memory leak in test_firmware_init() 2023-02-01 15:22:54 +01:00
test_hash.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_hexdump.c
test_ida.c
test_kasan.c kasan: stop tests being eliminated as dead code with FORTIFY_SOURCE 2020-08-08 01:53:12 -04:00
test_kmod.c lib/test: use after free in register_test_dev_kmod() 2022-05-20 15:19:16 +02:00
test_list_sort.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_memcat_p.c
test_meminit.c lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() test 2022-03-07 16:37:03 +01:00
test_module.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_objagg.c test_objagg: Fix potential memory leak in error handling 2020-08-08 01:53:12 -04:00
test_overflow.c lib/test_overflow.c: avoid tainting the kernel and fix wrap size 2019-07-16 19:23:22 -07:00
test_parman.c
test_printf.c vsprintf: don't obfuscate NULL and error pointers 2020-06-22 17:22:42 -03:00
test_rhashtable.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
test_siphash.c
test_sort.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
test_stackinit.c lib/test_stackinit: Fix static initializer test 2021-10-12 16:31:40 -06:00
test_static_key_base.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282 2019-06-05 17:36:37 +02:00
test_static_keys.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282 2019-06-05 17:36:37 +02:00
test_string.c lib/test_string.c: add some testcases for strchr and strnchr 2019-07-16 19:23:22 -07:00
test_strscpy.c lib: Add test module for strscpy_pad 2019-04-08 16:44:21 -06:00
test_sysctl.c tools/testing/selftests/sysctl/sysctl.sh: add proc_do_large_bitmap() test case 2019-05-14 19:52:51 -07:00
test_ubsan.c
test_user_copy.c usercopy: Avoid soft lockups in test_check_nonzero_user() 2019-10-16 14:56:21 +02:00
test_uuid.c
test_vmalloc.c lib/test_vmalloc.c:test_func(): eliminate local `ret' 2019-05-14 19:52:49 -07:00
test_xarray.c XArray: Fix xas_create_range() when multi-order entry present 2022-05-20 15:19:33 +02:00
textsearch.c lib: textsearch: fix escapes in example code 2019-10-03 12:12:23 -04:00
timerqueue.c lib/timerqueue: Rely on rbtree semantics for next timer 2019-07-24 17:38:01 +02:00
ts_bm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ts_fsm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ts_kmp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ubsan.c lib/ubsan: don't serialize UBSAN report 2020-01-30 16:22:24 +01:00
ubsan.h ubsan: Remove vla bound checks. 2019-05-06 11:12:09 -07:00
ucmpdi2.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 120 2019-05-24 17:39:02 +02:00
ucs2_string.c
usercopy.c lib: introduce copy_struct_from_user() helper 2019-10-01 15:45:03 +02:00
uuid.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
vsprintf.c random: replace custom notifier chain with standard one 2022-08-26 11:10:14 +02:00
win_minmax.c
xarray.c XArray: Update the LRU list in xas_split() 2022-05-20 15:19:34 +02:00
xxhash.c