# git rev-parse -q --verify 2e90ca68b0d2f5548804f22f0dd61145516171e3^{commit} 2e90ca68b0d2f5548804f22f0dd61145516171e3 already have revision, skipping fetch # git checkout -q -f -B kisskb 2e90ca68b0d2f5548804f22f0dd61145516171e3 # git clean -qxdf # < git log -1 # commit 2e90ca68b0d2f5548804f22f0dd61145516171e3 # Author: Linus Torvalds # Date: Fri Feb 21 12:43:35 2020 -0800 # # floppy: check FDC index for errors before assigning it # # Jordy Zomer reported a KASAN out-of-bounds read in the floppy driver in # wait_til_ready(). # # Which on the face of it can't happen, since as Willy Tarreau points out, # the function does no particular memory access. Except through the FDCS # macro, which just indexes a static allocation through teh current fdc, # which is always checked against N_FDC. # # Except the checking happens after we've already assigned the value. # # The floppy driver is a disgrace (a lot of it going back to my original # horrd "design"), and has no real maintainer. Nobody has the hardware, # and nobody really cares. But it still gets used in virtual environment # because it's one of those things that everybody supports. # # The whole thing should be re-written, or at least parts of it should be # seriously cleaned up. The 'current fdc' index, which is used by the # FDCS macro, and which is often shadowed by a local 'fdc' variable, is a # prime example of how not to write code. # # But because nobody has the hardware or the motivation, let's just fix up # the immediate problem with a nasty band-aid: test the fdc index before # actually assigning it to the static 'fdc' variable. # # Reported-by: Jordy Zomer # Cc: Willy Tarreau # Cc: Dan Carpenter # Signed-off-by: Linus Torvalds # < /opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux-gcc --version # < /opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux-ld --version # < git log --format=%s --max-count=1 2e90ca68b0d2f5548804f22f0dd61145516171e3 # < make -s -j 80 ARCH=arm64 O=/kisskb/build/linus-rand_arm64-randconfig_arm64-gcc5.4 CROSS_COMPILE=/opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux- randconfig KCONFIG_SEED=0x71CFDEC2 # Added to kconfig CONFIG_PREVENT_FIRMWARE_BUILD=y # < make -s -j 80 ARCH=arm64 O=/kisskb/build/linus-rand_arm64-randconfig_arm64-gcc5.4 CROSS_COMPILE=/opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux- help # make -s -j 80 ARCH=arm64 O=/kisskb/build/linus-rand_arm64-randconfig_arm64-gcc5.4 CROSS_COMPILE=/opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux- olddefconfig .config:4890:warning: override: reassigning to symbol PREVENT_FIRMWARE_BUILD # make -s -j 80 ARCH=arm64 O=/kisskb/build/linus-rand_arm64-randconfig_arm64-gcc5.4 CROSS_COMPILE=/opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux- arch/arm64/Makefile:27: ld does not support --fix-cortex-a53-843419; kernel may be susceptible to erratum arch/arm64/Makefile:27: ld does not support --fix-cortex-a53-843419; kernel may be susceptible to erratum /kisskb/src/drivers/memory/tegra/tegra186.c:1573:12: warning: 'tegra186_mc_suspend' defined but not used [-Wunused-function] static int tegra186_mc_suspend(struct device *dev) ^ /kisskb/src/drivers/memory/tegra/tegra186.c:1578:12: warning: 'tegra186_mc_resume' defined but not used [-Wunused-function] static int tegra186_mc_resume(struct device *dev) ^ /kisskb/src/drivers/i2c/busses/i2c-sh_mobile.c: In function 'sh_mobile_i2c_isr': /kisskb/src/drivers/i2c/busses/i2c-sh_mobile.c:399:26: warning: 'data' may be used uninitialized in this function [-Wmaybe-uninitialized] pd->msg->buf[real_pos] = data; ^ /kisskb/src/drivers/i2c/busses/i2c-sh_mobile.c:372:16: note: 'data' was declared here unsigned char data; ^ drivers/soc/imx/soc-imx-scu.o: In function `imx_scu_soc_probe': soc-imx-scu.c:(.text+0x1c): undefined reference to `imx_scu_get_handle' soc-imx-scu.c:(.text+0xac): undefined reference to `imx_scu_call_rpc' soc-imx-scu.c:(.text+0x110): undefined reference to `imx_scu_call_rpc' make[1]: *** [/kisskb/src/Makefile:1077: vmlinux] Error 1 make: *** [Makefile:179: sub-make] Error 2 Command 'make -s -j 80 ARCH=arm64 O=/kisskb/build/linus-rand_arm64-randconfig_arm64-gcc5.4 CROSS_COMPILE=/opt/cross/kisskb/br-aarch64-glibc-2016.08-613-ge98b4dd/bin/aarch64-linux- ' returned non-zero exit status 2 # rm -rf /kisskb/build/linus-rand_arm64-randconfig_arm64-gcc5.4 # Build took: 0:02:06.900561