mirrors/linux
2
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-05-16 17:12:50 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
81d6f7c3a70b10ff757ee8b5f8114a190871cf1e
linux/drivers
History
Danilo Krummrich 81d6f7c3a7 s390/ap: use generic driver_override infrastructure 
When the AP masks are updated via apmask_store() or aqmask_store(),
ap_bus_revise_bindings() is called after ap_attr_mutex has been
released.

This calls __ap_revise_reserved(), which accesses the driver_override
field without holding any lock, racing against a concurrent
driver_override_store() that may free the old string, resulting in a
potential UAF.

Fix this by using the driver-core driver_override infrastructure, which
protects all accesses with an internal spinlock.

Note that unlike most other buses, the AP bus does not check
driver_override in its match() callback; the override is checked in
ap_device_probe() and __ap_revise_reserved() instead.

Also note that we do not enable the driver_override feature of struct
bus_type, as AP - in contrast to most other buses - passes "" to
sysfs_emit() when the driver_override pointer is NULL. Thus, printing
"\n" instead of "(null)\n".

Additionally, AP has a custom counter that is modified in the
corresponding custom driver_override_store().

Fixes: d38a87d7c0 ("s390/ap: Support driver_override for AP queue devices")
Tested-by: Holger Dengler <dengler@linux.ibm.com>
Reviewed-by: Holger Dengler <dengler@linux.ibm.com>
Reviewed-by: Harald Freudenberger <freude@linux.ibm.com>
Link: https://patch.msgid.link/20260324005919.2408620-11-dakr@kernel.org
Signed-off-by: Danilo Krummrich <dakr@kernel.org>
2026-04-04 00:49:22 +02:00
..
accel
accel/amdxdna: Fix runtime suspend deadlock when there is pending job
2026-03-10 11:46:40 -07:00
accessibility
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
acpi
Merge branches 'acpica' and 'acpi-bus'
2026-03-19 14:57:06 +01:00
amba
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
android
rust_binder: use lock_vma_under_rcu() in use_page_slow()
2026-02-26 21:34:14 -08:00
ata
ata: libata-scsi: report correct sense field pointer in ata_scsiop_maint_in()
2026-03-20 09:59:30 +01:00
atm
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
auxdisplay
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
base
driver core: make software nodes available earlier
2026-04-04 00:33:49 +02:00
bcma
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
block
Merge tag 'block-7.0-20260312' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux
2026-03-13 10:13:06 -07:00
bluetooth
Bluetooth: qca: fix ROM version reading on WCN3998 chips
2026-03-12 15:29:29 -04:00
bus
device property: Make modifications of fwnode "flags" thread safe
2026-03-26 22:00:59 +01:00
cache
cache: ax45mp: Fix device node reference leak in ax45mp_cache_init()
2026-02-06 19:54:40 +00:00
cdrom
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
cdx
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
char
Merge tag 'for-linus-7.0-1' of https://github.com/cminyard/linux-ipmi
2026-02-26 14:34:21 -08:00
clk
driver core: platform: use generic driver_override infrastructure
2026-03-17 20:30:57 +01:00
clocksource
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
comedi
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
connector
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
counter
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
cpufreq
cpufreq: intel_pstate: Fix crash during turbo disable
2026-02-25 14:39:19 +01:00
cpuidle
sched: idle: Make skipping governor callbacks more consistent
2026-03-10 16:03:02 +01:00
crypto
Merge tag 'libcrypto-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux
2026-03-18 15:50:29 -07:00
cxl
cxl/region: Test CXL_DECODER_F_NORMALIZED_ADDRESSING as a bitmask
2026-02-24 08:33:30 -07:00
dax
Convert 'alloc_flex' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
dca
treewide: Replace kmalloc with kmalloc_obj for non-scalar types
2026-02-21 01:02:28 -08:00
devfreq
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
dibs
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
dio
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
dma
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
dma-buf
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
dpll
Merge tag 'net-7.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2026-02-26 08:00:13 -08:00
edac
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
eisa
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
extcon
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
firewire
bonding: prevent potential infinite loop in bond_header_parse()
2026-03-16 19:29:45 -07:00
firmware
Merge tag 'soc-fixes-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
2026-03-18 08:28:54 -07:00
fpga
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
fsi
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
fwctl
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
gnss
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
gpib
gpib: lpvo_usb: fix unintended binding of FTDI 8U232AM devices
2026-03-11 16:23:32 +01:00
gpio
gpiolib: normalize the return value of gc->get() on behalf of buggy drivers
2026-02-23 11:49:23 +01:00
gpu
Merge tag 'drm-xe-fixes-2026-03-19' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-fixes
2026-03-21 02:17:59 +10:00
greybus
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
hid
Merge tag 'hid-for-linus-2026031701' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid
2026-03-17 13:55:51 -07:00
hsi
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
hte
Convert 'alloc_flex' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
hv
mshv: Fix error handling in mshv_region_pin
2026-03-18 16:18:49 +00:00
hwmon
Merge tag 'driver-core-7.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/driver-core/driver-core
2026-03-21 16:59:09 -07:00
hwspinlock
Merge tag 'soc-drivers-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
2026-02-10 20:45:30 -08:00
hwtracing
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
i2c
device property: Make modifications of fwnode "flags" thread safe
2026-03-26 22:00:59 +01:00
i3c
i3c: dw-i3c-master: Set SIR_REJECT in DAT on device attach and reattach
2026-03-11 22:50:29 +01:00
idle
intel_idle: Add C-states validation
2026-01-07 21:17:43 +01:00
iio
Merge tag 'i3c/fixes-for-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/i3c/linux
2026-03-14 16:25:10 -07:00
infiniband
RDMA/uverbs: Import DMA-BUF module in uverbs_std_types_dmabuf file
2026-02-26 04:58:24 -05:00
input
Convert 'alloc_flex' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
interconnect
Convert 'alloc_flex' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
iommu
iommu/amd: Block identity domain when SNP enabled
2026-03-17 14:02:02 +01:00
ipack
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
irqchip
irqchip/riscv-rpmi-sysmsi: Fix mailbox channel leak in rpmi_sysmsi_probe()
2026-03-17 11:16:15 +01:00
isdn
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
leds
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
macintosh
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
mailbox
treewide: Replace kmalloc with kmalloc_obj for non-scalar types
2026-02-21 01:02:28 -08:00
mcb
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
md
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
media
Merge tag 'media/v7.0-3' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
2026-03-04 08:12:06 -08:00
memory
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
memstick
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
message
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
mfd
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
misc
i3c: simplify combined i3c/i2c dependencies
2026-02-27 16:33:07 +01:00
mmc
mmc: sdhci: fix timing selection for 1-bit bus width
2026-03-16 16:08:54 +01:00
most
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
mtd
mtd: rawnand: pl353: make sure optimal timings are applied
2026-03-18 18:08:25 +01:00
mux
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
net
device property: Make modifications of fwnode "flags" thread safe
2026-03-26 22:00:59 +01:00
nfc
NFC: nxp-nci: allow GPIOs to sleep
2026-03-18 17:20:51 -07:00
ntb
Merge tag 'kmalloc_obj-treewide-v7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
2026-02-21 11:02:58 -08:00
nubus
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
nvdimm
nvdimm/bus: Fix potential use after free in asynchronous initialization
2026-03-09 09:38:22 -05:00
nvme
Merge tag 'block-7.0-20260312' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux
2026-03-13 10:13:06 -07:00
nvmem
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
of
device property: Make modifications of fwnode "flags" thread safe
2026-03-26 22:00:59 +01:00
opp
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
parisc
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
parport
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
pci
PCI: use generic driver_override infrastructure
2026-04-04 00:44:30 +02:00
pcmcia
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
peci
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
perf
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
phy
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
pinctrl
pinctrl: cy8c95x0: Don't miss reading the last bank registers
2026-02-26 23:41:04 +01:00
platform
platform/wmi: use generic driver_override infrastructure
2026-04-04 00:45:14 +02:00
pmdomain
Merge tag 'pmdomain-v7.0-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm
2026-03-20 09:46:15 -07:00
pnp
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
power
power: sequencing: pcie-m2: Fix device node reference leak in probe
2026-03-04 09:16:41 +01:00
powercap
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
pps
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
ps3
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
ptp
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
pwm
Convert 'alloc_flex' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
rapidio
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
ras
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
regulator
regulator: pca9450: Correct probed name for PCA9452
2026-03-10 14:52:42 +00:00
remoteproc
remoteproc: imx_rproc: Fix unreachable platform prepare_ops
2026-03-05 10:18:23 -07:00
resctrl
arm_mpam: Force __iomem casts
2026-03-13 14:17:30 +00:00
reset
reset: rzg2l-usbphy-ctrl: Check pwrrdy is valid before using it
2026-02-23 17:03:28 +01:00
rpmsg
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
rtc
Merge tag 'rtc-7.0' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux
2026-02-22 09:43:11 -08:00
s390
s390/ap: use generic driver_override infrastructure
2026-04-04 00:49:22 +02:00
sbus
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
scsi
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
2026-03-15 13:15:39 -07:00
sh
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
siox
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
slimbus
driver core: platform: use generic driver_override infrastructure
2026-03-17 20:30:57 +01:00
soc
Merge tag 'v7.0-rc5' into driver-core-next
2026-03-22 23:13:33 +01:00
soundwire
soundwire: debugfs: initialize firmware_file to empty string
2026-04-02 16:15:23 +02:00
spi
device property: Make modifications of fwnode "flags" thread safe
2026-03-26 22:00:59 +01:00
spmi
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
ssb
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
staging
staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie
2026-02-24 10:01:20 -08:00
target
scsi: target: Fix recursive locking in __configfs_open_file()
2026-02-28 20:41:52 -05:00
tc
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
tee
tee: shm: Remove refcounting of kernel pages
2026-03-03 09:03:04 +01:00
thermal
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
thunderbolt
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
tty
vt: save/restore unicode screen buffer for alternate screen
2026-03-13 09:15:58 +01:00
ufs
scsi: ufs: core: Fix SError in ufshcd_rtc_work() during UFS suspend
2026-03-07 11:08:39 -05:00
uio
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
usb
USB: ezcap401 needs USB_QUIRK_NO_BOS to function on 10gbs usb speed
2026-03-13 18:19:07 +01:00
vdpa
vdpa: use generic driver_override infrastructure
2026-04-04 00:47:50 +02:00
vfio
PCI: use generic driver_override infrastructure
2026-04-04 00:44:30 +02:00
vhost
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
video
fbdev: au1100fb: Fix build on MIPS64
2026-03-05 17:35:12 +01:00
virt
Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses
2026-02-22 08:26:33 -08:00
virtio
Convert more 'alloc_obj' cases to default GFP_KERNEL arguments
2026-02-21 20:03:00 -08:00
w1
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
watchdog
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
xen
PCI: use generic driver_override infrastructure
2026-04-04 00:44:30 +02:00
zorro
Convert 'alloc_flex' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
Kconfig
Merge tag 'staging-6.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging
2025-12-06 18:52:00 -08:00
Makefile
phy: enter drivers/phy/Makefile even without CONFIG_GENERIC_PHY
2026-02-04 20:45:26 +05:30