linux-stable

mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux-stable.git synced 2025-09-13 11:07:46 +10:00

Go to file

Duoming Zhou f10d3c7267 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog [ Upstream commit `8bf935cf78` ] The ptp_ocp_detach() only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timer_delete_sync() is not called. This leads to race conditions where the devlink that contains the ptp_ocp is deallocated while the timer handler is still accessing it, resulting in use-after-free bugs. The following details one of the race scenarios. (thread 1) \| (thread 2) ptp_ocp_remove() \| ptp_ocp_detach() \| ptp_ocp_watchdog() if (timer_pending(&bp->watchdog))\| bp = timer_container_of() timer_delete_sync() \| \| devlink_free(devlink) //free \| \| bp-> //use Resolve this by unconditionally calling timer_delete_sync() to ensure the timer is reliably deactivated, preventing any access after free. Fixes: `773bda9649` ("ptp: ocp: Expose various resources on the timecard.") Signed-off-by: Duoming Zhou <duoming@zju.edu.cn> Reviewed-by: Vadim Fedorenko <vadim.fedorenko@linux.dev> Link: https://patch.msgid.link/20250828082949.28189-1-duoming@zju.edu.cn Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org>		2025-09-09 19:02:22 +02:00
arch	ARM: dts: microchip: sama7d65: Force SDMMC Legacy mode	2025-09-09 19:02:18 +02:00
block	blk-zoned: Fix a lockdep complaint about recursive locking	2025-09-04 16:55:46 +02:00
certs
crypto	crypto: acomp - Fix CFI failure due to type punning	2025-08-28 16:34:34 +02:00
Documentation	dt-bindings: display/msm: qcom,mdp5: drop lut clock	2025-09-04 16:55:37 +02:00
drivers	ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog	2025-09-09 19:02:22 +02:00
fs	fs: writeback: fix use-after-free in __mark_inode_dirty()	2025-09-09 19:02:16 +02:00
include	LoongArch: Add cpuhotplug hooks to fix high cpu usage of vCPU threads	2025-09-09 19:02:15 +02:00
init
io_uring	io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths	2025-09-04 16:55:43 +02:00
ipc
kernel	dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted	2025-09-04 16:55:47 +02:00
lib
LICENSES
mm	mm/mremap: fix WARN with uffd that has remap events disabled	2025-08-28 16:34:35 +02:00
net	net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y	2025-09-09 19:02:21 +02:00
rust	rust: alloc: fix `rusttest` by providing `Cmalloc::aligned_layout` too	2025-08-28 16:34:46 +02:00
samples
scripts
security
sound	ALSA: usb-audio: Allow Focusrite devices to use low samplerates	2025-09-09 19:02:15 +02:00
tools	netfilter: nft_flowtable.sh: re-run with random mtu sizes	2025-09-09 19:02:21 +02:00
usr
virt
.clang-format
.clippy.toml
.cocciconfig
.editorconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
.pylintrc
.rustfmt.toml
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS
Makefile	Linux 6.16.5	2025-09-04 16:55:53 +02:00
README

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the reStructuredText markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.