linux/drivers/base
Richard Fitzgerald 00bb549d7d
regmap: maple: Fix cache corruption in regcache_maple_drop()
When keeping the upper end of a cache block entry, the entry[] array
must be indexed by the offset from the base register of the block,
i.e. max - mas.index.

The code was indexing entry[] by only the register address, leading
to an out-of-bounds access that copied some part of the kernel
memory over the cache contents.

This bug was not detected by the regmap KUnit test because it only
tests with a block of registers starting at 0, so mas.index == 0.

Signed-off-by: Richard Fitzgerald <rf@opensource.cirrus.com>
Fixes: f033c26de5 ("regmap: Add maple tree based register cache")
Link: https://msgid.link/r/20240327114406.976986-1-rf@opensource.cirrus.com
Signed-off-by: Mark Brown <broonie@kernel.org>
2024-03-27 15:00:28 +00:00
..
firmware_loader firmware_loader: Suppress warning on FW_OPT_NO_WARN flag 2024-03-07 22:05:09 +00:00
power Power management updates for 6.9-rc1 2024-03-13 11:40:06 -07:00
regmap regmap: maple: Fix cache corruption in regcache_maple_drop() 2024-03-27 15:00:28 +00:00
test drivers: base: test: Make property entry API test modular 2023-10-05 13:11:44 +02:00
arch_numa.c arm64: irq: set the correct node for VMAP stack 2023-12-05 14:26:50 +00:00
arch_topology.c topology: Set capacity_freq_ref in all cases 2024-01-30 16:01:22 -08:00
attribute_container.c
auxiliary.c driver core: mark remaining local bus_type variables as const 2023-12-21 13:56:30 +01:00
base.h block: make block_class constant 2024-03-06 08:29:20 -07:00
bus.c driver core: bus: constantify subsys_register() calls 2023-12-21 13:55:38 +01:00
cacheinfo.c mm and cache_info: remove unnecessary CPU cache info update 2024-02-22 10:24:41 -08:00
class.c class: fix use-after-free in class_register() 2024-01-04 17:13:04 +01:00
component.c driver core: component: fix spellos 2024-01-30 15:58:06 -08:00
container.c driver core: container: make container_subsys const 2023-12-21 13:56:10 +01:00
core.c driver core: Add FWLINK_FLAG_IGNORE to completely ignore a fwnode link 2024-03-07 22:10:01 +00:00
cpu.c Driver core changes for 6.9-rc1 2024-03-21 13:34:15 -07:00
dd.c device: core: Log warning for devices pending deferred probe on timeout 2024-03-07 22:10:31 +00:00
devcoredump.c devcoredump: Send uevent once devcd is ready 2023-11-28 19:39:18 +00:00
devres.c drivers/base: use ARCH_DMA_MINALIGN instead of ARCH_KMALLOC_MINALIGN 2023-06-19 16:19:20 -07:00
devtmpfs.c driver core: clean up the logic to determine which /sys/dev/ directory to use 2023-03-31 17:45:07 +02:00
driver.c
firmware.c
hypervisor.c
init.c drivers: base: Move cpu_dev_init() after node_dev_init() 2023-12-06 12:41:49 +09:00
isa.c driver core: mark remaining local bus_type variables as const 2023-12-21 13:56:30 +01:00
Kconfig driver core: Add CONFIG_FW_DEVLINK_SYNC_STATE_TIMEOUT 2023-03-28 18:45:59 +02:00
Makefile
map.c
memory.c mm/memory_hotplug: introduce MEM_PREPARE_ONLINE/MEM_FINISH_OFFLINE notifiers 2024-02-21 16:00:01 -08:00
module.c
node.c cxl/region: Deal with numa nodes not enumerated by SRAT 2024-03-12 14:54:03 -07:00
physical_location.c
physical_location.h
pinctrl.c
platform-msi.c Driver core changes for 6.9-rc1 2024-03-21 13:34:15 -07:00
platform.c driver core: platform: Annotate struct irq_affinity_devres with __counted_by 2023-10-07 18:13:09 +02:00
property.c device property: Don't use "proxy" headers 2024-03-07 22:07:26 +00:00
soc.c driver core: mark remaining local bus_type variables as const 2023-12-21 13:56:30 +01:00
swnode.c device property: Don't use "proxy" headers 2024-03-07 22:07:26 +00:00
syscore.c
topology.c
trace.c
trace.h
transport_class.c