--- /dev/null
+From 6265539776a0810b7ce6398c27866ddb9c6bd154 Mon Sep 17 00:00:00 2001
+From: Adrian Salido <salidoa@google.com>
+Date: Tue, 25 Apr 2017 16:55:26 -0700
+Subject: driver core: platform: fix race condition with driver_override
+
+From: Adrian Salido <salidoa@google.com>
+
+commit 6265539776a0810b7ce6398c27866ddb9c6bd154 upstream.
+
+The driver_override implementation is susceptible to race condition when
+different threads are reading vs storing a different driver override.
+Add locking to avoid race condition.
+
+Fixes: 3d713e0e382e ("driver core: platform: add device binding path 'driver_override'")
+Cc: stable@vger.kernel.org
+Signed-off-by: Adrian Salido <salidoa@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/base/platform.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+--- a/drivers/base/platform.c
++++ b/drivers/base/platform.c
+@@ -866,7 +866,7 @@ static ssize_t driver_override_store(str
+ const char *buf, size_t count)
+ {
+ struct platform_device *pdev = to_platform_device(dev);
+- char *driver_override, *old = pdev->driver_override, *cp;
++ char *driver_override, *old, *cp;
+
+ if (count > PATH_MAX)
+ return -EINVAL;
+@@ -879,12 +879,15 @@ static ssize_t driver_override_store(str
+ if (cp)
+ *cp = '\0';
+
++ device_lock(dev);
++ old = pdev->driver_override;
+ if (strlen(driver_override)) {
+ pdev->driver_override = driver_override;
+ } else {
+ kfree(driver_override);
+ pdev->driver_override = NULL;
+ }
++ device_unlock(dev);
+
+ kfree(old);
+
+@@ -895,8 +898,12 @@ static ssize_t driver_override_show(stru
+ struct device_attribute *attr, char *buf)
+ {
+ struct platform_device *pdev = to_platform_device(dev);
++ ssize_t len;
+
+- return sprintf(buf, "%s\n", pdev->driver_override);
++ device_lock(dev);
++ len = sprintf(buf, "%s\n", pdev->driver_override);
++ device_unlock(dev);
++ return len;
+ }
+ static DEVICE_ATTR_RW(driver_override);
+
--- /dev/null
+From 80f18379a7c350c011d30332658aa15fe49a8fa5 Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Thu, 27 Apr 2017 09:42:24 +0200
+Subject: fs: add a VALID_OPEN_FLAGS
+
+From: Christoph Hellwig <hch@lst.de>
+
+commit 80f18379a7c350c011d30332658aa15fe49a8fa5 upstream.
+
+Add a central define for all valid open flags, and use it in the uniqueness
+check.
+
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/fcntl.c | 14 ++++----------
+ include/linux/fcntl.h | 6 ++++++
+ 2 files changed, 10 insertions(+), 10 deletions(-)
+
+--- a/fs/fcntl.c
++++ b/fs/fcntl.c
+@@ -742,16 +742,10 @@ static int __init fcntl_init(void)
+ * Exceptions: O_NONBLOCK is a two bit define on parisc; O_NDELAY
+ * is defined as O_NONBLOCK on some platforms and not on others.
+ */
+- BUILD_BUG_ON(21 - 1 /* for O_RDONLY being 0 */ != HWEIGHT32(
+- O_RDONLY | O_WRONLY | O_RDWR |
+- O_CREAT | O_EXCL | O_NOCTTY |
+- O_TRUNC | O_APPEND | /* O_NONBLOCK | */
+- __O_SYNC | O_DSYNC | FASYNC |
+- O_DIRECT | O_LARGEFILE | O_DIRECTORY |
+- O_NOFOLLOW | O_NOATIME | O_CLOEXEC |
+- __FMODE_EXEC | O_PATH | __O_TMPFILE |
+- __FMODE_NONOTIFY
+- ));
++ BUILD_BUG_ON(21 - 1 /* for O_RDONLY being 0 */ !=
++ HWEIGHT32(
++ (VALID_OPEN_FLAGS & ~(O_NONBLOCK | O_NDELAY)) |
++ __FMODE_EXEC | __FMODE_NONOTIFY));
+
+ fasync_cache = kmem_cache_create("fasync_cache",
+ sizeof(struct fasync_struct), 0, SLAB_PANIC, NULL);
+--- a/include/linux/fcntl.h
++++ b/include/linux/fcntl.h
+@@ -3,6 +3,12 @@
+
+ #include <uapi/linux/fcntl.h>
+
++/* list of all valid flags for the open/openat flags argument: */
++#define VALID_OPEN_FLAGS \
++ (O_RDONLY | O_WRONLY | O_RDWR | O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC | \
++ O_APPEND | O_NDELAY | O_NONBLOCK | O_NDELAY | __O_SYNC | O_DSYNC | \
++ FASYNC | O_DIRECT | O_LARGEFILE | O_DIRECTORY | O_NOFOLLOW | \
++ O_NOATIME | O_CLOEXEC | O_PATH | __O_TMPFILE)
+
+ #ifndef force_o_largefile
+ #define force_o_largefile() (BITS_PER_LONG != 32)
--- /dev/null
+From 629e014bb8349fcf7c1e4df19a842652ece1c945 Mon Sep 17 00:00:00 2001
+From: Christoph Hellwig <hch@lst.de>
+Date: Thu, 27 Apr 2017 09:42:25 +0200
+Subject: fs: completely ignore unknown open flags
+
+From: Christoph Hellwig <hch@lst.de>
+
+commit 629e014bb8349fcf7c1e4df19a842652ece1c945 upstream.
+
+Currently we just stash anything we got into file->f_flags, and the
+report it in fcntl(F_GETFD). This patch just clears out all unknown
+flags so that we don't pass them to the fs or report them.
+
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/open.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/fs/open.c
++++ b/fs/open.c
+@@ -900,6 +900,12 @@ static inline int build_open_flags(int f
+ int lookup_flags = 0;
+ int acc_mode = ACC_MODE(flags);
+
++ /*
++ * Clear out all open flags we don't know about so that we don't report
++ * them in fcntl(F_GETFD) or similar interfaces.
++ */
++ flags &= VALID_OPEN_FLAGS;
++
+ if (flags & (O_CREAT | __O_TMPFILE))
+ op->mode = (mode & S_IALLUGO) | S_IFREG;
+ else
projects / thirdparty / kernel / stable-queue.git / commitdiff
