From: Sasha Levin Date: Sun, 13 Jun 2021 23:34:56 +0000 (-0400) Subject: Fixes for 4.9 X-Git-Tag: v4.4.273~32 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2ba29ba195578b4828c8ecc903f6ad3b86397bb9;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 4.9 Signed-off-by: Sasha Levin --- diff --git a/queue-4.9/nfs-fix-a-potential-null-dereference-in-nfs_get_clie.patch b/queue-4.9/nfs-fix-a-potential-null-dereference-in-nfs_get_clie.patch new file mode 100644 index 00000000000..9ead454065f --- /dev/null +++ b/queue-4.9/nfs-fix-a-potential-null-dereference-in-nfs_get_clie.patch @@ -0,0 +1,38 @@ +From b05ee7e5d16a1609bb6155b586e7a826c0535484 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 3 Jun 2021 15:37:53 +0300 +Subject: NFS: Fix a potential NULL dereference in nfs_get_client() + +From: Dan Carpenter + +[ Upstream commit 09226e8303beeec10f2ff844d2e46d1371dc58e0 ] + +None of the callers are expecting NULL returns from nfs_get_client() so +this code will lead to an Oops. It's better to return an error +pointer. I expect that this is dead code so hopefully no one is +affected. + +Fixes: 31434f496abb ("nfs: check hostname in nfs_get_client") +Signed-off-by: Dan Carpenter +Signed-off-by: Trond Myklebust +Signed-off-by: Sasha Levin +--- + fs/nfs/client.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fs/nfs/client.c b/fs/nfs/client.c +index 28d8a57a9908..d322ed5cbc1c 100644 +--- a/fs/nfs/client.c ++++ b/fs/nfs/client.c +@@ -379,7 +379,7 @@ nfs_get_client(const struct nfs_client_initdata *cl_init, + + if (cl_init->hostname == NULL) { + WARN_ON(1); +- return NULL; ++ return ERR_PTR(-EINVAL); + } + + dprintk("--> nfs_get_client(%s,v%u)\n", +-- +2.30.2 + diff --git a/queue-4.9/perf-session-correct-buffer-copying-when-peeking-eve.patch b/queue-4.9/perf-session-correct-buffer-copying-when-peeking-eve.patch new file mode 100644 index 00000000000..21f3f2ccb48 --- /dev/null +++ b/queue-4.9/perf-session-correct-buffer-copying-when-peeking-eve.patch @@ -0,0 +1,55 @@ +From d0ff00d252a856464fd06be40f0646ab92a5982b Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sat, 5 Jun 2021 13:29:57 +0800 +Subject: perf session: Correct buffer copying when peeking events + +From: Leo Yan + +[ Upstream commit 197eecb6ecae0b04bd694432f640ff75597fed9c ] + +When peeking an event, it has a short path and a long path. The short +path uses the session pointer "one_mmap_addr" to directly fetch the +event; and the long path needs to read out the event header and the +following event data from file and fill into the buffer pointer passed +through the argument "buf". + +The issue is in the long path that it copies the event header and event +data into the same destination address which pointer "buf", this means +the event header is overwritten. We are just lucky to run into the +short path in most cases, so we don't hit the issue in the long path. + +This patch adds the offset "hdr_sz" to the pointer "buf" when copying +the event data, so that it can reserve the event header which can be +used properly by its caller. + +Fixes: 5a52f33adf02 ("perf session: Add perf_session__peek_event()") +Signed-off-by: Leo Yan +Acked-by: Adrian Hunter +Acked-by: Jiri Olsa +Cc: Alexander Shishkin +Cc: Kan Liang +Cc: Mark Rutland +Cc: Namhyung Kim +Cc: Peter Zijlstra +Link: http://lore.kernel.org/lkml/20210605052957.1070720-1-leo.yan@linaro.org +Signed-off-by: Arnaldo Carvalho de Melo +Signed-off-by: Sasha Levin +--- + tools/perf/util/session.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/tools/perf/util/session.c b/tools/perf/util/session.c +index 89808ab008ad..9187d8119a75 100644 +--- a/tools/perf/util/session.c ++++ b/tools/perf/util/session.c +@@ -1427,6 +1427,7 @@ int perf_session__peek_event(struct perf_session *session, off_t file_offset, + if (event->header.size < hdr_sz || event->header.size > buf_sz) + return -1; + ++ buf += hdr_sz; + rest = event->header.size - hdr_sz; + + if (readn(fd, buf, rest) != (ssize_t)rest) +-- +2.30.2 + diff --git a/queue-4.9/series b/queue-4.9/series index cd0debc0935..416a63bf6dd 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -32,3 +32,5 @@ usb-fix-various-gadgets-null-ptr-deref-on-10gbps-cabling.patch usb-fix-various-gadget-panics-on-10gbps-cabling.patch regulator-core-resolve-supply-for-boot-on-always-on-regulators.patch perf-fix-data-race-between-pin_count-increment-decrement.patch +nfs-fix-a-potential-null-dereference-in-nfs_get_clie.patch +perf-session-correct-buffer-copying-when-peeking-eve.patch