/* * Copyright © 1999-2010 David Woodhouse * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA * */ #ifndef __MTD_NFTL_USER_H__ #define __MTD_NFTL_USER_H__ #include /* Block Control Information */ struct nftl_bci { unsigned char ECCSig[6]; __u8 Status; __u8 Status1; }__attribute__((packed)); /* Unit Control Information */ struct nftl_uci0 { __u16 VirtUnitNum; __u16 ReplUnitNum; __u16 SpareVirtUnitNum; __u16 SpareReplUnitNum; } __attribute__((packed)); struct nftl_uci1 { __u32 WearInfo; __u16 EraseMark; __u16 EraseMark1; } __attribute__((packed)); struct nftl_uci2 { __u16 FoldMark; __u16 FoldMark1; __u32 unused; } __attribute__((packed)); union nftl_uci { struct nftl_uci0 a; struct nftl_uci1 b; struct nftl_uci2 c; }; struct nftl_oob { struct nftl_bci b; union nftl_uci u; }; /* NFTL Media Header */ struct NFTLMediaHeader { char DataOrgID[6]; __u16 NumEraseUnits; __u16 FirstPhysicalEUN; __u32 FormattedSize; unsigned char UnitSizeFactor; } __attribute__((packed)); #define MAX_ERASE_ZONES (8192 - 512) #define ERASE_MARK 0x3c69 #define SECTOR_FREE 0xff #define SECTOR_USED 0x55 #define SECTOR_IGNORE 0x11 #define SECTOR_DELETED 0x00 #define FOLD_MARK_IN_PROGRESS 0x5555 #define ZONE_GOOD 0xff #define ZONE_BAD_ORIGINAL 0 #define ZONE_BAD_MARKED 7 #endif /* __MTD_NFTL_USER_H__ */ t/commit/include/uapi/asm-generic/swab.h?h=nds-private-remove&id=a76a82a3e38c8d3fb6499e3dfaeb0949241ab588'>commitdiff
diff options
context:
space:
mode:
authorPeter Zijlstra <peterz@infradead.org>2017-01-26 16:39:55 +0100
committerIngo Molnar <mingo@kernel.org>2017-01-30 11:41:25 +0100
commita76a82a3e38c8d3fb6499e3dfaeb0949241ab588 (patch)
treeb5bc906278fe1ac66d75de984d26bf59b43b3ed8 /include/uapi/asm-generic/swab.h
parent566cf877a1fcb6d6dc0126b076aad062054c2637 (diff)
perf/core: Fix use-after-free bug
Dmitry reported a KASAN use-after-free on event->group_leader. It turns out there's a hole in perf_remove_from_context() due to event_function_call() not calling its function when the task associated with the event is already dead. In this case the event will have been detached from the task, but the grouping will have been retained, such that group operations might still work properly while there are live child events etc. This does however mean that we can miss a perf_group_detach() call when the group decomposes, this in turn can then lead to use-after-free. Fix it by explicitly doing the group detach if its still required. Reported-by: Dmitry Vyukov <dvyukov@google.com> Tested-by: Dmitry Vyukov <dvyukov@google.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Jiri Olsa <jolsa@redhat.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: stable@vger.kernel.org # v4.5+ Cc: syzkaller <syzkaller@googlegroups.com> Fixes: 63b6da39bb38 ("perf: Fix perf_event_exit_task() race") Link: http://lkml.kernel.org/r/20170126153955.GD6515@twins.programming.kicks-ass.net Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'include/uapi/asm-generic/swab.h')