malhuda/msm-4.14
1
0
Fork 0
mirror of https://github.com/rd-stuffs/msm-4.14.git synced 2025-02-20 11:45:48 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
msm-4.14/drivers/hid
History
Kees Cook 43622021d2 HID: validate HID report id size 
The "Report ID" field of a HID report is used to build indexes of
reports. The kernel's index of these is limited to 256 entries, so any
malicious device that sets a Report ID greater than 255 will trigger
memory corruption on the host:

[ 1347.156239] BUG: unable to handle kernel paging request at ffff88094958a878
[ 1347.156261] IP: [<ffffffff813e4da0>] hid_register_report+0x2a/0x8b

CVE-2013-2888

Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: stable@kernel.org
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2013-08-29 11:01:25 +02:00
..
i2c-hid
HID: i2c-hid: support sending HID output reports using the output register
2013-07-04 15:00:11 +02:00
usbhid
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid
2013-04-30 09:37:55 -07:00
hid-a4tech.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-apple.c
HID: apple: Add support for the 2013 Macbook Air
2013-07-02 20:39:29 -07:00
hid-appleir.c
HID: appleir: add support for Apple ir devices
2013-04-18 19:06:20 -07:00
hid-aureal.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-axff.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-belkin.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-cherry.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-chicony.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-core.c
HID: validate HID report id size
2013-08-29 11:01:25 +02:00
hid-cypress.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-debug.c
HID: debug: fix RCU preemption issue
2013-05-06 13:07:33 +02:00
hid-dr.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-elecom.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-elo.c
HID: elo: add quirks for broken firmware
2013-05-29 01:11:43 +02:00
hid-emsff.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-ezkey.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-gaff.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-generic.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-gyration.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-holtek-kbd.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-holtek-mouse.c
HID: holtek-mouse: use module_hid_driver() to simplify the code
2013-05-29 15:04:33 +02:00
hid-holtekff.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-huion.c
HID: add support for Huion 580 tablet
2013-05-28 14:29:38 +02:00
hid-hyperv.c
HID: hyperv: convert alloc+memcpy to memdup
2013-06-03 13:32:22 +02:00
hid-icade.c
HID: icade: u16 which never < 0
2013-04-24 16:32:27 +02:00
hid-ids.h
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
2013-07-04 15:35:08 -07:00
hid-input.c
Merge branches 'for-3.11/multitouch', 'for-3.11/sony' and 'for-3.11/upstream' into for-linus
2013-07-04 15:02:26 +02:00
hid-kensington.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-keytouch.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-kye.c
HID: kye: Add report fixup for Genius Gila Gaming mouse
2013-07-03 18:14:33 +02:00
hid-lcpower.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-lenovo-tpkbd.c
Merge branches 'for-3.10/multitouch', 'for-3.10/roccat' and 'for-3.10/upstream' into for-linus
2013-04-30 10:19:07 +02:00
hid-lg2ff.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-lg3ff.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-lg4ff.c
Merge branches 'for-3.10/appleir', 'for-3.10/hid-debug', 'for-3.10/hid-driver-transport-cleanups', 'for-3.10/i2c-hid' and 'for-3.10/logitech' into for-linus
2013-04-30 10:12:44 +02:00
hid-lg.c
Merge branches 'for-3.9/logitech', 'for-3.9/multitouch', 'for-3.9/ntrig', 'for-3.9/thingm' and 'for-3.9/upstream' into for-linus
2013-02-21 10:45:01 +01:00
hid-lg.h
HID: hid-lg4ff: Adjust X axis input value accordingly to selected range.
2012-09-25 15:41:02 +02:00
hid-lgff.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-logitech-dj.c
Revert "HID: hid-logitech-dj: querying_devices was never set"
2013-08-09 11:34:19 +02:00
hid-logitech-dj.h
HID: Revert "Revert "HID: Fix logitech-dj: missing Unifying device issue""
2013-07-22 16:32:24 +02:00
hid-magicmouse.c
Merge branches 'for-3.10/appleir', 'for-3.10/hid-debug', 'for-3.10/hid-driver-transport-cleanups', 'for-3.10/i2c-hid' and 'for-3.10/logitech' into for-linus
2013-04-30 10:12:44 +02:00
hid-microsoft.c
HID: Add PID for Japanese version of NE4K keyboard
2013-04-29 10:16:55 +02:00
hid-monterey.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-multitouch.c
Merge branches 'for-3.11/multitouch', 'for-3.11/sony' and 'for-3.11/upstream' into for-linus
2013-07-04 15:02:26 +02:00
hid-ntrig.c
HID: use hid_hw_wait() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-ortek.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-petalynx.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-picolcd_backlight.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-picolcd_cir.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-picolcd_core.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-picolcd_debugfs.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-picolcd_fb.c
HID: use hid_hw_wait() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-picolcd_lcd.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-picolcd_leds.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-picolcd.h
Merge branches 'for-3.10/multitouch', 'for-3.10/roccat' and 'for-3.10/upstream' into for-linus
2013-04-30 10:19:07 +02:00
hid-pl.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-primax.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-prodikeys.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-roccat-arvo.c
HID: roccat: rename roccat_common functions to roccat_common2
2012-06-28 10:34:01 +02:00
hid-roccat-arvo.h
hid-roccat-common.c
HID: roccat: rename roccat_common functions to roccat_common2
2012-06-28 10:34:01 +02:00
hid-roccat-common.h
HID: roccat: rename roccat_common functions to roccat_common2
2012-06-28 10:34:01 +02:00
hid-roccat-isku.c
HID: roccat: add support for IskuFX
2013-03-14 11:50:49 +01:00
hid-roccat-isku.h
HID: roccat: add support for IskuFX
2013-03-14 11:50:49 +01:00
hid-roccat-kone.c
HID: roccat: added media key support for Kone
2013-04-08 10:33:13 +02:00
hid-roccat-kone.h
HID: roccat: added media key support for Kone
2013-04-08 10:33:13 +02:00
hid-roccat-koneplus.c
HID: roccat: deprecate some Koneplus attributes
2012-11-12 15:30:28 +01:00
hid-roccat-koneplus.h
HID: roccat: fix wrong attr size for koneplus tcu
2012-11-18 22:58:28 +01:00
hid-roccat-konepure.c
HID: roccat: add support for Roccat Kone Pure gaming mouse
2013-03-14 11:50:49 +01:00
hid-roccat-konepure.h
HID: roccat: add support for Roccat Kone Pure gaming mouse
2013-03-14 11:50:49 +01:00
hid-roccat-kovaplus.c
HID: roccat: deprecate some Kovaplus attributes
2012-11-12 15:30:29 +01:00
hid-roccat-kovaplus.h
HID: roccat: deprecate some Kovaplus attributes
2012-11-12 15:30:29 +01:00
hid-roccat-lua.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-roccat-lua.h
HID: roccat: add support for Roccat Lua
2012-10-17 10:44:47 +02:00
hid-roccat-pyra.c
HID: roccat: deprecated some Pyra attributes
2012-11-12 15:30:28 +01:00
hid-roccat-pyra.h
HID: roccat: deprecated some Pyra attributes
2012-11-12 15:30:28 +01:00
hid-roccat-savu.c
HID: roccat: enable Savu device reset
2012-11-05 13:17:39 +01:00
hid-roccat-savu.h
HID: roccat: added sensor sysfs attribute for Savu
2012-07-20 09:50:42 +02:00
hid-roccat.c
HID: roccat: check cdev_add return value
2013-06-18 11:00:36 +02:00
hid-saitek.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-samsung.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-sensor-hub.c
HID: use hid_hw_wait() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-sjoy.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-sony.c
HID: sony: fix HID mapping for PS3 sixaxis controller
2013-07-24 16:57:09 +02:00
hid-speedlink.c
HID: Kconfig: Remove explicit transport layer dependencies
2013-02-25 13:26:40 +01:00
hid-steelseries.c
HID: hid-steelseries fix led class build issue
2013-05-03 10:26:52 +02:00
hid-sunplus.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-thingm.c
HID: Kconfig: Remove explicit transport layer dependencies
2013-02-25 13:26:40 +01:00
hid-tivo.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-tmff.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-topseed.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-twinhan.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-uclogic.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-wacom.c
HID: wacom: Intuos4 battery charging changes
2013-07-04 15:04:47 +02:00
hid-waltop.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hid-wiimote-core.c
HID: wiimote: support Nintendo Wii U Pro Controller
2013-06-27 11:57:49 +02:00
hid-wiimote-debug.c
HID: wiimote: fix DRM debug-attr to correctly parse input
2013-06-03 11:07:06 +02:00
hid-wiimote-modules.c
HID: wiimote: support Nintendo Wii U Pro Controller
2013-06-27 11:57:49 +02:00
hid-wiimote.h
HID: wiimote: support Nintendo Wii U Pro Controller
2013-06-27 11:57:49 +02:00
hid-zpff.c
HID: use hid_hw_request() instead of direct call to usbhid
2013-02-25 13:26:41 +01:00
hid-zydacron.c
HID: Use module_hid_driver macro
2013-01-03 10:27:31 +01:00
hidraw.c
HID: hidraw: fix improper mutex release
2013-07-31 19:48:55 +02:00
Kconfig
Merge branches 'for-3.11/wacom-fixed' and 'for-3.11/wiimote' into for-linus
2013-07-04 15:05:02 +02:00
Makefile
Merge branches 'for-3.11/wacom-fixed' and 'for-3.11/wiimote' into for-linus
2013-07-04 15:05:02 +02:00
uhid.c
HID: uhid: make creating devices work on 64/32 systems
2013-02-18 11:28:16 +01:00