github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 22:52:35 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
a65d094db8
linux/drivers
History
Hao Si a65d094db8 soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) 
[ Upstream commit 2663b33885 ]

The local variable 'cpumask_t mask' is in the stack memory, and its address
is assigned to 'desc->affinity' in 'irq_set_affinity_hint()'.
But the memory area where this variable is located is at risk of being
modified.

During LTP testing, the following error was generated:

Unable to handle kernel paging request at virtual address ffff000012e9b790
Mem abort info:
  ESR = 0x96000007
  Exception class = DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
Data abort info:
  ISV = 0, ISS = 0x00000007
  CM = 0, WnR = 0
swapper pgtable: 4k pages, 48-bit VAs, pgdp = 0000000075ac5e07
[ffff000012e9b790] pgd=00000027dbffe003, pud=00000027dbffd003,
pmd=00000027b6d61003, pte=0000000000000000
Internal error: Oops: 96000007 [#1] PREEMPT SMP
Modules linked in: xt_conntrack
Process read_all (pid: 20171, stack limit = 0x0000000044ea4095)
CPU: 14 PID: 20171 Comm: read_all Tainted: G    B   W
Hardware name: NXP Layerscape LX2160ARDB (DT)
pstate: 80000085 (Nzcv daIf -PAN -UAO)
pc : irq_affinity_hint_proc_show+0x54/0xb0
lr : irq_affinity_hint_proc_show+0x4c/0xb0
sp : ffff00001138bc10
x29: ffff00001138bc10 x28: 0000ffffd131d1e0
x27: 00000000007000c0 x26: ffff8025b9480dc0
x25: ffff8025b9480da8 x24: 00000000000003ff
x23: ffff8027334f8300 x22: ffff80272e97d000
x21: ffff80272e97d0b0 x20: ffff8025b9480d80
x19: ffff000009a49000 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000
x15: 0000000000000000 x14: 0000000000000000
x13: 0000000000000000 x12: 0000000000000040
x11: 0000000000000000 x10: ffff802735b79b88
x9 : 0000000000000000 x8 : 0000000000000000
x7 : ffff000009a49848 x6 : 0000000000000003
x5 : 0000000000000000 x4 : ffff000008157d6c
x3 : ffff00001138bc10 x2 : ffff000012e9b790
x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
 irq_affinity_hint_proc_show+0x54/0xb0
 seq_read+0x1b0/0x440
 proc_reg_read+0x80/0xd8
 __vfs_read+0x60/0x178
 vfs_read+0x94/0x150
 ksys_read+0x74/0xf0
 __arm64_sys_read+0x24/0x30
 el0_svc_common.constprop.0+0xd8/0x1a0
 el0_svc_handler+0x34/0x88
 el0_svc+0x10/0x14
Code: f9001bbf 943e0732 f94066c2 b4000062 (f9400041)
---[ end trace b495bdcb0b3b732b ]---
Kernel panic - not syncing: Fatal exception
SMP: stopping secondary CPUs
SMP: failed to stop secondary CPUs 0,2-4,6,8,11,13-15
Kernel Offset: disabled
CPU features: 0x0,21006008
Memory Limit: none
---[ end Kernel panic - not syncing: Fatal exception ]---

Fix it by using 'cpumask_of(cpu)' to get the cpumask.

Signed-off-by: Hao Si <si.hao@zte.com.cn>
Signed-off-by: Lin Chen <chen.lin5@zte.com.cn>
Signed-off-by: Yi Wang <wang.yi59@zte.com.cn>
Signed-off-by: Li Yang <leoyang.li@nxp.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-12-30 11:25:38 +01:00
..
accessibility
acpi ACPI: button: Add DMI quirk for Medion Akoya E2228T 2020-11-24 13:27:19 +01:00
amba
android binder: fix UAF when releasing todo list 2020-10-29 09:54:56 +01:00
ata ata: sata_nv: Fix retrieving of active qcs 2020-11-05 11:08:38 +01:00
atm atm: nicstar: Unmap DMA on send error 2020-11-24 13:27:15 +01:00
auxdisplay
base PM: runtime: Resume the device earlier in __device_release_driver() 2020-11-10 12:36:01 +01:00
bcma
block nbd: fix a block_device refcount leak in nbd_release 2020-11-18 19:18:47 +01:00
bluetooth Bluetooth: hci_uart: Cancel init work before unregistering 2020-10-29 09:55:05 +01:00
bus bus/fsl_mc: Do not rely on caller to provide non NULL mc_io 2020-11-05 11:08:43 +01:00
cdrom
char random32: make prandom_u32() output unpredictable 2020-11-18 19:18:52 +01:00
clk clk: ti: clockdomain: fix static checker warning 2020-11-05 11:08:44 +01:00
clocksource clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() 2020-10-01 13:14:51 +02:00
connector
cpufreq acpi-cpufreq: Honor _PSD table setting on new AMD CPUs 2020-11-05 11:08:47 +01:00
cpuidle cpuidle: Fixup IRQ state 2020-09-09 19:04:23 +02:00
crypto chelsio/chtls: fix panic during unload reload chtls 2020-12-08 10:18:55 +01:00
dax
dca
devfreq PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out 2020-10-01 13:14:26 +02:00
dio
dma dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size 2020-12-02 08:48:09 +01:00
dma-buf dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) 2020-10-01 13:14:24 +02:00
edac EDAC/ti: Fix handling of platform_get_irq() error 2020-10-29 09:55:00 +01:00
eisa
extcon extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' 2020-06-25 15:33:01 +02:00
firewire
firmware firmware: arm_sdei: Use cpus_read_lock() to avoid races with cpuhp 2020-10-01 13:14:35 +02:00
fmc
fpga fpga: dfl: fix bug in port reset handshake 2020-07-29 10:16:48 +02:00
fsi
gnss gnss: sirf: fix error return code in sirf_probe() 2020-06-22 09:05:28 +02:00
gpio gpio: pcie-idio-24: Enable PEX8311 interrupts 2020-11-18 19:18:50 +01:00
gpu drm/atomic_helper: Stop modesets on unregistered connectors harder 2020-12-02 08:48:08 +01:00
hid HID: Add Logitech Dinovo Edge battery quirk 2020-12-02 08:48:09 +01:00
hsi
hv hv_balloon: disable warning when floor reached 2020-11-18 19:18:41 +01:00
hwmon hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61} 2020-10-29 09:55:02 +01:00
hwspinlock
hwtracing coresight: tmc: Fix TMC mode read in tmc_read_unprepare_etb() 2020-08-19 08:14:58 +02:00
i2c i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc() 2020-12-11 13:25:04 +01:00
ide
idle
iio iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode 2020-11-24 13:27:25 +01:00
infiniband RDMA/i40iw: Address an mmap handler exploit in i40iw 2020-12-08 10:18:55 +01:00
input Input: i8042 - fix error return code in i8042_setup_aux() 2020-12-11 13:25:04 +01:00
iommu iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs 2020-12-11 13:25:03 +01:00
ipack ipack: tpci200: fix error return code in tpci200_register() 2020-05-27 17:37:43 +02:00
irqchip irqchip/gic-v3-its: Unconditionally save/restore the ITS state on suspend 2020-12-30 11:25:38 +01:00
isdn PCI: add USR vendor id and use it in r8169 and w6692 driver 2020-06-22 09:05:23 +02:00
leds leds: bcm6328, bcm6358: use devres LED registering function 2020-11-05 11:08:46 +01:00
lightnvm
macintosh drivers/macintosh: Fix memleak in windfarm_pm112 driver 2020-06-22 09:05:29 +02:00
mailbox mailbox: avoid timer start from callback 2020-10-30 10:38:21 +01:00
mcb
md dm writecache: remove BUG() and fail gracefully instead 2020-12-11 13:25:04 +01:00
media media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect 2020-11-05 11:08:46 +01:00
memory memory: emif: Remove bogus debugfs error handling 2020-11-05 11:08:45 +01:00
memstick
message scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() 2020-11-05 11:08:47 +01:00
mfd mfd: sprd: Add wakeup capability for PMIC IRQ 2020-11-18 19:18:46 +01:00
misc mei: protect mei_cl_mtu from null dereference 2020-11-18 19:18:49 +01:00
mmc mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove 2020-11-18 19:18:50 +01:00
mtd ubi: check kthread_should_stop() after the setting of task state 2020-11-05 11:08:52 +01:00
mux
net iwlwifi: mvm: fix kernel panic in case of assert during CSA 2020-12-30 11:25:38 +01:00
nfc nfc: s3fwrn5: use signed integer for parsing GPIO numbers 2020-12-02 08:48:11 +01:00
ntb NTB: hw: amd: fix an issue about leak system resources 2020-10-30 10:38:25 +01:00
nubus
nvdimm libnvdimm: Fix endian conversion issues 2020-06-07 13:17:53 +02:00
nvme nvme: free sq/cq dbbuf pointers when dbbuf set fails 2020-12-02 08:48:09 +01:00
nvmem nvmem: qfprom: remove incorrect write support 2020-06-10 21:35:00 +02:00
of of/address: Fix of_node memory leak in of_dma_is_coherent 2020-11-18 19:18:48 +01:00
opp
oprofile
parisc parisc: mask out enable and reserved bits from sba imask 2020-08-19 08:15:07 +02:00
parport
pci PCI: iproc: Set affinity mask on MSI interrupts 2020-10-30 10:38:21 +01:00
pcmcia
perf drivers/perf: xgene_pmu: Fix uninitialized resource struct 2020-10-29 09:55:00 +01:00
phy phy: tegra: xusb: Fix dangling pointer on probe failure 2020-12-02 08:48:10 +01:00
pinctrl pinctrl: baytrail: Fix pin being driven low for a while on gpiod_get(..., GPIOD_OUT_HIGH) 2020-12-11 13:24:59 +01:00
platform platform/x86: toshiba_acpi: Fix the wrong variable assignment 2020-12-02 08:48:12 +01:00
pnp
power power: supply: test_power: add missing newlines when printing parameters by sysfs 2020-11-05 11:08:43 +01:00
powercap powercap: restrict energy meter to root access 2020-11-10 21:11:27 +01:00
pps
ps3
ptp
pwm pwm: img: Fix null pointer access in probe 2020-10-30 10:38:21 +01:00
rapidio rapidio: fix the missed put_device() for rio_mport_add_riodev 2020-10-30 10:38:21 +01:00
ras
regulator regulator: workaround self-referent regulators 2020-11-24 13:27:25 +01:00
remoteproc remoteproc: qcom: q6v5: Update running state before requesting stop 2020-08-21 11:05:34 +02:00
reset
rpmsg rpmsg: glink: Use complete_all for open states 2020-11-05 11:08:43 +01:00
rtc rtc: rx8010: don't modify the global rtc ops 2020-11-05 11:08:54 +01:00
s390 s390/qeth: fix tear down of async TX buffers 2020-12-02 08:48:11 +01:00
sbus
scsi scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE 2020-12-30 11:25:38 +01:00
sfi
sh
siox
slimbus slimbus: qcom-ngd-ctrl: disable ngd in qmi server down callback 2020-10-29 09:55:12 +01:00
sn
soc soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) 2020-12-30 11:25:38 +01:00
soundwire
spi spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe 2020-12-30 11:25:37 +01:00
spmi
ssb
staging speakup: Reject setting the speakup line discipline outside of speakup 2020-12-11 13:25:03 +01:00
target scsi: target: iscsi: Fix cmd abort fabric stop race 2020-12-02 08:48:10 +01:00
tc
tee optee: add writeback to valid memory type 2020-12-02 08:48:12 +01:00
thermal thermal: rcar_thermal: Handle probe error gracefully 2020-10-01 13:14:39 +02:00
thunderbolt thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() 2020-11-18 19:18:49 +01:00
tty tty: Fix ->session locking 2020-12-11 13:25:01 +01:00
uio uio: Fix use-after-free in uio_unregister_device() 2020-11-18 19:18:49 +01:00
usb USB: serial: option: fix Quectel BG96 matching 2020-12-11 13:25:00 +01:00
uwb
vfio vfio: platform: fix reference leak in vfio_platform_open 2020-11-18 19:18:46 +01:00
vhost vringh: fix __vringh_iov() when riov and wiov are different 2020-11-05 11:08:53 +01:00
video video: hyperv_fb: Fix the cache type when mapping the VRAM 2020-12-02 08:48:11 +01:00
virt drivers/virt/fsl_hypervisor: Fix error handling path 2020-10-29 09:55:09 +01:00
virtio virtio_ring: Avoid loop when vq is broken in virtqueue_poll 2020-08-26 10:31:01 +02:00
visorbus
vlynq
vme
w1 w1: mxc_w1: Fix timeout resolution problem leading to bus error 2020-11-05 11:08:47 +01:00
watchdog drivers: watchdog: rdc321x_wdt: Fix race condition bugs 2020-11-05 11:08:44 +01:00
xen xen/events: block rogue events for some time 2020-11-05 11:08:37 +01:00
zorro
Kconfig
Makefile