github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-15 02:21:59 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
aa8141daf0
linux/drivers/char
History
Kamlakant Patel b066c9b199 ipmi_ssif: Fix kernel panic at msg_done_handler 
[ Upstream commit f002612b9d ]

This happens when BMC doesn't return any data and the code is trying
to print the value of data[2].

Getting following crash:
[  484.728410] Unable to handle kernel NULL pointer dereference at virtual address 00000002
[  484.736496] pgd = ffff0000094a2000
[  484.739885] [00000002] *pgd=00000047fcffe003, *pud=00000047fcffd003, *pmd=0000000000000000
[  484.748158] Internal error: Oops: 96000005 [#1] SMP
[...]
[  485.101451] Call trace:
[...]
[  485.188473] [<ffff000000a46e68>] msg_done_handler+0x668/0x700 [ipmi_ssif]
[  485.195249] [<ffff000000a456b8>] ipmi_ssif_thread+0x110/0x128 [ipmi_ssif]
[  485.202038] [<ffff0000080f1430>] kthread+0x108/0x138
[  485.206994] [<ffff0000080838e0>] ret_from_fork+0x10/0x30
[  485.212294] Code: aa1903e1 aa1803e0 b900227f 95fef6a5 (39400aa3)

Adding a check to validate the data len before printing data[2] to fix this issue.

Signed-off-by: Kamlakant Patel <kamlakant.patel@cavium.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-05-30 07:49:12 +02:00
..
agp agp/intel: Flush all chipset writes after updating the GGTT 2018-03-22 09:23:29 +01:00
hw_random hwrng: exynos - use __maybe_unused to hide pm functions 2018-02-25 11:03:47 +01:00
ipmi ipmi_ssif: Fix kernel panic at msg_done_handler 2018-05-30 07:49:12 +02:00
mwave
pcmcia pcmcia: remove left-over %Z format 2017-06-07 12:06:01 +02:00
tpm tpm_tis: fix potential buffer overruns caused by bit glitches on the bus 2018-03-24 10:58:39 +01:00
xilinx_hwicap char:xilinx_hwicap:buffer_icap - change 1/0 to true/false for bool type variable in function buffer_icap_set_configuration(). 2015-06-12 16:58:33 -07:00
xillybus char: xillybus: Allow 64-bit DMA on PCIe interface 2015-08-05 12:27:09 -07:00
apm-emulation.c
applicom.c
applicom.h
bfin-otp.c
bsr.c
ds1302.c
ds1620.c
dsp56k.c
dtlk.c
efirtc.c drivers/char: make efirtc.c driver explicitly non-modular 2015-09-20 19:32:35 -07:00
generic_nvram.c
genrtc.c
hangcheck-timer.c
hpet.c drivers/char: make hpet.c explicitly non-modular 2015-09-20 19:32:35 -07:00
Kconfig char: lack of bool string made CONFIG_DEVPORT always on 2017-04-21 09:30:06 +02:00
lp.c char: lp: fix possible integer overflow in lp_setup() 2017-05-25 14:30:07 +02:00
Makefile hwmon: Rename i8k driver to dell-smm-hwmon and move it to hwmon tree 2015-05-24 12:48:12 -07:00
mbcs.c
mbcs.h
mem.c x86/mm/pat, /dev/mem: Remove superfluous error message 2018-01-17 09:35:28 +01:00
misc.c char: make misc_deregister a void function 2015-08-05 10:35:49 -07:00
mmtimer.c
mspec.c
nsc_gpio.c
nvram.c char/nvram: Use bitwise OR to obtain Atari video mode data 2015-08-05 13:30:16 -07:00
nwbutton.c
nwbutton.h
nwflash.c
pc8736x_gpio.c
ppdev.c
ps3flash.c
random.c random: use a tighter cap in credit_entropy_bits_safe() 2018-04-24 09:32:07 +02:00
raw.c writeback: separate out include/linux/backing-dev-defs.h 2015-06-02 08:33:34 -06:00
rtc.c
scx200_gpio.c
snsc_event.c
snsc.c drivers/char: make SGI snsc.c driver explicitly non-modular 2015-09-20 19:32:35 -07:00
snsc.h
sonypi.c
tb0219.c
tile-srom.c fs: move struct kiocb to fs.h 2015-03-25 20:28:11 -04:00
tlclk.c
toshiba.c toshiba laptop: replace ioremap_cache with ioremap 2015-08-05 17:26:00 -07:00
ttyprintk.c
uv_mmtimer.c
virtio_console.c virtio_console: free buffers after reset 2018-05-02 07:53:40 -07:00