github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 14:04:54 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
c24a20912e
linux/drivers
History
brian-sy yang c24a20912e thermal/drivers/cpufreq_cooling: Fix slab OOB issue 
commit 34ab17cc6c upstream.

Slab OOB issue is scanned by KASAN in cpu_power_to_freq().
If power is limited below the power of OPP0 in EM table,
it will cause slab out-of-bound issue with negative array
index.

Return the lowest frequency if limited power cannot found
a suitable OPP in EM table to fix this issue.

Backtrace:
[<ffffffd02d2a37f0>] die+0x104/0x5ac
[<ffffffd02d2a5630>] bug_handler+0x64/0xd0
[<ffffffd02d288ce4>] brk_handler+0x160/0x258
[<ffffffd02d281e5c>] do_debug_exception+0x248/0x3f0
[<ffffffd02d284488>] el1_dbg+0x14/0xbc
[<ffffffd02d75d1d4>] __kasan_report+0x1dc/0x1e0
[<ffffffd02d75c2e0>] kasan_report+0x10/0x20
[<ffffffd02d75def8>] __asan_report_load8_noabort+0x18/0x28
[<ffffffd02e6fce5c>] cpufreq_power2state+0x180/0x43c
[<ffffffd02e6ead80>] power_actor_set_power+0x114/0x1d4
[<ffffffd02e6fac24>] allocate_power+0xaec/0xde0
[<ffffffd02e6f9f80>] power_allocator_throttle+0x3ec/0x5a4
[<ffffffd02e6ea888>] handle_thermal_trip+0x160/0x294
[<ffffffd02e6edd08>] thermal_zone_device_check+0xe4/0x154
[<ffffffd02d351cb4>] process_one_work+0x5e4/0xe28
[<ffffffd02d352f44>] worker_thread+0xa4c/0xfac
[<ffffffd02d360124>] kthread+0x33c/0x358
[<ffffffd02d289940>] ret_from_fork+0xc/0x18

Fixes: 371a3bc79c ("thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power")
Signed-off-by: brian-sy yang <brian-sy.yang@mediatek.com>
Signed-off-by: Michael Kao <michael.kao@mediatek.com>
Reviewed-by: Lukasz Luba <lukasz.luba@arm.com>
Cc: stable@vger.kernel.org #v5.7
Signed-off-by: Daniel Lezcano <daniel.lezcano@linaro.org>
Link: https://lore.kernel.org/r/20201229050831.19493-1-michael.kao@mediatek.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-05-11 14:47:40 +02:00
..
accessibility speakup: fix uninitialized flush_lock 2020-12-30 11:53:44 +01:00
acpi ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure 2021-05-11 14:47:34 +02:00
amba amba: Fix resource leak for drivers without .remove 2021-03-04 11:38:02 +01:00
android binder: add flag to clear buffer on txn complete 2020-12-30 11:54:09 +01:00
ata ata: ahci: Disable SXS for Hisilicon Kunpeng920 2021-05-11 14:47:26 +02:00
atm atm: idt77252: fix null-ptr-dereference 2021-03-30 14:31:50 +02:00
auxdisplay auxdisplay: ht16k33: Fix refresh rate handling 2021-03-04 11:38:00 +01:00
base driver core: Fix locking bug in deferred_probe_timeout_work_func() 2021-04-14 08:42:03 +02:00
bcma
block block/rnbd-clt: Fix missing a memory free when unloading the module 2021-05-11 14:47:31 +02:00
bluetooth Bluetooth: btqca: Add valid le states quirk 2021-03-11 14:17:22 +01:00
bus bus: mhi: core: Clear context for stopped channels from remove() 2021-05-11 14:47:19 +02:00
cdrom
char tpm: vtpm_proxy: Avoid reading host log when using a virtual device 2021-05-11 14:47:35 +02:00
clk clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return 2021-05-11 14:47:28 +02:00
clocksource clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined 2021-03-04 11:37:57 +01:00
connector
counter counter: stm32-timer-cnt: fix ceiling miss-alignment with reload register 2021-03-25 09:04:16 +01:00
cpufreq cpufreq: blacklist Arm Vexpress platforms in cpufreq-dt-platdev 2021-03-30 14:31:49 +02:00
cpuidle cpuidle: tegra: Fix C7 idling state on Tegra114 2021-05-11 14:47:16 +02:00
crypto crypto: omap-aes - Fix PM reference leak on omap-aes.c 2021-05-11 14:47:21 +02:00
dax device-dax: Fix default return code of range_parse() 2021-03-04 11:38:15 +01:00
dca
devfreq
dio
dma dmaengine: tegra20: Fix runtime PM imbalance on error 2021-04-28 13:40:01 +02:00
dma-buf dmabuf: fix use-after-free of dmabuf's file->f_inode 2021-01-12 20:18:24 +01:00
edac EDAC/amd64: Do not load on family 0x15, model 0x13 2021-03-07 12:34:08 +01:00
eisa
extcon extcon: arizona: Fix various races on driver unbind 2021-05-11 14:47:24 +02:00
firewire firewire: nosy: Fix a use-after-free bug in nosy_ioctl() 2021-04-07 15:00:11 +02:00
firmware efi/libstub: Add $(CLANG_FLAGS) to x86 flags 2021-05-11 14:47:18 +02:00
fpga fpga: dfl: pci: add DID for D5005 PAC cards 2021-05-11 14:47:19 +02:00
fsi fsi: Aspeed: Add mutex to protect HW access 2020-12-30 11:53:46 +01:00
gnss
gpio gpio: omap: Save and restore sysconfig 2021-04-28 13:39:59 +02:00
gpu Fix misc new gcc warnings 2021-05-11 14:47:36 +02:00
greybus
hid HID: wacom: Assign boolean values to a bool variable 2021-04-28 13:40:01 +02:00
hsi HSI: Fix PM usage counter unbalance in ssi_hw_init 2021-03-04 11:37:52 +01:00
hv Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() 2021-03-04 11:37:46 +01:00
hwmon hwmon: (dell-smm) Add XPS 15 L502X to fan control blacklist 2021-02-26 10:13:00 +01:00
hwspinlock
hwtracing intel_th: pci: Add Alder Lake-M support 2021-05-11 14:47:35 +02:00
i2c i2c: designware: Adjust bus_freq_hz when refuse high speed mode set 2021-04-14 08:42:11 +02:00
i3c i3c master: fix missing destroy_workqueue() on error in i3c_master_register 2021-01-06 14:56:53 +01:00
ide ide/falconide: Fix module unload 2021-03-04 11:38:21 +01:00
idle
iio iio: hid-sensor-temperature: Fix issues of timestamp channel 2021-03-25 09:04:16 +01:00
infiniband RDMA/addr: Be strict with gid size 2021-04-14 08:42:12 +02:00
input Input: ili210x - add missing negation for touch indication on ili210x 2021-05-11 14:47:34 +02:00
interconnect interconnect: core: fix error return code of icc_link_destroy() 2021-04-16 11:43:19 +02:00
iommu iommu/amd: Fix performance counter initialization 2021-03-17 17:06:24 +01:00
ipack
irqchip irqchip/gic-v3: Do not enable irqs when handling spurious interrups 2021-05-11 14:47:15 +02:00
isdn mISDN: fix crash in fritzpci 2021-04-10 13:36:08 +02:00
leds leds: trigger: fix potential deadlock with libata 2021-02-03 23:28:41 +01:00
lightnvm lightnvm: fix memory leak when submit fails 2021-01-27 11:55:22 +01:00
macintosh macintosh/adb-iop: Use big-endian autopoll mask 2021-03-04 11:37:42 +01:00
mailbox mailbox: sprd: correct definition of SPRD_OUTBOX_FIFO_FULL 2021-03-04 11:38:15 +01:00
mcb
md dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails 2021-05-11 14:47:40 +02:00
media media: venus: hfi_parser: Don't initialize parser on v1 2021-05-11 14:47:39 +02:00
memory memory: ti-aemif: Drop child node when jumping out loop 2021-03-04 11:37:25 +01:00
memstick memstick: r592: Fix error return in r592_probe() 2020-12-30 11:53:34 +01:00
message
mfd mfd: arizona: Fix rumtime PM imbalance on error 2021-05-11 14:47:31 +02:00
misc mei: me: add Alder Lake P device id. 2021-05-02 11:06:09 +02:00
mmc mmc: sdhci-brcmstb: Remove CQE quirk 2021-05-11 14:47:26 +02:00
most
mtd mtd: physmap: physmap-bt1-rom: Fix unintentional stack access 2021-05-11 14:47:13 +02:00
mux
net rsi: Use resume_noirq for SDIO 2021-05-11 14:47:40 +02:00
nfc nfc: s3fwrn5: Release the nfc firmware 2020-12-30 11:53:53 +01:00
ntb
nubus
nvdimm libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC 2021-04-21 13:00:55 +02:00
nvme nvmet: return proper error code from discovery ctrl 2021-05-11 14:47:26 +02:00
nvmem nvmem: qcom-spmi-sdam: Fix uninitialized pdev pointer 2021-03-04 11:38:39 +01:00
of of: property: fw_devlink: do not link ".*,nr-gpios" 2021-04-14 08:41:58 +02:00
opp opp: Correct debug message in _opp_add_static_v2() 2021-03-04 11:37:27 +01:00
oprofile
parisc
parport
pci PCI: PM: Do not read power state in pci_enable_device_flags() 2021-05-11 14:47:18 +02:00
pcmcia
perf perf/arm_pmu_platform: Fix error handling 2021-05-11 14:47:19 +02:00
phy phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() 2021-05-11 14:47:21 +02:00
pinctrl pinctrl: core: Show pin numbers for the controllers with base = 0 2021-04-28 13:39:59 +02:00
platform platform/x86: intel_pmc_core: Don't use global pmcdev in quirks 2021-05-11 14:47:21 +02:00
pnp
power power: supply: cpcap-battery: fix invalid usage of list cursor 2021-05-11 14:47:32 +02:00
powercap
pps
ps3 powerpc/ps3: use dma_mapping_error() 2020-12-30 11:53:53 +01:00
ptp ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation 2021-04-10 13:36:09 +02:00
pwm pwm: iqs620a: Fix overflow and optimize calculations 2021-03-04 11:38:17 +01:00
rapidio
ras RAS/CEC: Correct ce_add_elem()'s returned values 2021-04-14 08:42:12 +02:00
regulator regulator: bd9571mwv: Fix AVS and DVFS voltage range 2021-04-14 08:42:05 +02:00
remoteproc remoteproc: qcom: pil_info: avoid 64-bit division 2021-04-14 08:42:05 +02:00
reset
rpmsg
rtc rtc: zynqmp: depend on HAS_IOMEM 2021-03-04 11:38:03 +01:00
s390 s390/zcrypt: fix zcard and zqueue hot-unplug memleak 2021-05-11 14:47:11 +02:00
sbus
scsi scsi: libfc: Fix a format specifier 2021-05-11 14:47:31 +02:00
sfi
sh
siox
slimbus slimbus: qcom: fix potential NULL dereference in qcom_slim_prg_slew() 2020-12-30 11:53:47 +01:00
soc soc/tegra: pmc: Fix completion of power-gate toggling 2021-05-11 14:47:18 +02:00
soundwire soundwire: cadence: only prepare attached devices on clock stop 2021-05-11 14:47:19 +02:00
spi spi: sync up initial chipselect state 2021-05-11 14:47:22 +02:00
spmi spmi: spmi-pmic-arb: Fix hw_irq overflow 2021-03-04 11:38:40 +01:00
ssb
staging media: staging/intel-ipu3: Fix race condition during set_fmt 2021-05-11 14:47:38 +02:00
target scsi: target: pscsi: Fix warning in pscsi_complete_cmd() 2021-05-11 14:47:23 +02:00
tc
tee tee: optee: do not check memref size on return from Secure World 2021-05-11 14:47:18 +02:00
thermal thermal/drivers/cpufreq_cooling: Fix slab OOB issue 2021-05-11 14:47:40 +02:00
thunderbolt thunderbolt: Fix off by one in tb_port_find_retimer() 2021-04-14 08:42:03 +02:00
tty tty: fix memory leak in vc_deallocate 2021-05-11 14:47:39 +02:00
uio
usb usb: dwc2: Fix session request interrupt handler 2021-05-11 14:47:39 +02:00
vdpa vdpa/mlx5: Set err = -ENOMEM in case dma_map_sg_attrs fails 2021-04-28 13:39:59 +02:00
vfio vfio: Depend on MMU 2021-05-07 11:04:33 +02:00
vhost vhost-vdpa: fix vm_flags for virtqueue doorbell mapping 2021-05-11 14:47:12 +02:00
video backlight: qcom-wled: Fix FSC update issue for WLED5 2021-05-11 14:47:25 +02:00
virt nitro_enclaves: Fix stale file descriptors on failed usercopy 2021-05-11 14:47:11 +02:00
virtio virtio_ring: Fix two use after free bugs 2020-12-30 11:54:00 +01:00
visorbus
vlynq
vme
w1 w1: w1_therm: Fix conversion result for negative temperatures 2021-03-04 11:37:18 +01:00
watchdog watchdog: mei_wdt: request stop on unregister 2021-03-04 11:38:36 +01:00
xen xen/events: fix setting irq affinity 2021-04-16 11:43:22 +02:00
zorro
Kconfig
Makefile