From: Luis Chamberlain <mcgrof@kernel.org>
To: Niklas Cassel <niklas.cassel@linaro.org>
Cc: Bjorn Andersson <bjorn.andersson@linaro.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"Rafael J. Wysocki" <rafael@kernel.org>,
linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org,
stable@vger.kernel.org,
Rishabh Bhatnagar <rishabhb@codeaurora.org>
Subject: Re: [PATCH] firmware: Always initialize the fw_priv list object
Date: Mon, 1 Oct 2018 11:18:35 -0700 [thread overview]
Message-ID: <20181001181835.GG5238@garbanzo.do-not-panic.com> (raw)
In-Reply-To: <20181001132703.GA12193@centauri.lan>
On Mon, Oct 01, 2018 at 03:27:03PM +0200, Niklas Cassel wrote:
> On Thu, Sep 20, 2018 at 12:34:15AM -0700, Bjorn Andersson wrote:
> > On Wed 19 Sep 22:22 PDT 2018, Greg Kroah-Hartman wrote:
> >
> > > On Wed, Sep 19, 2018 at 06:09:38PM -0700, Bjorn Andersson wrote:
> > > > When freeing the fw_priv the item is taken off the list. This causes an
> > > > oops in the FW_OPT_NOCACHE case as the list object is not initialized.
> > > >
> > > > Make sure to initialize the list object regardless of this flag.
> > > >
> > > > Fixes: 422b3db2a503 ("firmware: Fix security issue with request_firmware_into_buf()")
> > > > Cc: stable@vger.kernel.org
> > > > Cc: Rishabh Bhatnagar <rishabhb@codeaurora.org>
> > > > Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
> > > > ---
> > > > drivers/base/firmware_loader/main.c | 7 +++++--
> > > > 1 file changed, 5 insertions(+), 2 deletions(-)
> > >
> > > Is this being triggered by some hardware somewhere today? Or is this
> > > just a fix found by code inspection?
> > >
> >
> > Hi Greg,
> >
> > Yes, I found this issue while attempting to load the firmware and boot
> > one of the DSPs on one of my Qualcomm dev boards after v4.19-rc4 and it
> > can be reproduced on the upstream Dragonboard 820c.
>
> I still see this issue on v4.19-rc6.
>
> It would be nice if this fix gets merged before v4.19 gets released.
This is the first I hear of this and this patch, so you should re-send
it and I can review it. Also please Cc Rishabh.
Rishabh, had you heard of this and can you confirm as well as
422b3db2a503 was your commit?
Luis
next prev parent reply other threads:[~2018-10-01 18:18 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-20 1:09 [PATCH] firmware: Always initialize the fw_priv list object Bjorn Andersson
2018-09-20 5:22 ` Greg Kroah-Hartman
2018-09-20 7:34 ` Bjorn Andersson
2018-10-01 13:27 ` Niklas Cassel
2018-10-01 18:18 ` Luis Chamberlain [this message]
2018-10-01 18:32 ` Bjorn Andersson
2018-10-01 18:53 ` Luis Chamberlain
2018-10-01 20:58 ` Greg Kroah-Hartman
2018-09-20 7:38 ` Rafael J. Wysocki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181001181835.GG5238@garbanzo.do-not-panic.com \
--to=mcgrof@kernel.org \
--cc=bjorn.andersson@linaro.org \
--cc=gregkh@linuxfoundation.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=niklas.cassel@linaro.org \
--cc=rafael@kernel.org \
--cc=rishabhb@codeaurora.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).