* [GIT PATCH] driver core fixes for 3.0
@ 2011-06-28 15:39 Greg KH
2011-06-28 16:01 ` [PATCH 1/9] firmware: fix GOOGLE_SMI kconfig dependency warning Greg Kroah-Hartman
0 siblings, 1 reply; 8+ messages in thread
From: Greg KH @ 2011-06-28 15:39 UTC (permalink / raw)
To: Linus Torvalds, Andrew Morton; +Cc: linux-kernel
Here's some driver core, and other driver-core related fixes for your
3.0 git tree.
Just a few minor fixes for things that people have reported, the
connector and platform.c ones being the biggest one that has hit people
recently.
Please pull from:
master.kernel.org:/pub/scm/linux/kernel/git/gregkh/driver-core-2.6.git/ driver-core-linus
All of these patches have been in the linux-next and mm trees for a
while now.
The patches will be sent as a follow-on to this message to lkml for
people to see.
thanks,
greg k-h
------------
drivers/base/platform.c | 2 +-
drivers/connector/connector.c | 1 +
drivers/firmware/google/Kconfig | 1 +
drivers/misc/pti.c | 11 +++++++----
drivers/misc/ti-st/st_core.c | 2 +-
drivers/misc/ti-st/st_kim.c | 8 ++++++--
include/linux/connector.h | 2 +-
7 files changed, 18 insertions(+), 9 deletions(-)
---------------
Andrew Morton (1):
drivers/base/platform.c: don't mark platform_device_register_resndata() as __init_or_module
J Freyensee (3):
pti: double-free security PTI fix
pti: ENXIO error case memory leak PTI fix.
pti: PTI semantics fix in pti_tty_cleanup.
K. Y. Srinivasan (2):
Connector: Set the CN_NETLINK_USERS correctly
Connector: Correctly set the error code in case of success when dispatching receive callbacks
Randy Dunlap (1):
firmware: fix GOOGLE_SMI kconfig dependency warning
Shahar Lev (1):
drivers:misc: ti-st: fix skipping of change remote baud
Steven Rostedt (1):
st_kim: Handle case of no device found for ID 0
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH 1/9] firmware: fix GOOGLE_SMI kconfig dependency warning
2011-06-28 15:39 [GIT PATCH] driver core fixes for 3.0 Greg KH
@ 2011-06-28 16:01 ` Greg Kroah-Hartman
2011-06-28 16:01 ` [PATCH 2/9] st_kim: Handle case of no device found for ID 0 Greg Kroah-Hartman
` (5 more replies)
0 siblings, 6 replies; 8+ messages in thread
From: Greg Kroah-Hartman @ 2011-06-28 16:01 UTC (permalink / raw)
To: linux-kernel; +Cc: Randy Dunlap, Greg Kroah-Hartman
From: Randy Dunlap <randy.dunlap@oracle.com>
Is it meaningful/useful to enable EFI_VARS but not EFI?
That's what GOOGLE_SMI does. Make it enable EFI also.
Fixes this kconfig dependency warning:
warning: (GOOGLE_SMI) selects EFI_VARS which has unmet direct dependencies (EFI)
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Acked-by: Mike Waychison <mikew@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
drivers/firmware/google/Kconfig | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/drivers/firmware/google/Kconfig b/drivers/firmware/google/Kconfig
index 87096b6..2f21b0b 100644
--- a/drivers/firmware/google/Kconfig
+++ b/drivers/firmware/google/Kconfig
@@ -13,6 +13,7 @@ menu "Google Firmware Drivers"
config GOOGLE_SMI
tristate "SMI interface for Google platforms"
depends on ACPI && DMI
+ select EFI
select EFI_VARS
help
Say Y here if you want to enable SMI callbacks for Google
--
1.7.5.4
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH 2/9] st_kim: Handle case of no device found for ID 0
2011-06-28 16:01 ` [PATCH 1/9] firmware: fix GOOGLE_SMI kconfig dependency warning Greg Kroah-Hartman
@ 2011-06-28 16:01 ` Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 3/9] drivers/base/platform.c: don't mark platform_device_register_resndata() as __init_or_module Greg Kroah-Hartman
` (4 subsequent siblings)
5 siblings, 0 replies; 8+ messages in thread
From: Greg Kroah-Hartman @ 2011-06-28 16:01 UTC (permalink / raw)
To: linux-kernel; +Cc: Steven Rostedt, Greg Kroah-Hartman
From: Steven Rostedt <rostedt@goodmis.org>
Running ktest.pl, I hit this bug:
[ 19.780654] BUG: unable to handle kernel NULL pointer dereference at 0000000c
[ 19.780660] IP: [<c112efcd>] dev_get_drvdata+0xc/0x46
[ 19.780669] *pdpt = 0000000031daf001 *pde = 0000000000000000
[ 19.780673] Oops: 0000 [#1] SMP
[ 19.780680] Dumping ftrace buffer:^M
[ 19.780685] (ftrace buffer empty)
[ 19.780687] Modules linked in: ide_pci_generic firewire_ohci firewire_core evbug crc_itu_t e1000 ide_core i2c_i801 iTCO_wdt
[ 19.780697]
[ 19.780700] Pid: 346, comm: v4l_id Not tainted 2.6.39-test-02740-gcaebc16-dirty #4 /DG965MQ
[ 19.780706] EIP: 0060:[<c112efcd>] EFLAGS: 00010202 CPU: 0
[ 19.780709] EIP is at dev_get_drvdata+0xc/0x46
[ 19.780712] EAX: 00000008 EBX: f1e37da4 ECX: 00000000 EDX: 00000000
[ 19.780715] ESI: f1c3f200 EDI: c33ec95c EBP: f1e37d80 ESP: f1e37d80
[ 19.780718] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 19.780721] Process v4l_id (pid: 346, ti=f1e36000 task=f2bc2a60 task.ti=f1e36000)
[ 19.780723] Stack:
[ 19.780725] f1e37d8c c117d395 c33ec93c f1e37db4 c117a0f9 00000002 00000000 c1725e54
[ 19.780732] 00000001 00000007 f2918c90 f1c3f200 c33ec95c f1e37dd4 c1789d3d 22222222
[ 19.780740] 22222222 22222222 f2918c90 f1c3f200 f29194f4 f1e37de8 c178d5c4 c1725e54
[ 19.780747] Call Trace:
[ 19.780752] [<c117d395>] st_kim_ref+0x28/0x41
[ 19.780756] [<c117a0f9>] st_register+0x29/0x562
[ 19.780761] [<c1725e54>] ? v4l2_open+0x111/0x1e3
[ 19.780766] [<c1789d3d>] fmc_prepare+0x97/0x424
[ 19.780770] [<c178d5c4>] fm_v4l2_fops_open+0x70/0x106
[ 19.780773] [<c1725e54>] ? v4l2_open+0x111/0x1e3
[ 19.780777] [<c1725e9b>] v4l2_open+0x158/0x1e3
[ 19.780782] [<c065173b>] chrdev_open+0x22c/0x276
[ 19.780787] [<c0647c4e>] __dentry_open+0x35c/0x581
[ 19.780792] [<c06498f9>] nameidata_to_filp+0x7c/0x96
[ 19.780795] [<c065150f>] ? cdev_put+0x57/0x57
[ 19.780800] [<c0660cad>] do_last+0x743/0x9d4
[ 19.780804] [<c065d5fc>] ? path_init+0x1ee/0x596
[ 19.780808] [<c0661481>] path_openat+0x10c/0x597
[ 19.780813] [<c05204a1>] ? trace_hardirqs_off+0x27/0x37
[ 19.780817] [<c0509651>] ? local_clock+0x78/0xc7
[ 19.780821] [<c0661945>] do_filp_open+0x39/0xc2
[ 19.780827] [<c1cabc76>] ? _raw_spin_unlock+0x4c/0x5d^M
[ 19.780831] [<c0674ccd>] ? alloc_fd+0x19e/0x1b7
[ 19.780836] [<c06499ca>] do_sys_open+0xb7/0x1bd
[ 19.780840] [<c0608eea>] ? sys_munmap+0x78/0x8d
[ 19.780844] [<c0649b06>] sys_open+0x36/0x58
[ 19.780849] [<c1cb809f>] sysenter_do_call+0x12/0x38
[ 19.780852] Code: d8 2f 20 c3 01 83 15 dc 2f 20 c3 00 f0 ff 00 83 05 e0 2f 20 c3 01 83 15 e4 2f 20 c3 00 5d c3 55 89 e5 3e 8d 74 26 00 85 c0 74 28 <8b> 40 04 83 05 e8 2f 20 c3 01 83 15 ec 2f 20 c3 00 85 c0 74 13 ^M
[ 19.780889] EIP: [<c112efcd>] dev_get_drvdata+0xc/0x46 SS:ESP 0068:f1e37d80
[ 19.780894] CR2: 000000000000000c
[ 19.780898] ---[ end trace e7d1d0f6a2d1d390 ]---
The id of 0 passed to st_kim_ref() found no device, keeping pdev null,
and causing pdev->dev cause a NULL pointer dereference. After having
st_kim_ref() check for NULL, the st_unregister() function needed to be
updated to handle the case that st_gdata was not set by the
st_kim_ref().
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
drivers/misc/ti-st/st_core.c | 2 +-
drivers/misc/ti-st/st_kim.c | 4 ++++
2 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/drivers/misc/ti-st/st_core.c b/drivers/misc/ti-st/st_core.c
index f91f82e..54c91ff 100644
--- a/drivers/misc/ti-st/st_core.c
+++ b/drivers/misc/ti-st/st_core.c
@@ -605,7 +605,7 @@ long st_unregister(struct st_proto_s *proto)
pr_debug("%s: %d ", __func__, proto->chnl_id);
st_kim_ref(&st_gdata, 0);
- if (proto->chnl_id >= ST_MAX_CHANNELS) {
+ if (!st_gdata || proto->chnl_id >= ST_MAX_CHANNELS) {
pr_err(" chnl_id %d not supported", proto->chnl_id);
return -EPROTONOSUPPORT;
}
diff --git a/drivers/misc/ti-st/st_kim.c b/drivers/misc/ti-st/st_kim.c
index 5da93ee..3613c3b 100644
--- a/drivers/misc/ti-st/st_kim.c
+++ b/drivers/misc/ti-st/st_kim.c
@@ -604,6 +604,10 @@ void st_kim_ref(struct st_data_s **core_data, int id)
struct kim_data_s *kim_gdata;
/* get kim_gdata reference from platform device */
pdev = st_get_plat_device(id);
+ if (!pdev) {
+ *core_data = NULL;
+ return;
+ }
kim_gdata = dev_get_drvdata(&pdev->dev);
*core_data = kim_gdata->core_data;
}
--
1.7.5.4
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH 3/9] drivers/base/platform.c: don't mark platform_device_register_resndata() as __init_or_module
2011-06-28 16:01 ` [PATCH 1/9] firmware: fix GOOGLE_SMI kconfig dependency warning Greg Kroah-Hartman
2011-06-28 16:01 ` [PATCH 2/9] st_kim: Handle case of no device found for ID 0 Greg Kroah-Hartman
@ 2011-06-28 16:02 ` Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 4/9] drivers:misc: ti-st: fix skipping of change remote baud Greg Kroah-Hartman
` (3 subsequent siblings)
5 siblings, 0 replies; 8+ messages in thread
From: Greg Kroah-Hartman @ 2011-06-28 16:02 UTC (permalink / raw)
To: linux-kernel
Cc: Andrew Morton, Uwe Kleine-König, Greg KH, David Airlie, stable
From: Andrew Morton <akpm@linux-foundation.org>
This reverts 737a3bb9416ce2a7c7a4 ("Driver core: move platform device
creation helpers to .init.text (if MODULE=n)"). That patch assumed that
platform_device_register_resndata() is only ever called from __init code
but that isn't true in the case ioctl->drm_ioctl->radeon_cp_init().
Addresses https://bugzilla.kernel.org/show_bug.cgi?id=35192
Cc: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Reported-by: Anthony Basile <blueness@gentoo.org>
Cc: Greg KH <gregkh@suse.de>
Cc: David Airlie <airlied@linux.ie>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
drivers/base/platform.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/drivers/base/platform.c b/drivers/base/platform.c
index 1c291af..6040717 100644
--- a/drivers/base/platform.c
+++ b/drivers/base/platform.c
@@ -367,7 +367,7 @@ EXPORT_SYMBOL_GPL(platform_device_unregister);
*
* Returns &struct platform_device pointer on success, or ERR_PTR() on error.
*/
-struct platform_device *__init_or_module platform_device_register_resndata(
+struct platform_device *platform_device_register_resndata(
struct device *parent,
const char *name, int id,
const struct resource *res, unsigned int num,
--
1.7.5.4
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH 4/9] drivers:misc: ti-st: fix skipping of change remote baud
2011-06-28 16:01 ` [PATCH 1/9] firmware: fix GOOGLE_SMI kconfig dependency warning Greg Kroah-Hartman
2011-06-28 16:01 ` [PATCH 2/9] st_kim: Handle case of no device found for ID 0 Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 3/9] drivers/base/platform.c: don't mark platform_device_register_resndata() as __init_or_module Greg Kroah-Hartman
@ 2011-06-28 16:02 ` Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 5/9] pti: double-free security PTI fix Greg Kroah-Hartman
` (2 subsequent siblings)
5 siblings, 0 replies; 8+ messages in thread
From: Greg Kroah-Hartman @ 2011-06-28 16:02 UTC (permalink / raw)
To: linux-kernel; +Cc: Shahar Lev, Greg Kroah-Hartman
From: Shahar Lev <shahar@wizery.com>
Before the incrementing of ptr in skip_change_remote_baud,
it points to cur_action, but the increment is done by
the size of nxt_action instead. This could cause ptr
to not point to a bts_action structure, which is
harmful for the increment of ptr done in download_firmware.
Therefore, the skipping is first done for cur_action.
Signed-off-by: Shahar Lev <shahar@wizery.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
drivers/misc/ti-st/st_kim.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/misc/ti-st/st_kim.c b/drivers/misc/ti-st/st_kim.c
index 3613c3b..38fd2f0 100644
--- a/drivers/misc/ti-st/st_kim.c
+++ b/drivers/misc/ti-st/st_kim.c
@@ -245,9 +245,9 @@ void skip_change_remote_baud(unsigned char **ptr, long *len)
pr_err("invalid action after change remote baud command");
} else {
*ptr = *ptr + sizeof(struct bts_action) +
- ((struct bts_action *)nxt_action)->size;
+ ((struct bts_action *)cur_action)->size;
*len = *len - (sizeof(struct bts_action) +
- ((struct bts_action *)nxt_action)->size);
+ ((struct bts_action *)cur_action)->size);
/* warn user on not commenting these in firmware */
pr_warn("skipping the wait event of change remote baud");
}
--
1.7.5.4
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH 5/9] pti: double-free security PTI fix
2011-06-28 16:01 ` [PATCH 1/9] firmware: fix GOOGLE_SMI kconfig dependency warning Greg Kroah-Hartman
` (2 preceding siblings ...)
2011-06-28 16:02 ` [PATCH 4/9] drivers:misc: ti-st: fix skipping of change remote baud Greg Kroah-Hartman
@ 2011-06-28 16:02 ` Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 6/9] pti: ENXIO error case memory leak " Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 7/9] pti: PTI semantics fix in pti_tty_cleanup Greg Kroah-Hartman
5 siblings, 0 replies; 8+ messages in thread
From: Greg Kroah-Hartman @ 2011-06-28 16:02 UTC (permalink / raw)
To: linux-kernel; +Cc: J Freyensee, Greg Kroah-Hartman
From: J Freyensee <james_p_freyensee@linux.intel.com>
This patch fixes a double-free error that will not always be
seen unless /dev/pti char interface is stressed.
Signed-off-by: J Freyensee <james_p_freyensee@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
drivers/misc/pti.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/misc/pti.c b/drivers/misc/pti.c
index bb6f925..be48573 100644
--- a/drivers/misc/pti.c
+++ b/drivers/misc/pti.c
@@ -317,7 +317,8 @@ EXPORT_SYMBOL_GPL(pti_request_masterchannel);
* a master, channel ID address
* used to write to PTI HW.
*
- * @mc: master, channel apeture ID address to be released.
+ * @mc: master, channel apeture ID address to be released. This
+ * will de-allocate the structure via kfree().
*/
void pti_release_masterchannel(struct pti_masterchannel *mc)
{
@@ -581,7 +582,7 @@ static int pti_char_open(struct inode *inode, struct file *filp)
static int pti_char_release(struct inode *inode, struct file *filp)
{
pti_release_masterchannel(filp->private_data);
- kfree(filp->private_data);
+ filp->private_data = NULL;
return 0;
}
--
1.7.5.4
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH 6/9] pti: ENXIO error case memory leak PTI fix.
2011-06-28 16:01 ` [PATCH 1/9] firmware: fix GOOGLE_SMI kconfig dependency warning Greg Kroah-Hartman
` (3 preceding siblings ...)
2011-06-28 16:02 ` [PATCH 5/9] pti: double-free security PTI fix Greg Kroah-Hartman
@ 2011-06-28 16:02 ` Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 7/9] pti: PTI semantics fix in pti_tty_cleanup Greg Kroah-Hartman
5 siblings, 0 replies; 8+ messages in thread
From: Greg Kroah-Hartman @ 2011-06-28 16:02 UTC (permalink / raw)
To: linux-kernel; +Cc: J Freyensee, Greg Kroah-Hartman
From: J Freyensee <james_p_freyensee@linux.intel.com>
This patch fixes a memory leak that can occur in the error case
ENXIO is returned in the pti_tty_install() routine.
Signed-off-by: J Freyensee <james_p_freyensee@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
drivers/misc/pti.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/drivers/misc/pti.c b/drivers/misc/pti.c
index be48573..e74e7d2 100644
--- a/drivers/misc/pti.c
+++ b/drivers/misc/pti.c
@@ -476,8 +476,10 @@ static int pti_tty_install(struct tty_driver *driver, struct tty_struct *tty)
else
pti_tty_data->mc = pti_request_masterchannel(2);
- if (pti_tty_data->mc == NULL)
+ if (pti_tty_data->mc == NULL) {
+ kfree(pti_tty_data);
return -ENXIO;
+ }
tty->driver_data = pti_tty_data;
}
--
1.7.5.4
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH 7/9] pti: PTI semantics fix in pti_tty_cleanup.
2011-06-28 16:01 ` [PATCH 1/9] firmware: fix GOOGLE_SMI kconfig dependency warning Greg Kroah-Hartman
` (4 preceding siblings ...)
2011-06-28 16:02 ` [PATCH 6/9] pti: ENXIO error case memory leak " Greg Kroah-Hartman
@ 2011-06-28 16:02 ` Greg Kroah-Hartman
5 siblings, 0 replies; 8+ messages in thread
From: Greg Kroah-Hartman @ 2011-06-28 16:02 UTC (permalink / raw)
To: linux-kernel; +Cc: J Freyensee, Greg Kroah-Hartman
From: J Freyensee <james_p_freyensee@linux.intel.com>
This patch fixes a semantics issue in the pti_tty_cleanup()
routine.
Signed-off-by: J Freyensee <james_p_freyensee@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
drivers/misc/pti.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/drivers/misc/pti.c b/drivers/misc/pti.c
index e74e7d2..374dfcf 100644
--- a/drivers/misc/pti.c
+++ b/drivers/misc/pti.c
@@ -498,7 +498,7 @@ static void pti_tty_cleanup(struct tty_struct *tty)
if (pti_tty_data == NULL)
return;
pti_release_masterchannel(pti_tty_data->mc);
- kfree(tty->driver_data);
+ kfree(pti_tty_data);
tty->driver_data = NULL;
}
--
1.7.5.4
^ permalink raw reply related [flat|nested] 8+ messages in thread
end of thread, other threads:[~2011-06-28 16:04 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-06-28 15:39 [GIT PATCH] driver core fixes for 3.0 Greg KH
2011-06-28 16:01 ` [PATCH 1/9] firmware: fix GOOGLE_SMI kconfig dependency warning Greg Kroah-Hartman
2011-06-28 16:01 ` [PATCH 2/9] st_kim: Handle case of no device found for ID 0 Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 3/9] drivers/base/platform.c: don't mark platform_device_register_resndata() as __init_or_module Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 4/9] drivers:misc: ti-st: fix skipping of change remote baud Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 5/9] pti: double-free security PTI fix Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 6/9] pti: ENXIO error case memory leak " Greg Kroah-Hartman
2011-06-28 16:02 ` [PATCH 7/9] pti: PTI semantics fix in pti_tty_cleanup Greg Kroah-Hartman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).