| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Nov 2017 10:45:46 +0100
From: Thierry Reding <thierry.reding@...il.com>
To: Bartlomiej Zolnierkiewicz <b.zolnierkie@...sung.com>
Cc: linux-fbdev@...r.kernel.org, dri-devel@...ts.freedesktop.org,
linux-kernel@...r.kernel.org, Kees Cook <keescook@...omium.org>
Subject: [PATCH] fbcon: Initialize ops->info early
From: Thierry Reding <treding@...dia.com>
During console takeover, which happens for all DRM/KMS setups using the
fbdev helpers, fbcon_startup() is called before fbcon_init() and as a
result con2fb_acquire_newinfo() will not be called (info->fbcon_par was
set to non-NULL in fbcon_startup()) to assign ops->info.
This causes the cursor_timer_handler() to unreference a NULL pointer.
Avoid this by unconditionally assigning ops->info during fbcon_startup()
so that it will be available early, but keep the additional assignment
in con2fb_acquire_newinfo() to support console remapping at runtime.
Cc: Kees Cook <keescook@...omium.org>
Signed-off-by: Thierry Reding <treding@...dia.com>
---
drivers/video/fbdev/core/fbcon.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/video/fbdev/core/fbcon.c b/drivers/video/fbdev/core/fbcon.c
index 3b4a96379128..929ca472c524 100644
--- a/drivers/video/fbdev/core/fbcon.c
+++ b/drivers/video/fbdev/core/fbcon.c
@@ -962,6 +962,7 @@ static const char *fbcon_startup(void)
ops->graphics = 1;
ops->cur_rotate = -1;
ops->cur_blink_jiffies = HZ / 5;
+ ops->info = info;
info->fbcon_par = ops;
if (initial_rotation != -1)
p->con_rotate = initial_rotation;
--
2.14.1
Powered by blists - more mailing lists