[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130319172714.GD18335@beef>
Date: Tue, 19 Mar 2013 13:27:14 -0400
From: Matt Porter <mporter@...com>
To: Luis Henriques <luis.henriques@...onical.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"stable@...r.kernel.org" <stable@...r.kernel.org>,
Tomas Novotny <tomas@...otny.cz>,
"Nori, Sekhar" <nsekhar@...com>
Subject: Re: [ 41/75] ARM: davinci: edma: fix dmaengine induced null pointer
dereference on da830
On Tue, Mar 19, 2013 at 04:25:35PM +0000, Luis Henriques wrote:
> On Mon, Mar 18, 2013 at 02:07:04PM -0700, Greg Kroah-Hartman wrote:
> > 3.8-stable review patch. If anyone has any objections, please let me know.
> >
> > ------------------
> >
> > From: Matt Porter <mporter@...com>
> >
> > commit 069552777a121eb39da29de4bc0383483dbe1f7e upstream.
> >
> > This adds additional error checking to the private edma api implementation
> > to catch the case where the edma_alloc_slot() has an invalid controller
> > parameter. The edma dmaengine wrapper driver relies on this condition
> > being handled in order to avoid setting up a second edma dmaengine
> > instance on DA830.
> >
> > Verfied using a DA850 with the second EDMA controller platform instance
> > removed to simulate a DA830 which only has a single EDMA controller.
> >
> > Reported-by: Tomas Novotny <tomas@...otny.cz>
> > Signed-off-by: Matt Porter <mporter@...com>
> > Tested-by: Tomas Novotny <tomas@...otny.cz>
> > Signed-off-by: Sekhar Nori <nsekhar@...com>
> > Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> >
> > ---
> > arch/arm/mach-davinci/dma.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > --- a/arch/arm/mach-davinci/dma.c
> > +++ b/arch/arm/mach-davinci/dma.c
> > @@ -743,6 +743,9 @@ EXPORT_SYMBOL(edma_free_channel);
> > */
> > int edma_alloc_slot(unsigned ctlr, int slot)
> > {
> > + if (!edma_cc[ctlr])
> > + return -EINVAL;
> > +
> > if (slot >= 0)
> > slot = EDMA_CHAN_SLOT(slot);
>
> I couldn't figure out the reason why this is tagged for v3.7.x+ only.
> Shouldn't this be applied to 3.2, 3.4 and 3.5 as well?
The bug being fixed is triggered by the edma dmaengine driver (and only
on one board) that was introduced in 3.7. Prior to that it is just a
theoretical bug.
-Matt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists