lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1429621752-19082-1-git-send-email-semen.protsenko@globallogic.com>
Date:	Tue, 21 Apr 2015 16:09:12 +0300
From:	Semen Protsenko <semen.protsenko@...ballogic.com>
To:	Thomas Gleixner <tglx@...utronix.de>
Cc:	linux-kernel@...r.kernel.org,
	Grygorii Strashko <grygorii.strashko@...ballogic.com>,
	Linus Walleij <linus.walleij@...aro.org>
Subject: [PATCH] genirq: check irq_ack callback in handle_edge_irq() before calling

Direct calling of .irq_ack callback (from struct irq_chip) leads to NULL
pointer dereference in some cases. E.g. this was observed for MAX732X
driver on hibernation:

    Unable to handle kernel NULL pointer dereference at virtual address 0
    Backtrace:
    (handle_edge_irq) from (resend_irqs)
    (resend_irqs) from (tasklet_action)
    (tasklet_action) from (__do_softirq)
    (__do_softirq) from (run_ksoftirqd)
    (run_ksoftirqd) from (smpboot_thread_fn)
    (smpboot_thread_fn) from (kthread)
    (kthread) from (ret_from_fork)

This patch checks if .irq_ack was set, so in case it wasn't (i.e. it's
NULL) we wouldn't have NULL pointer dereference. This check seems to
be pretty common in kernel/irq/chip.c, but it was missed for
handle_edge_irq() function.

Signed-off-by: Semen Protsenko <semen.protsenko@...ballogic.com>
---
 kernel/irq/chip.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/kernel/irq/chip.c b/kernel/irq/chip.c
index eb9a4ea..3889b02 100644
--- a/kernel/irq/chip.c
+++ b/kernel/irq/chip.c
@@ -586,7 +586,8 @@ handle_edge_irq(unsigned int irq, struct irq_desc *desc)
 	kstat_incr_irqs_this_cpu(irq, desc);
 
 	/* Start handling the irq */
-	desc->irq_data.chip->irq_ack(&desc->irq_data);
+	if (desc->irq_data.chip->irq_ack)
+		desc->irq_data.chip->irq_ack(&desc->irq_data);
 
 	do {
 		if (unlikely(!desc->action)) {
-- 
1.7.9.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ