[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20181016041606.135876-21-sashal@kernel.org>
Date: Tue, 16 Oct 2018 00:16:02 -0400
From: Sasha Levin <sashal@...nel.org>
To: stable@...r.kernel.org, linux-kernel@...r.kernel.org
Cc: Edgar Cherkasov <echerkasov@....rtsoft.ru>,
Wolfram Sang <wsa@...-dreams.de>,
Sasha Levin <sashal@...nel.org>
Subject: [PATCH AUTOSEL 4.4 21/25] i2c: i2c-scmi: fix for i2c_smbus_write_block_data
From: Edgar Cherkasov <echerkasov@....rtsoft.ru>
[ Upstream commit 08d9db00fe0e300d6df976e6c294f974988226dd ]
The i2c-scmi driver crashes when the SMBus Write Block transaction is
executed:
WARNING: CPU: 9 PID: 2194 at mm/page_alloc.c:3931 __alloc_pages_slowpath+0x9db/0xec0
Call Trace:
? get_page_from_freelist+0x49d/0x11f0
? alloc_pages_current+0x6a/0xe0
? new_slab+0x499/0x690
__alloc_pages_nodemask+0x265/0x280
alloc_pages_current+0x6a/0xe0
kmalloc_order+0x18/0x40
kmalloc_order_trace+0x24/0xb0
? acpi_ut_allocate_object_desc_dbg+0x62/0x10c
__kmalloc+0x203/0x220
acpi_os_allocate_zeroed+0x34/0x36
acpi_ut_copy_eobject_to_iobject+0x266/0x31e
acpi_evaluate_object+0x166/0x3b2
acpi_smbus_cmi_access+0x144/0x530 [i2c_scmi]
i2c_smbus_xfer+0xda/0x370
i2cdev_ioctl_smbus+0x1bd/0x270
i2cdev_ioctl+0xaa/0x250
do_vfs_ioctl+0xa4/0x600
SyS_ioctl+0x79/0x90
do_syscall_64+0x73/0x130
entry_SYSCALL_64_after_hwframe+0x3d/0xa2
ACPI Error: Evaluating _SBW: 4 (20170831/smbus_cmi-185)
This problem occurs because the length of ACPI Buffer object is not
defined/initialized in the code before a corresponding ACPI method is
called. The obvious patch below fixes this issue.
Signed-off-by: Edgar Cherkasov <echerkasov@....rtsoft.ru>
Acked-by: Viktor Krasnov <vkrasnov@....rtsoft.ru>
Acked-by: Michael Brunner <Michael.Brunner@...tron.com>
Signed-off-by: Wolfram Sang <wsa@...-dreams.de>
Signed-off-by: Sasha Levin <sashal@...nel.org>
---
drivers/i2c/busses/i2c-scmi.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/i2c/busses/i2c-scmi.c b/drivers/i2c/busses/i2c-scmi.c
index 7aa7b9cb6203..efefcfa24a4c 100644
--- a/drivers/i2c/busses/i2c-scmi.c
+++ b/drivers/i2c/busses/i2c-scmi.c
@@ -152,6 +152,7 @@ acpi_smbus_cmi_access(struct i2c_adapter *adap, u16 addr, unsigned short flags,
mt_params[3].type = ACPI_TYPE_INTEGER;
mt_params[3].integer.value = len;
mt_params[4].type = ACPI_TYPE_BUFFER;
+ mt_params[4].buffer.length = len;
mt_params[4].buffer.pointer = data->block + 1;
}
break;
--
2.17.1
Powered by blists - more mailing lists