lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 30 Oct 2020 02:04:06 +0000
From:   Qiang Zhao <qiang.zhao@....com>
To:     Vladimir Oltean <olteanv@...il.com>
CC:     "broonie@...nel.org" <broonie@...nel.org>,
        "linux-spi@...r.kernel.org" <linux-spi@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] spi: fsl-dspi: fix NULL pointer dereference

On Thu, Oct 29, 2020 at 19:03PM, Vladimir Oltean <olteanv@...il.com> wrote:


> -----Original Message-----
> From: Vladimir Oltean <olteanv@...il.com>
> Sent: 2020年10月29日 19:03
> To: Qiang Zhao <qiang.zhao@....com>
> Cc: broonie@...nel.org; linux-spi@...r.kernel.org;
> linux-kernel@...r.kernel.org
> Subject: Re: [PATCH] spi: fsl-dspi: fix NULL pointer dereference
> 
> On Thu, Oct 29, 2020 at 04:40:35PM +0800, Qiang Zhao wrote:
> > From: Zhao Qiang <qiang.zhao@....com>
> >
> > Since commit 530b5affc675 ("spi: fsl-dspi: fix use-after-free in
> > remove path"), this driver causes a kernel oops:
> >
> > [   64.587431] Unable to handle kernel NULL pointer dereference at
> > virtual address 0000000000000020
> > [..]
> > [   64.756080] Call trace:
> > [   64.758526]  dspi_suspend+0x30/0x78
> > [   64.762012]  platform_pm_suspend+0x28/0x70
> > [   64.766107]  dpm_run_callback.isra.19+0x24/0x70
> > [   64.770635]  __device_suspend+0xf4/0x2f0
> > [   64.774553]  dpm_suspend+0xec/0x1e0
> > [   64.778036]  dpm_suspend_start+0x80/0xa0
> > [   64.781957]  suspend_devices_and_enter+0x118/0x4f0
> > [   64.786743]  pm_suspend+0x1e0/0x260
> > [   64.790227]  state_store+0x8c/0x118
> > [   64.793712]  kobj_attr_store+0x18/0x30
> > [   64.797459]  sysfs_kf_write+0x40/0x58
> > [   64.801118]  kernfs_fop_write+0x148/0x240
> > [   64.805126]  vfs_write+0xc0/0x230
> > [   64.808436]  ksys_write+0x6c/0x100
> > [   64.811833]  __arm64_sys_write+0x1c/0x28
> > [   64.815753]  el0_svc_common.constprop.3+0x68/0x170
> > [   64.820541]  do_el0_svc+0x24/0x90
> > [   64.823853]  el0_sync_handler+0x118/0x168
> > [   64.827858]  el0_sync+0x158/0x180
> >
> > This is because since this commit, the drivers private data point to
> > "dspi" instead of "ctlr", the codes in suspend and resume func were
> > not modified correspondly.
> >
> > Fixes: 530b5affc675 ("spi: fsl-dspi: fix use-after-free in remove
> > path")
> > Signed-off-by: Zhao Qiang <qiang.zhao@....com>
> > ---
> 
> Please update your tree.
> https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.c
> om%2Ftorvalds%2Flinux%2Fcommit%2F6e3837668e00fb914ac2b43158ef51b0
> 27ec385c&amp;data=04%7C01%7Cqiang.zhao%40nxp.com%7C50171bf65a5e
> 4f24e0c208d87bfa3fe9%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0
> %7C637395662023835048%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjA
> wMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sda
> ta=NlmOj1SfvKu2V7nrSYF3lDji25xbP5PeDl1PcwlKyr4%3D&amp;reserved=0

I saw the patch, it just fix the issue when the kernel are booted up.
But there still have the issue when the driver suspend and resume. 

Best Regards
Qiang Zhao

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ