| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <161282203270.4168818.14030280893762596656@swboyd.mtv.corp.google.com>
Date: Mon, 08 Feb 2021 14:07:12 -0800
From: Stephen Boyd <sboyd@...nel.org>
To: Subbaraman Narayanamurthy <subbaram@...eaurora.org>,
linux-kernel@...r.kernel.org
Cc: linux-arm-msm@...r.kernel.org,
David Collins <collinsd@...eaurora.org>,
Subbaraman Narayanamurthy <subbaram@...eaurora.org>,
stable@...r.kernel.org
Subject: Re: [PATCH] spmi: spmi-pmic-arb: Fix hw_irq overflow
Quoting Subbaraman Narayanamurthy (2021-02-08 11:33:04)
> Currently, when handling the SPMI summary interrupt, the hw_irq
> number is calculated based on SID, Peripheral ID, IRQ index and
> APID. This is then passed to irq_find_mapping() to see if a
> mapping exists for this hw_irq and if available, invoke the
> interrupt handler. Since the IRQ index uses an "int" type, hw_irq
> which is of unsigned long data type can take a large value when
> SID has its MSB set to 1 and the type conversion happens. Because
> of this, irq_find_mapping() returns 0 as there is no mapping
> for this hw_irq. This ends up invoking cleanup_irq() as if
> the interrupt is spurious whereas it is actually a valid
> interrupt. Fix this by using the proper data type (u32) for id.
>
> Cc: stable@...r.kernel.org
> Signed-off-by: Subbaraman Narayanamurthy <subbaram@...eaurora.org>
> ---
Applied to spmi-next
Powered by blists - more mailing lists