| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Aug 2021 09:40:33 +0200
From: Marek Szyprowski <m.szyprowski@...sung.com>
To: Robert Foss <robert.foss@...aro.org>
Cc: Todor Tomov <todor.too@...il.com>, Andy Gross <agross@...nel.org>,
Bjorn Andersson <bjorn.andersson@...aro.org>,
Mauro Carvalho Chehab <mchehab@...nel.org>,
Hans Verkuil <hverkuil-cisco@...all.nl>,
linux-media <linux-media@...r.kernel.org>,
MSM <linux-arm-msm@...r.kernel.org>,
linux-kernel <linux-kernel@...r.kernel.org>,
Naresh Kamboju <naresh.kamboju@...aro.org>,
Hans Verkuil <hverkuil@...all.nl>,
Linux Kernel Functional Testing <lkft@...aro.org>
Subject: Re: [PATCH v1] media: camss: vfe: Don't use vfe->base before it's
assigned
Hi Robert,
On 11.08.2021 15:42, Robert Foss wrote:
> On Wed, 11 Aug 2021 at 11:41, Robert Foss <robert.foss@...aro.org> wrote:
>> Hey Marek,
>>
>> Thanks for testing this.
>>
>> On Wed, 11 Aug 2021 at 09:48, Marek Szyprowski <m.szyprowski@...sung.com> wrote:
>>> On 10.08.2021 12:33, Robert Foss wrote:
>>>> vfe->ops->hw_version(vfe) being called before vfe->base has been assigned
>>>> is incorrect and causes crashes.
>>>>
>>>> Fixes: b10b5334528a9 ("media: camss: vfe: Don't read hardware version needlessly")
>>>>
>>>> Reported-by: Linux Kernel Functional Testing <lkft@...aro.org>
>>>> Signed-off-by: Robert Foss <robert.foss@...aro.org>
>>> With this patch applied on top of linux next-20210810 instead of the
>>> NULL pointer dereference I get following error on DragonBoard410c while
>>> loading kernel modules:
>>>
>>> [ 18.480608] qcom-venus 1d00000.video-codec: Adding to iommu group 1
>>> [ 18.536167] qcom-camss 1b0ac00.camss: Adding to iommu group 2
>>> [ 18.600373] Internal error: synchronous external abort: 96000010 [#1]
>>> PREEMPT SMP
> After testing this patch + linux-next[1] I'm not able to replicate the
> 'Internal error' above on the db410c. And I don't think it is related
> to this patch.
>
> Are you seeing the same error on [1]? And are you seeing it before the
> b10b5334528a9 ("media: camss: vfe: Don't read hardware version
> needlessly") patch?
I've checked once again on your branch. Yes, it is fully reproducible on
my DragonBoard410c. On your branch I get the above synchronous external
abort, while without your last patch I get Null ptr dereference.
Are you sure you have deployed the kernel modules for doing the test?
This issue happens when udev triggers loading kernel modules for the
detected hardware.
Here is the kernel configuration used for my tests on ARM64 based board:
# make ARCH=arm64 defconfig && ./scripts/config --set-val
CMA_SIZE_MBYTES 96 -e PROVE_LOCKING -e DEBUG_ATOMIC_SLEEP -e PM_DEBUG -e
PM_ADVANCED_DEBUG -d ARCH_SUNXI -d ARCH_ALPINE -d DRM_NOUVEAU -d
ARCH_BCM_IPROC -d ARCH_BERLIN -d ARCH_BRCMSTB -d ARCH_LAYERSCAPE -d
ARCH_LG1K -d ARCH_HISI -d ARCH_MEDIATEK -d ARCH_MVEBU -d ARCH_ROCKCHIP
-d ARCH_SEATTLE -d ARCH_SYNQUACER -d ARCH_RENESAS -d ARCH_STRATIX10 -d
ARCH_TEGRA -d ARCH_SPRD -d ARCH_THUNDER -d ARCH_THUNDER2 -d
ARCH_UNIPHIER -d ARCH_XGENE -d ARCH_ZX -d ARCH_ZYNQMP -d HIBERNATION -d
CLK_SUNXI -e BLK_DEV_RAM --set-val BLK_DEV_RAM_COUNT 4 --set-val
BLK_DEV_RAM_SIZE 65536 -d CONFIG_EFI -d CONFIG_TEE
Comparing to the arm64's defconfig, I've enabled some debugging options
and disabled some unused boards.
Best regards
--
Marek Szyprowski, PhD
Samsung R&D Institute Poland
Powered by blists - more mailing lists