| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 7 Feb 2024 14:09:02 +0530
From: Dhruva Gole <d-gole@...com>
To: Mark Brown <broonie@...nel.org>
CC: Théo Lebrun <theo.lebrun@...tlin.com>,
Apurva Nandan
<a-nandan@...com>, <linux-spi@...r.kernel.org>,
<linux-kernel@...r.kernel.org>,
Gregory CLEMENT
<gregory.clement@...tlin.com>,
Vladimir Kondratiev
<vladimir.kondratiev@...ileye.com>,
Thomas Petazzoni
<thomas.petazzoni@...tlin.com>,
Tawfik Bayouk <tawfik.bayouk@...ileye.com>
Subject: Re: [PATCH v2 2/4] spi: cadence-qspi: fix pointer reference in
runtime PM hooks
Hi Mark,
On Feb 05, 2024 at 15:12:10 +0000, Mark Brown wrote:
> On Mon, Feb 05, 2024 at 03:57:30PM +0100, Théo Lebrun wrote:
> > dev_get_drvdata() gets used to acquire the pointer to cqspi and the SPI
> > controller. Neither embed the other; this lead to memory corruption.
> >
> > On a given platform (Mobileye EyeQ5) the memory corruption is hidden
> > inside cqspi->f_pdata. Also, this uninitialised memory is used as a
> > mutex (ctlr->bus_lock_mutex) by spi_controller_suspend().
>
> Please place fixes at the start of serieses so that they don't end up
> with spurious dependencies on other changes and can more easily be
> applied as fixes.
Didn't really understand the comment here, aren't the 1,2 and 3 patches
fixes and the last one the non-fix? Thus fixes are indeed placed at
start of this series right?
Can you help understand with some example series?
--
Best regards,
Dhruva Gole <d-gole@...com>
Powered by blists - more mailing lists