lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240217150228.5788-1-johan+linaro@kernel.org>
Date: Sat, 17 Feb 2024 16:02:22 +0100
From: Johan Hovold <johan+linaro@...nel.org>
To: Bjorn Andersson <andersson@...nel.org>,
	Andrzej Hajda <andrzej.hajda@...el.com>,
	Neil Armstrong <neil.armstrong@...aro.org>,
	Robert Foss <rfoss@...nel.org>,
	Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>,
	Maxime Ripard <mripard@...nel.org>,
	Thomas Zimmermann <tzimmermann@...e.de>,
	David Airlie <airlied@...il.com>,
	Daniel Vetter <daniel@...ll.ch>,
	Vinod Koul <vkoul@...nel.org>
Cc: Jonas Karlman <jonas@...boo.se>,
	Laurent Pinchart <Laurent.pinchart@...asonboard.com>,
	Jernej Skrabec <jernej.skrabec@...il.com>,
	Konrad Dybcio <konrad.dybcio@...aro.org>,
	Kishon Vijay Abraham I <kishon@...nel.org>,
	Dmitry Baryshkov <dmitry.baryshkov@...aro.org>,
	Rob Clark <robdclark@...il.com>,
	Abhinav Kumar <quic_abhinavk@...cinc.com>,
	Kuogee Hsieh <quic_khsieh@...cinc.com>,
	freedreno@...ts.freedesktop.org,
	dri-devel@...ts.freedesktop.org,
	linux-kernel@...r.kernel.org,
	linux-arm-msm@...r.kernel.org,
	linux-phy@...ts.infradead.org,
	Johan Hovold <johan+linaro@...nel.org>
Subject: [PATCH 0/6] soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free

Starting with 6.8-rc1 the internal display sometimes fails to come up on
machines like the Lenovo ThinkPad X13s and the logs indicate that this
is due to a regression in the DRM subsystem [1].

This series fixes a race in the pmic_glink_altmode driver which was
exposed / triggered by the transparent DRM bridges rework that went into
6.8-rc1 and that manifested itself as a bridge failing to attach and
sometimes triggering a NULL-pointer dereference.

The intermittent hard resets that have also been reported since 6.8-rc1
unfortunately still remains and suggests that we are dealing with two
separate regressions. There is some indication that also the hard resets
(e.g. due to register accesses to unclocked hardware) are also due to
changes in the DRM subsystem as it happens around the time that the eDP
panel and display controller would be initialised during boot (the
runtime PM rework?). This remains to be verified, however.

Included is also a fix for a related OF node reference leak in the
aux-hpd driver found through inspection when reworking the driver.

The use-after-free bug is triggered by a probe deferral and highlighted
some further bugs in the involved drivers, which were registering child
devices before deferring probe. This behaviour is not correct and can
both trigger probe deferral loops and potentially also further issues
with the DRM bridge implementation.

This series can either go through the Qualcomm SoC tree (pmic_glink) or
the DRM tree. The PHY patches do not depend on the rest of the series
and could possibly be merged separately through the PHY tree.

Whichever gets this to mainline the fastest.

Johan


[1] https://lore.kernel.org/lkml/ZctVmLK4zTwcpW3A@hovoldconsulting.com/


Johan Hovold (5):
  drm/bridge: aux-hpd: fix OF node leaks
  drm/bridge: aux-hpd: separate allocation and registration
  soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free
  phy: qcom-qmp-combo: fix drm bridge registration
  phy: qcom-qmp-combo: fix type-c switch registration

Rob Clark (1):
  soc: qcom: pmic_glink: Fix boot when QRTR=m

 drivers/gpu/drm/bridge/aux-hpd-bridge.c   | 70 ++++++++++++++++++-----
 drivers/phy/qualcomm/phy-qcom-qmp-combo.c | 16 +++---
 drivers/soc/qcom/pmic_glink.c             | 21 +++----
 drivers/soc/qcom/pmic_glink_altmode.c     | 16 +++++-
 include/drm/bridge/aux-bridge.h           | 15 +++++
 5 files changed, 102 insertions(+), 36 deletions(-)

-- 
2.43.0


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ