| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <46cb2f2a-908a-4600-8716-db7f937ec13c@linaro.org>
Date: Fri, 29 Nov 2024 10:34:17 +0100
From: Neil Armstrong <neil.armstrong@...aro.org>
To: Viresh Kumar <viresh.kumar@...aro.org>
Cc: Viresh Kumar <vireshk@...nel.org>, Nishanth Menon <nm@...com>,
Stephen Boyd <sboyd@...nel.org>,
Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org>,
linux-pm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] OPP: fix dev_pm_opp_find_bw_*() when bandwidth table
not initialized
On 29/11/2024 09:41, Viresh Kumar wrote:
> On 28-11-24, 11:07, Neil Armstrong wrote:
>> If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth
>> from the OPP table but the bandwidth table was not created because the
>> interconnect properties were missing in the OPP consumer node, the
>> kernel will crash with:
>> Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004
>> ...
>> pc : _read_bw+0x8/0x10
>> lr : _opp_table_find_key+0x9c/0x174
>> ...
>> Call trace:
>> _read_bw+0x8/0x10 (P)
>> _opp_table_find_key+0x9c/0x174 (L)
>> _find_key+0x98/0x168
>> dev_pm_opp_find_bw_ceil+0x50/0x88
>> ...
>>
>> In order to fix the crash, create an assert function to check
>> if the bandwidth table were created before trying to get a
>> bandwidth with _read_bw().
>>
>> Fixes: add1dc094a74 ("OPP: Use generic key finding helpers for bandwidth key")
>> Signed-off-by: Neil Armstrong <neil.armstrong@...aro.org>
>> ---
>> drivers/opp/core.c | 14 ++++++++++++--
>> 1 file changed, 12 insertions(+), 2 deletions(-)
>>
>> diff --git a/drivers/opp/core.c b/drivers/opp/core.c
>> index 8692e8ce05b7c31a725ea3a7928f238c7a1d6f51..178780e294dad49c22d866930efb7b8b13ae2d61 100644
>> --- a/drivers/opp/core.c
>> +++ b/drivers/opp/core.c
>> @@ -114,6 +114,14 @@ static bool assert_clk_index(struct opp_table *opp_table, int index)
>> return opp_table->clk_count > index;
>> }
>>
>> +/*
>> + * Returns true if bandwidth table is large enough to contain the bandwidth index.
>> + */
>> +static bool assert_bandwidth_index(struct opp_table *opp_table, int index)
>> +{
>> + return opp_table->path_count > index;
>> +}
>> +
>> /**
>> * dev_pm_opp_get_bw() - Gets the bandwidth corresponding to an opp
>> * @opp: opp for which bandwidth has to be returned for
>> @@ -913,7 +921,8 @@ struct dev_pm_opp *dev_pm_opp_find_bw_ceil(struct device *dev, unsigned int *bw,
>> unsigned long temp = *bw;
>> struct dev_pm_opp *opp;
>>
>> - opp = _find_key_ceil(dev, &temp, index, true, _read_bw, NULL);
>> + opp = _find_key_ceil(dev, &temp, index, true, _read_bw,
>> + assert_bandwidth_index);
>> *bw = temp;
>> return opp;
>> }
>> @@ -944,7 +953,8 @@ struct dev_pm_opp *dev_pm_opp_find_bw_floor(struct device *dev,
>> unsigned long temp = *bw;
>> struct dev_pm_opp *opp;
>>
>> - opp = _find_key_floor(dev, &temp, index, true, _read_bw, NULL);
>> + opp = _find_key_floor(dev, &temp, index, true, _read_bw,
>> + assert_bandwidth_index);
>> *bw = temp;
>> return opp;
>> }
>
> Applied. Thanks.
>
Wait, this needs the first patch to work, otherwise index is not passed to assert
Neil
Powered by blists - more mailing lists