| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251121091125.6289-1-ansuelsmth@gmail.com>
Date: Fri, 21 Nov 2025 10:11:20 +0100
From: Christian Marangi <ansuelsmth@...il.com>
To: Bjorn Andersson <andersson@...nel.org>,
Konrad Dybcio <konradybcio@...nel.org>,
Christian Marangi <ansuelsmth@...il.com>,
linux-arm-msm@...r.kernel.org,
linux-kernel@...r.kernel.org
Cc: Dan Carpenter <dan.carpenter@...aro.org>
Subject: [PATCH] soc: qcom: smem: fix qcom_smem_is_available and check if __smem is valid
Commit 7a94d5f31b54 ("soc: qcom: smem: better track SMEM uninitialized
state") changed the usage of __smem and init now as an error pointer
instead of NULL.
qcom_smem_is_available() wasn't updated to reflect this change and also
.qcom_smem_remove doesn't reset it on module exit.
While at it also proced other expoert symbol if __smem is not set to a
correct pointer.
The changed symbol are unlikely to cause a kernel panic (as it's
expected to always check qcom_smem_is_available() before any SMEM usage)
but it's still worth to protect them by any wrong usage.
Fixes: 7a94d5f31b54 ("soc: qcom: smem: better track SMEM uninitialized state")
Reported-by: Dan Carpenter <dan.carpenter@...aro.org>
Signed-off-by: Christian Marangi <ansuelsmth@...il.com>
---
drivers/soc/qcom/smem.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/drivers/soc/qcom/smem.c b/drivers/soc/qcom/smem.c
index fef840b54574..c8db29c54ddb 100644
--- a/drivers/soc/qcom/smem.c
+++ b/drivers/soc/qcom/smem.c
@@ -381,6 +381,9 @@ static struct qcom_smem *__smem = INIT_ERR_PTR(-EPROBE_DEFER);
*/
int qcom_smem_bust_hwspin_lock_by_host(unsigned int host)
{
+ if (IS_ERR(__smem))
+ return PTR_ERR(__smem);
+
/* This function is for remote procs, so ignore SMEM_HOST_APPS */
if (host == SMEM_HOST_APPS || host >= SMEM_HOST_COUNT)
return -EINVAL;
@@ -396,7 +399,7 @@ EXPORT_SYMBOL_GPL(qcom_smem_bust_hwspin_lock_by_host);
*/
bool qcom_smem_is_available(void)
{
- return !!__smem;
+ return !IS_ERR(__smem);
}
EXPORT_SYMBOL_GPL(qcom_smem_is_available);
@@ -777,6 +780,9 @@ phys_addr_t qcom_smem_virt_to_phys(void *p)
u64 offset;
u32 i;
+ if (IS_ERR(__smem))
+ return 0;
+
for (i = 0; i < SMEM_HOST_COUNT; i++) {
part = &__smem->partitions[i];
@@ -1247,7 +1253,8 @@ static void qcom_smem_remove(struct platform_device *pdev)
{
platform_device_unregister(__smem->socinfo);
- __smem = NULL;
+ /* Set to -EPROBE_DEFER to signal unprobed state */
+ __smem = ERR_PTR(-EPROBE_DEFER);
}
static const struct of_device_id qcom_smem_of_match[] = {
--
2.51.0
Powered by blists - more mailing lists