Karthikeyan Periasamy
0ab1e80f54
msm: vidc: fix the interrupt miss issue from video hardware
...
enable_irq() called before processing responses in work handler
which would lead to miss interrupt from video hardware sometimes.
An interrupt from video h/w will queue the work to work handler
but if work is already running the new work is not posted.
work handler has two parts, one, read all the messages from video h/w,
two, process the messages. queue work while processing messages
will miss reading the new messages from video h/w because
the queue work (as a result of interrupt from video h/w) will not
actually queue the work as work handler already running. Fix the
issue by enabling irq after processing all the responses to
makesure interrupt coming from video h/w after work handler
completed processing the messages.
CRs-Fixed: 1086284
Change-Id: Id158e5c6d89fc8b761d8cfe92afbf3592877c556
Signed-off-by: Karthikeyan Periasamy <kperiasa@codeaurora.org>
2016-11-21 11:24:22 -08:00
Linux Build Service Account
9febdfdde0
Merge "msm: gsi: fix interrupt processing"
2016-11-21 09:18:58 -08:00
Linux Build Service Account
8b719092d1
Merge "clk: qcom: Add set_flags ops for the clk_gate2_ops"
2016-11-21 09:18:57 -08:00
Linux Build Service Account
a685144ee9
Merge "ARM: dts: msm: Add DT for mediabox variant of apqcobalt"
2016-11-21 09:18:56 -08:00
Linux Build Service Account
e6e162f89b
Merge "msm: ipa: add api for getting IPA pdev"
2016-11-21 09:18:56 -08:00
Taniya Das
30c8e92ec0
clk: qcom: Add support for rf clk1 for msmfalcon
...
RF clock 2 is not required on msmfalcon, so remove the clock instance and
add rf clk1 support instead.
Change-Id: I13258295e9ae9c8607586ed5686e97276823d08c
Signed-off-by: Taniya Das <tdas@codeaurora.org>
2016-11-21 02:26:03 -08:00
Taniya Das
406019efc2
ARM: dts: msm: Update clock gfx node for MSMfalcon/Triton
...
Modify the clock_gfx dummy clock to use the real clock controller for all
gpu clock controller clients.
Change-Id: If3c707877f2a0da04065b57a1c2fd44d256a5303
Signed-off-by: Taniya Das <tdas@codeaurora.org>
2016-11-21 14:45:05 +05:30
Taniya Das
98e734e061
defconfig: msm: Add support for GPUCC clocks
...
GPU clock controller is required to be enabled for GPU clocks
supported by GPU clock controller.
Change-Id: Ica381b0b73bd59a10ac8fd876bda5c21678dfddb
Signed-off-by: Taniya Das <tdas@codeaurora.org>
2016-11-21 14:44:56 +05:30
Taniya Das
48638ac98d
clk: qcom: Add support for MMCC clock for MSMFalcon
...
Add support for the multimedia clock controller found on MSMFalcon
based devices. This should allow most clocks for multimedia peripherals
which includes display, video, camera etc.
Change-Id: If8aa0b094af5ff82fe66c95e3ef2f13632950d2e
Signed-off-by: Taniya Das <tdas@codeaurora.org>
2016-11-21 12:42:02 +05:30
Skylar Chang
cd1c2b1674
msm: gsi: fix interrupt processing
...
Fix GSI interrupt processing to make sure interrupt are
not missed. In order to achieve that interrupt should first be
cleared before processed.
Change-Id: I42978f2230e95456e4b4e932365e5b2c83445f56
CRs-Fixed: 1090894
Acked-by: Ady Abraham <adya@qti.qualcomm.com>
Signed-off-by: Skylar Chang <chiaweic@codeaurora.org>
2016-11-20 21:20:56 -08:00
Neeraj Upadhyay
f60f31a810
ARM: dts: msm: Add RTB support for msmtriton
...
Add RTB (Register Trace Buffer) device tree entry for
msmtriton.
Change-Id: I6d55bf454cd629cd4894b60e40e9266d7e8b5bb9
Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
2016-11-21 10:03:15 +05:30
Neeraj Upadhyay
b5e5b2cca4
ARM: dts: msm: Add mpm2-sleep-counter device for msmtriton
...
Add mpm2-sleep-counter device node, which is used by the
boot_stats driver.
Change-Id: I2c8ffe10b650777f6c0b697c33e958300c9dbe66
Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
2016-11-21 10:02:08 +05:30
Neeraj Upadhyay
55f15152e7
ARM: dts: msm: Add restart node and imem entries for msmtriton
...
Add restart node for msmtriton. Additionally, add IMEM
entries for restart-reason, dload_type, and boot_stats.
Change-Id: Ic72005ca76ceea377154e4b11dceccd7c8dc5ab5
Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
2016-11-21 10:01:18 +05:30
Neeraj Upadhyay
5abaf0175b
ARM: dts: msm: Add RTB support for msmfalcon
...
Add RTB (Register Trace Buffer) device tree entry for
msmfalcon.
Change-Id: Ifd9f97f8595daac67c733e6120cdb3c89e5a02a4
Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
2016-11-21 10:01:10 +05:30
Neeraj Upadhyay
70fdea2c6f
ARM: dts: msm: Add mpm2-sleep-counter device for msmfalcon
...
Add mpm2-sleep-counter device node, which is used by the
boot_stats driver.
Change-Id: I32fb4c9a9be83a4448754bffde798432e417b17c
Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
2016-11-21 10:00:05 +05:30
Neeraj Upadhyay
2ce615a036
ARM: dts: msm: Add restart node and imem entries for msmfalcon
...
Add restart node for msmfalcon. Additionally, add IMEM
entries for restart-reason, dload_type, and boot_stats.
Change-Id: I48e84889b0867d98d70056eecae07becebae4c00
Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
2016-11-21 09:59:42 +05:30
Neeraj Upadhyay
df4eabb360
ARM: dts: msm: add perf-events support for msmfalcon and msmtriton
...
Add device tree entry for performance monitor unit (pmu) on msmfalcon
and msmtriton.
Change-Id: I97a28cccc0494ea5ff45ccade9721da0c85edef7
Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
2016-11-21 09:54:49 +05:30
Amit Nischal
9fdf09f78d
clk: qcom: Add set_flags ops for the clk_gate2_ops
...
Gate clocks would also require to set the flags using
clk_set_flags. Add the clk_ops for the same.
Change-Id: I9d180e4aedb17692eb2e48f98461239d29bbf975
Signed-off-by: Amit Nischal <anischal@codeaurora.org>
2016-11-21 09:50:23 +05:30
Linux Build Service Account
e2787f510d
Merge "ARM: dts: msm: change UFS/SDHC2 power supply for msmcobalt interposer QRD"
2016-11-20 17:44:54 -08:00
Linux Build Service Account
a0b8ac8a28
Merge "ARM: dts: msm: add charger/fg device nodes for PMFALCON"
2016-11-19 07:36:59 -08:00
Linux Build Service Account
3c45c2a8a2
Promotion of kernel.lnx.4.4-161119.
...
CRs Change ID Subject
--------------------------------------------------------------------------------------------------------------
1088658 I2f994ae0250ffc8f740ea633324815ae429c74be msm: ipa3: linearize large skbs
1077102 I09359b528b4742f72a76690930f3d0ed90bb2caa msm: mdss: move warnings and errors out of mdss spinlock
1089895 I84185558fa6e80b13d7d0078bda9d75143680941 tcp: take care of truncations done by sk_filter()
1091511 Ia151b2dd5229f07790ac961af298305b24e098fb msm: wlan: update regulatory database
1081957 I24820bd6254002f8a8db9604d230dcbce59b1beb clk: qcom: Add support to be able to slew PLL
1081738 I10a788726358c56df9bfe11f2332e3823d7cd332 ARM: dts: msm: Enable auto GM for WLED in pmicobalt
1077726 I031ca48f0e0c39f1b2cb51081ecd55b086fb4c9b msm: mdss: fix pp timeout during transition from LP1 to
1074985 Ib2268181a617c23d62b5b6f857be5327113b2a67 soc: qcom: smem: Redesign smem memory architecture
1090708 I9cda84d1c199b72ce8b9e2997601bcc7430ddbf3 ARM: dts: msm: Update the console uart gpios for msmfalc
1080245 I3b4cf83e776750d993d53331142223109bf0862e clk: qcom: Add support for debugfs support
1087110 I3694952289c76394af8d40cd89fd2175f49ac127 msm: mdss: Add systrace for readptr_done
1089865 Ia73ab1ba51df7b501d246bb45141018409496d01 ARM: dts: msm: ensure contiguous MSI for PCIe on msmcoba
941978 Idee8691d769218d7e732c9b7f936a2c40946b239 Revert "scsi: ufs: stub UFS shutdown handler"
1091072 I7e9ada5de1f619c6a34a4b2e1764f5e908564ce5 iio: rradc: Update reading USBIN_V channel
1075082 I971e555ec8d02ccf4382e83132a696b065a8ff12 qseecom: improve error checks in qseecom_probe()
1080245 Ib67b3a3409c9e7d8adb710bb524f54f543abf712 clk: add/modify debugfs support for clocks
941978 Id499abc27303bfed72fab4d61abb872bad7d9043 scsi: ufs: error out all issued requests after shutdown
1083537 I73fc02b812f2e6694e2a6aa8bdad2381a5f19406 ASoC: msm: Fix sound card registration failure
1085331 I92e98ab46107fbcfd843898423b41716a204c2ae ARM: dts: msm: Correct interrupt assignments for msmcoba
1073250 Idc9ca896b3fe6c1c6a72a066a6e453d27a3173e8 Asoc: clean up bootup errors
1091147 I30b8488a1c19815601e6a1c5bcbdeed53715f8fa usb: phy: qusb: Make sure QUSB PHY is into proper state
1086292 I6482dc3d21fdc3e570fd53022e2fb9427668d939 msm: mdss: add null check before dereferencing src_fmt
1086292 I4812330453dedacd16dad1d920a2bacc3f67042b msm: mdss: fix race condition in dsi clk off request
1088709 I21e1c029e6b245cfa26a187b35bb1f6845302484 clk: msm: Add the CLKFLAG_NO_RATE_CACHE flag for MM cloc
1082112 I171c91e700c24ecc213ccda705bbe6188d22a43a scsi: ufs: fix sleep in atomic context
1091354 I9f928f0aad6af346de43965755beb039e422047a Revert "defconfig: msm: avoid compilation of MDSS DP dri
1090727 I78d2c27743d30b90a96e3d8df60859f67db7ddb8 ARM: dts: msm: Add ufs regulators for msmfalcon interpos
1090029 I66f6de42b106fa2027285e7393b6f9fc143d00d8 leds: qpnp-flash: Fix the mask in the flash prepare API
1089181 I4a382915a6c3a6b9d445ec1f5d57fb499a011f1a driver: thermal: msm_thermal: Enable Reliability algorit
1079438 Ib14c5b9121190dded5071ff60ecf0be8e5e5c232 ARM: dts: msm: Add physical dimensions for NT35597 panel
1060212 Iabe79bae5f9471c3c6128ed21efd04de00739daa leds: qpnp-flash-v2: Add support for thermal derate feat
1091127 I7220ad565212c325514301e4c59415b807deb99a ARM: dts: msm: Add gladiator support on msmfalcon and ms
1091440 I0eb8b9a357f172984612175d1b03dd872df91b6f diag: Call diagmem_exit only if the mempool is initializ
1090076 Ia85688854f26fe871d5c1253c2d51d75d84deb8f ARM: dts: msm: Add dummy regulator for LCDB bias
1064071 Ic0dedbad372fd9029b932dd99633a650049751ed msm: kgsl: Fix pagetable member of struct kgsl_memdesc
1083537 I3d2765535793d6ef9153cfcab4b44a9adad67e15 ASoC: msm: Add support for USB/WCN/TDM Audio
1091141 I6ce48512df5973bf8a2a3081a3a6f8759aeb499f ARM: dts: msm: Set USB core clock rate for USB2/USB3 for
1060212 Ie7a94f59e58b8f1b0816afda2496449694629205 leds: qpnp-flash-v2: add support to read pmic revid
1080701 If08ff46e72d537254e90707f28c849a86f262853 ARM: dts: msm: specify I2C configuration for msmfalcon
1079442 I822d6280b301b2db6194c845098c935e612ca61c ASoC: wcd934x: Fix adie loopback through sidetone src pa
1089895 Idc52737bc96097a9220dfe47bb76e94ff1026a05 rose: limit sk_filter trim to payload
1091147 Ibfecfe1846d02b959bd249acac3fe4c57b88aaf0 USB: phy: qusb: Turn on vdd along with 1p8/3p3 LDOs when
1090701 I0e06be169edc2eb1d35ef7fc6c41ff1809aebd03 pinctrl: qcom: msmfalcon: Update gpios as per latest gpi
1086292 I422d53d008223a9b0520f499e629f681bb6afa05 mdss: mdp: avoid panic if recovery handler is uninitiali
1060212 I42503ccd2b2dcc62c5c868132d202b9698c9d216 leds: qpnp-flash-v2: change from dev_*() to pr_*() for l
1090076 Ie828c8568ef09c89cff157d16d3cb322647b6f6e ARM: dts: msm: enable mdss power supplies for falcon tra
10748791074879108702010748791087020
2016-11-19 05:39:11 -07:00
Linux Build Service Account
599e3b8615
Merge "ASoC: msm: q6dspv2: fix potentional information leak"
2016-11-18 20:32:05 -08:00
Linux Build Service Account
0f4381183c
Merge "ASoC: wcd934x: Fix adie loopback through sidetone src path"
2016-11-18 20:32:05 -08:00
Linux Build Service Account
be8cb4023a
Merge "Asoc: clean up bootup errors"
2016-11-18 20:32:04 -08:00
Linux Build Service Account
ea9a78c52a
Merge "Revert "defconfig: msm: avoid compilation of MDSS DP driver for 32-bit msmfalcon""
2016-11-18 20:32:03 -08:00
Linux Build Service Account
e9719c4157
Merge "ARM: dts: msm: Add support for USB device for msmfalcon and msmtriton"
2016-11-18 20:32:02 -08:00
Linux Build Service Account
b2c7e8b303
Merge "ARM: dts: msm: enable mdss power supplies for falcon track3"
2016-11-18 20:32:01 -08:00
Linux Build Service Account
38553d1c06
Merge "usb: pd: Don't suspend charging unless changing voltages"
2016-11-18 20:32:00 -08:00
Linux Build Service Account
2003828449
Merge "iio: rradc: Update reading USBIN_V channel"
2016-11-18 20:32:00 -08:00
Linux Build Service Account
609853f219
Merge "icnss: Reset mpm_wcssaon_config bits before top level reset"
2016-11-18 20:31:59 -08:00
Linux Build Service Account
6dfb1148cd
Merge "qcom-charger: smb2: Disable try.SINK mode in the probe"
2016-11-18 20:31:58 -08:00
Linux Build Service Account
f6087edb1c
Merge "msm: ipa3: header file change for wdi-stats"
2016-11-18 20:31:57 -08:00
Linux Build Service Account
254513bc2a
Merge "ARM: dts: msm: Set USB core clock rate for USB2/USB3 for msm8996"
2016-11-18 20:31:56 -08:00
Linux Build Service Account
2966690a35
Merge "ARM: dts: msm: Add gladiator support on msmfalcon and msmtriton"
2016-11-18 20:31:55 -08:00
Linux Build Service Account
1dd78d6f6c
Merge "ARM: dts: msm: Correct interrupt assignments for msmcobalt"
2016-11-18 20:31:55 -08:00
Linux Build Service Account
f6b3ab0e32
Merge "clk: qcom: Add support for RCGs with dynamic and fixed sources"
2016-11-18 20:31:54 -08:00
Linux Build Service Account
43c797f34c
Merge "qcom-charger: WA for legacy bit set on hard reboot"
2016-11-18 20:31:53 -08:00
Linux Build Service Account
bf9bb2a461
Merge "usb: phy: qusb: Make sure QUSB PHY is into proper state"
2016-11-18 20:31:52 -08:00
Linux Build Service Account
ca52fb4ff7
Merge "USB: phy: qusb: Turn on vdd along with 1p8/3p3 LDOs when PMI requests"
2016-11-18 20:31:52 -08:00
Linux Build Service Account
ebe82ef7e9
Merge "soc: qcom: smem: Redesign smem memory architecture"
2016-11-18 20:31:51 -08:00
Linux Build Service Account
b5bbeae208
Merge "ARM: dts: msm: Update the console uart gpios for msmfalcon"
2016-11-18 20:31:50 -08:00
Linux Build Service Account
3e919fe874
Merge "msm: mdss: move warnings and errors out of mdss spinlock"
2016-11-18 20:31:49 -08:00
Linux Build Service Account
f6a461edb6
Merge "msm: mdss: fix pp timeout during transition from LP1 to power on"
2016-11-18 20:31:49 -08:00
Linux Build Service Account
c9c246439d
Merge "msm: mdss: fix autorefresh disable during handoff"
2016-11-18 20:31:48 -08:00
Linux Build Service Account
9ce677c421
Merge "ASoC: wcd-mbhc: correct cross connection check"
2016-11-18 20:31:45 -08:00
Nick Desaulniers
3b5cf91f45
cgroup: prefer %pK to %p
...
Prevents leaking kernel pointers when using kptr_restrict.
Bug: 30149174
Change-Id: I0fa3cd8d4a0d9ea76d085bba6020f1eda073c09b
Git-repo: https://android.googlesource.com/kernel/msm.git
Git-commit: 505e48f32f1321ed7cf80d49dd5f31b16da445a8
Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org>
2016-11-18 17:08:58 -08:00
Phil Turnbull
5488bec236
netfilter: nfnetlink: correctly validate length of batch messages
...
If nlh->nlmsg_len is zero then an infinite loop is triggered because
'skb_pull(skb, msglen);' pulls zero bytes.
The calculation in nlmsg_len() underflows if 'nlh->nlmsg_len <
NLMSG_HDRLEN' which bypasses the length validation and will later
trigger an out-of-bound read.
If the length validation does fail then the malformed batch message is
copied back to userspace. However, we cannot do this because the
nlh->nlmsg_len can be invalid. This leads to an out-of-bounds read in
netlink_ack:
[ 41.455421] ==================================================================
[ 41.456431] BUG: KASAN: slab-out-of-bounds in memcpy+0x1d/0x40 at addr ffff880119e79340
[ 41.456431] Read of size 4294967280 by task a.out/987
[ 41.456431] =============================================================================
[ 41.456431] BUG kmalloc-512 (Not tainted): kasan: bad access detected
[ 41.456431] -----------------------------------------------------------------------------
...
[ 41.456431] Bytes b4 ffff880119e79310: 00 00 00 00 d5 03 00 00 b0 fb fe ff 00 00 00 00 ................
[ 41.456431] Object ffff880119e79320: 20 00 00 00 10 00 05 00 00 00 00 00 00 00 00 00 ...............
[ 41.456431] Object ffff880119e79330: 14 00 0a 00 01 03 fc 40 45 56 11 22 33 10 00 05 .......@EV."3...
[ 41.456431] Object ffff880119e79340: f0 ff ff ff 88 99 aa bb 00 14 00 0a 00 06 fe fb ................
^^ start of batch nlmsg with
nlmsg_len=4294967280
...
[ 41.456431] Memory state around the buggy address:
[ 41.456431] ffff880119e79400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.456431] ffff880119e79480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.456431] >ffff880119e79500: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[ 41.456431] ^
[ 41.456431] ffff880119e79580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 41.456431] ffff880119e79600: fc fc fc fc fc fc fc fc fc fc fb fb fb fb fb fb
[ 41.456431] ==================================================================
Fix this with better validation of nlh->nlmsg_len and by setting
NFNL_BATCH_FAILURE if any batch message fails length validation.
CAP_NET_ADMIN is required to trigger the bugs.
Fixes: 9ea2aa8b7dhttps://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git
Git-commit: c58d6c93680f28ac58984af61d0a7ebf4319c241
Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org>
2016-11-18 17:05:18 -08:00
Benjamin Tissoires
a10d83024d
HID: core: prevent out-of-bound readings
...
Plugging a Logitech DJ receiver with KASAN activated raises a bunch of
out-of-bound readings.
The fields are allocated up to MAX_USAGE, meaning that potentially, we do
not have enough fields to fit the incoming values.
Add checks and silence KASAN.
Change-Id: I3b04131079a27f0b1cd60df03c793e8d9ffe5e91
Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Git-repo: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git
Git-commit: 50220dead1650609206efe91f0cc116132d59b3f
Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org>
2016-11-18 16:59:58 -08:00
Peter Hurley
d62ea94957
tty: Prevent ldisc drivers from re-using stale tty fields
...
Line discipline drivers may mistakenly misuse ldisc-related fields
when initializing. For example, a failure to initialize tty->receive_room
in the N_GIGASET_M101 line discipline was recently found and fixed [1].
Now, the N_X25 line discipline has been discovered accessing the previous
line discipline's already-freed private data [2].
Harden the ldisc interface against misuse by initializing revelant
tty fields before instancing the new line discipline.
[1]
commit fd98e9419dhttps://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git
Git-commit: dd42bf1197144ede075a9d4793123f7689e164bc
Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org>
2016-11-18 16:57:49 -08:00
Mauro Carvalho Chehab
694339fd33
[media] xc2028: avoid use after free
...
If struct xc2028_config is passed without a firmware name,
the following trouble may happen:
[11009.907205] xc2028 5-0061: type set to XCeive xc2028/xc3028 tuner
[11009.907491] ==================================================================
[11009.907750] BUG: KASAN: use-after-free in strcmp+0x96/0xb0 at addr ffff8803bd78ab40
[11009.907992] Read of size 1 by task modprobe/28992
[11009.907994] =============================================================================
[11009.907997] BUG kmalloc-16 (Tainted: G W ): kasan: bad access detected
[11009.907999] -----------------------------------------------------------------------------
[11009.908008] INFO: Allocated in xhci_urb_enqueue+0x214/0x14c0 [xhci_hcd] age=0 cpu=3 pid=28992
[11009.908012] ___slab_alloc+0x581/0x5b0
[11009.908014] __slab_alloc+0x51/0x90
[11009.908017] __kmalloc+0x27b/0x350
[11009.908022] xhci_urb_enqueue+0x214/0x14c0 [xhci_hcd]
[11009.908026] usb_hcd_submit_urb+0x1e8/0x1c60
[11009.908029] usb_submit_urb+0xb0e/0x1200
[11009.908032] usb_serial_generic_write_start+0xb6/0x4c0
[11009.908035] usb_serial_generic_write+0x92/0xc0
[11009.908039] usb_console_write+0x38a/0x560
[11009.908045] call_console_drivers.constprop.14+0x1ee/0x2c0
[11009.908051] console_unlock+0x40d/0x900
[11009.908056] vprintk_emit+0x4b4/0x830
[11009.908061] vprintk_default+0x1f/0x30
[11009.908064] printk+0x99/0xb5
[11009.908067] kasan_report_error+0x10a/0x550
[11009.908070] __asan_report_load1_noabort+0x43/0x50
[11009.908074] INFO: Freed in xc2028_set_config+0x90/0x630 [tuner_xc2028] age=1 cpu=3 pid=28992
[11009.908077] __slab_free+0x2ec/0x460
[11009.908080] kfree+0x266/0x280
[11009.908083] xc2028_set_config+0x90/0x630 [tuner_xc2028]
[11009.908086] xc2028_attach+0x310/0x8a0 [tuner_xc2028]
[11009.908090] em28xx_attach_xc3028.constprop.7+0x1f9/0x30d [em28xx_dvb]
[11009.908094] em28xx_dvb_init.part.3+0x8e4/0x5cf4 [em28xx_dvb]
[11009.908098] em28xx_dvb_init+0x81/0x8a [em28xx_dvb]
[11009.908101] em28xx_register_extension+0xd9/0x190 [em28xx]
[11009.908105] em28xx_dvb_register+0x10/0x1000 [em28xx_dvb]
[11009.908108] do_one_initcall+0x141/0x300
[11009.908111] do_init_module+0x1d0/0x5ad
[11009.908114] load_module+0x6666/0x9ba0
[11009.908117] SyS_finit_module+0x108/0x130
[11009.908120] entry_SYSCALL_64_fastpath+0x16/0x76
[11009.908123] INFO: Slab 0xffffea000ef5e280 objects=25 used=25 fp=0x (null) flags=0x2ffff8000004080
[11009.908126] INFO: Object 0xffff8803bd78ab40 @offset=2880 fp=0x0000000000000001
[11009.908130] Bytes b4 ffff8803bd78ab30: 01 00 00 00 2a 07 00 00 9d 28 00 00 01 00 00 00 ....*....(......
[11009.908133] Object ffff8803bd78ab40: 01 00 00 00 00 00 00 00 b0 1d c3 6a 00 88 ff ff ...........j....
[11009.908137] CPU: 3 PID: 28992 Comm: modprobe Tainted: G B W 4.5.0-rc1+ #43
[11009.908140] Hardware name: /NUC5i7RYB, BIOS RYBDWi35.86A.0350.2015.0812.1722 08/12/2015
[11009.908142] ffff8803bd78a000 ffff8802c273f1b8 ffffffff81932007 ffff8803c6407a80
[11009.908148] ffff8802c273f1e8 ffffffff81556759 ffff8803c6407a80 ffffea000ef5e280
[11009.908153] ffff8803bd78ab40 dffffc0000000000 ffff8802c273f210 ffffffff8155ccb4
[11009.908158] Call Trace:
[11009.908162] [<ffffffff81932007>] dump_stack+0x4b/0x64
[11009.908165] [<ffffffff81556759>] print_trailer+0xf9/0x150
[11009.908168] [<ffffffff8155ccb4>] object_err+0x34/0x40
[11009.908171] [<ffffffff8155f260>] kasan_report_error+0x230/0x550
[11009.908175] [<ffffffff81237d71>] ? trace_hardirqs_off_caller+0x21/0x290
[11009.908179] [<ffffffff8155e926>] ? kasan_unpoison_shadow+0x36/0x50
[11009.908182] [<ffffffff8155f5c3>] __asan_report_load1_noabort+0x43/0x50
[11009.908185] [<ffffffff8155ea00>] ? __asan_register_globals+0x50/0xa0
[11009.908189] [<ffffffff8194cea6>] ? strcmp+0x96/0xb0
[11009.908192] [<ffffffff8194cea6>] strcmp+0x96/0xb0
[11009.908196] [<ffffffffa13ba4ac>] xc2028_set_config+0x15c/0x630 [tuner_xc2028]
[11009.908200] [<ffffffffa13bac90>] xc2028_attach+0x310/0x8a0 [tuner_xc2028]
[11009.908203] [<ffffffff8155ea78>] ? memset+0x28/0x30
[11009.908206] [<ffffffffa13ba980>] ? xc2028_set_config+0x630/0x630 [tuner_xc2028]
[11009.908211] [<ffffffffa157a59a>] em28xx_attach_xc3028.constprop.7+0x1f9/0x30d [em28xx_dvb]
[11009.908215] [<ffffffffa157aa2a>] ? em28xx_dvb_init.part.3+0x37c/0x5cf4 [em28xx_dvb]
[11009.908219] [<ffffffffa157a3a1>] ? hauppauge_hvr930c_init+0x487/0x487 [em28xx_dvb]
[11009.908222] [<ffffffffa01795ac>] ? lgdt330x_attach+0x1cc/0x370 [lgdt330x]
[11009.908226] [<ffffffffa01793e0>] ? i2c_read_demod_bytes.isra.2+0x210/0x210 [lgdt330x]
[11009.908230] [<ffffffff812e87d0>] ? ref_module.part.15+0x10/0x10
[11009.908233] [<ffffffff812e56e0>] ? module_assert_mutex_or_preempt+0x80/0x80
[11009.908238] [<ffffffffa157af92>] em28xx_dvb_init.part.3+0x8e4/0x5cf4 [em28xx_dvb]
[11009.908242] [<ffffffffa157a6ae>] ? em28xx_attach_xc3028.constprop.7+0x30d/0x30d [em28xx_dvb]
[11009.908245] [<ffffffff8195222d>] ? string+0x14d/0x1f0
[11009.908249] [<ffffffff8195381f>] ? symbol_string+0xff/0x1a0
[11009.908253] [<ffffffff81953720>] ? uuid_string+0x6f0/0x6f0
[11009.908257] [<ffffffff811a775e>] ? __kernel_text_address+0x7e/0xa0
[11009.908260] [<ffffffff8104b02f>] ? print_context_stack+0x7f/0xf0
[11009.908264] [<ffffffff812e9846>] ? __module_address+0xb6/0x360
[11009.908268] [<ffffffff8137fdc9>] ? is_ftrace_trampoline+0x99/0xe0
[11009.908271] [<ffffffff811a775e>] ? __kernel_text_address+0x7e/0xa0
[11009.908275] [<ffffffff81240a70>] ? debug_check_no_locks_freed+0x290/0x290
[11009.908278] [<ffffffff8104a24b>] ? dump_trace+0x11b/0x300
[11009.908282] [<ffffffffa13e8143>] ? em28xx_register_extension+0x23/0x190 [em28xx]
[11009.908285] [<ffffffff81237d71>] ? trace_hardirqs_off_caller+0x21/0x290
[11009.908289] [<ffffffff8123ff56>] ? trace_hardirqs_on_caller+0x16/0x590
[11009.908292] [<ffffffff812404dd>] ? trace_hardirqs_on+0xd/0x10
[11009.908296] [<ffffffffa13e8143>] ? em28xx_register_extension+0x23/0x190 [em28xx]
[11009.908299] [<ffffffff822dcbb0>] ? mutex_trylock+0x400/0x400
[11009.908302] [<ffffffff810021a1>] ? do_one_initcall+0x131/0x300
[11009.908306] [<ffffffff81296dc7>] ? call_rcu_sched+0x17/0x20
[11009.908309] [<ffffffff8159e708>] ? put_object+0x48/0x70
[11009.908314] [<ffffffffa1579f11>] em28xx_dvb_init+0x81/0x8a [em28xx_dvb]
[11009.908317] [<ffffffffa13e81f9>] em28xx_register_extension+0xd9/0x190 [em28xx]
[11009.908320] [<ffffffffa0150000>] ? 0xffffffffa0150000
[11009.908324] [<ffffffffa0150010>] em28xx_dvb_register+0x10/0x1000 [em28xx_dvb]
[11009.908327] [<ffffffff810021b1>] do_one_initcall+0x141/0x300
[11009.908330] [<ffffffff81002070>] ? try_to_run_init_process+0x40/0x40
[11009.908333] [<ffffffff8123ff56>] ? trace_hardirqs_on_caller+0x16/0x590
[11009.908337] [<ffffffff8155e926>] ? kasan_unpoison_shadow+0x36/0x50
[11009.908340] [<ffffffff8155e926>] ? kasan_unpoison_shadow+0x36/0x50
[11009.908343] [<ffffffff8155e926>] ? kasan_unpoison_shadow+0x36/0x50
[11009.908346] [<ffffffff8155ea37>] ? __asan_register_globals+0x87/0xa0
[11009.908350] [<ffffffff8144da7b>] do_init_module+0x1d0/0x5ad
[11009.908353] [<ffffffff812f2626>] load_module+0x6666/0x9ba0
[11009.908356] [<ffffffff812e9c90>] ? symbol_put_addr+0x50/0x50
[11009.908361] [<ffffffffa1580037>] ? em28xx_dvb_init.part.3+0x5989/0x5cf4 [em28xx_dvb]
[11009.908366] [<ffffffff812ebfc0>] ? module_frob_arch_sections+0x20/0x20
[11009.908369] [<ffffffff815bc940>] ? open_exec+0x50/0x50
[11009.908374] [<ffffffff811671bb>] ? ns_capable+0x5b/0xd0
[11009.908377] [<ffffffff812f5e58>] SyS_finit_module+0x108/0x130
[11009.908379] [<ffffffff812f5d50>] ? SyS_init_module+0x1f0/0x1f0
[11009.908383] [<ffffffff81004044>] ? lockdep_sys_exit_thunk+0x12/0x14
[11009.908394] [<ffffffff822e6936>] entry_SYSCALL_64_fastpath+0x16/0x76
[11009.908396] Memory state around the buggy address:
[11009.908398] ffff8803bd78aa00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[11009.908401] ffff8803bd78aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[11009.908403] >ffff8803bd78ab00: fc fc fc fc fc fc fc fc 00 00 fc fc fc fc fc fc
[11009.908405] ^
[11009.908407] ffff8803bd78ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[11009.908409] ffff8803bd78ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[11009.908411] ==================================================================
In order to avoid it, let's set the cached value of the firmware
name to NULL after freeing it. While here, return an error if
the memory allocation fails.
Change-Id: I24f0958f97ca04916b8c6845f3122732e1928e6c
Signed-off-by: Mauro Carvalho Chehab <mchehab@osg.samsung.com>
Git-repo: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git
Git-commit: 8dfbcc4351a0b6d2f2d77f367552f48ffefafe18
Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org>
2016-11-18 16:49:49 -08:00
