The overflow check is required to ensure that user space data
in kernel may not go beyond buffer boundary.
CRs-Fixed: 1064411
Change-Id: I54c28a8942cf1a6a47a4e8272f3159b35d753ead
Signed-off-by: Karthik Reddy Katta <a_katta@codeaurora.org>
gic_write/read use write/read_relaxed function which will create
lots of RTB logging. Change the API to no_log version to remove
those RTB logs.
Change-Id: Ide59d8c2753364840f8a2b304ef0c169870c8509
Signed-off-by: Runmin Wang <runminw@codeaurora.org>
If the following call chain fails
adf_device_post_nocopy() ->
adf_buffer_map() ->
dma_buf_attach(); dma_buf_map_attachment()
then the attachment returned by dma_buf_attach() will get cleaned up
twice: first during the error-handling path inside adf_buffer_map(), and
again during the error-handling path inside adf_device_post_nocopy().
Fix this by zeroing out the mapping data inside adf_buffer_map()'s
error-handling path. When adf_device_post_nocopy() hands it back to
adf_buffer_mapping_cleanup(), it will deliberately skip over zeroed-out
data.
(The second adf_buffer_mapping_cleanup() call inside
adf_device_post_nocopy() is not a bug; it's intended to clean up after
any *other* buffers we handled as part of this request.)
CVE:CVE-2016-3811
Bug: 28025945
Bug: 28279077
Change-Id: I824d980b208da3a15d35f74970755c8f18500263
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Git-repo: https://android.googlesource.com/kernel/msm.git
Git-commit: 4436de7a92d037599e0d217f16f9c391b6ad866a
Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org>
The 'vconn' regulator is spelled with two n's, not one.
Change-Id: I118d4e1dbd1aa26c2637e5ea4f4ba5b6006bebff
Signed-off-by: Jack Pham <jackp@codeaurora.org>
Make sure to only call regulator_disable() on VCONN only if
it was previously enabled, else it could result in an
unbalanced disable state. Subsequent enables would then be
no-ops and the regulator would not actually turn on.
Change-Id: I67a6ad6d2bc036a63714403e2eed8c0577ef0246
Signed-off-by: Jack Pham <jackp@codeaurora.org>
Frequency-demand conversion data structures are only used under
CONFIG_SCHED_HMP. Move them out of sched.h into hmp.c to where they
actually belong after the recent refactor.
Change-Id: I3c3eebca86062f11b80af93ba3716695eb787376
Signed-off-by: Syed Rameez Mustafa <rameezmustafa@codeaurora.org>
There are instances of QMI message timeout and because of this
stability issues are seen way after the QMI message failure. To
aid the debugging, enhance the debug capabilities by adding
ASSERT in case of failure.
Also update the logs properly to indicate which message really
failed.
CRs-fixed: 1060274
Change-Id: Ie817970cb10c879d04ffe5e2a853ada8bf8a1f88
Signed-off-by: Prashanth Bhatta <bhattap@codeaurora.org>
Allow the PIL client to set the firmware file name
for a specific subsystem.
Change-Id: Ib410cae212afb067f5df2e5d25f4f23f583ed1f2
Signed-off-by: Amir Samuelov <amirs@codeaurora.org>
Add bus scaling support for venus PIL for MSMCOBALT. Also reduce
proxy-timeout value so that video can start playing sooner.
CRs-Fixed: 1063752
Change-Id: Icb72c488c30ee7c2414409b93fd40f3862b11f77
Signed-off-by: Puja Gupta <pujag@codeaurora.org>
Add temperature io channels to enable temperature monitoring of the
parallel charger.
Change-Id: I6ebea0fb935dc8fb0fdce11e9c9a19213da2685c
Signed-off-by: Nicholas Troast <ntroast@codeaurora.org>
Expose the charger temperature in both standalone and parallel mode via
the battery and parallel power supplies.
Change-Id: I43e73b3056386cf97b37652eeed3a4761e248711
Signed-off-by: Nicholas Troast <ntroast@codeaurora.org>
Enable event log debugging and register dump during panic for SDE rotator.
CRs-Fixed: 1063582
Change-Id: Icc11117c34c3c45bdaa6a05444c933e6fba4f6b8
Signed-off-by: Benjamin Chan <bkchan@codeaurora.org>
EVTLOG is a memory logging method for reducing logging overhead.
REG dump is used when a fatal error or SMMU fault is happening within
the SDE rotator driver. Both tools are used for crash dump analysis
in SDE rotator.
CRs-Fixed: 1063582
Change-Id: I5ad406187ba590d2fa57d998e9ad79b8a32810ee
Signed-off-by: Benjamin Chan <bkchan@codeaurora.org>
The Focaltech driver creates a sysfs under sys/kernel/ts_info
to access touch panel details. However, the return value of the
API is not checked properly. Check the return value of the API.
Also avoid making a duplicate copy of the kobject and clean up
the show routine.
Change-Id: Ib36e9d7661ee3d2ce7b229d8692e6212e33cbf36
Signed-off-by: Himanshu Aggarwal <haggarwa@codeaurora.org>
Because of a change in the underlying bus driver, the secure touch
layer in the input drivers is now required to control directly the
clocks which are needed during the touch sessions. The clocks which
are associated with the underlying I2C bus are clk_gcc_blsp1_ahb_clk
and clk_gcc_blsp1_qup3_i2c_apps_clk. These clocks are turned on/off
when the secure touch session is started/ended.
Change-Id: If5abca579e264cc7799310628c4e379ac4368e7e
Signed-off-by: Abinaya P <abinayap@codeaurora.org>
This patch creates two sysfs files for secure touch -
secure_touch and secure_touch_enable which will be
accessed by secure ui app. We also define the store
and show function for these sysfs files.
Change-Id: I4bc156de12a8b41c3640c4f1fb2d32ca3d8b5b43
Signed-off-by: Abinaya P <abinayap@codeaurora.org>
This patch clears the peripheral masks upon the mdlog exit
and USB disconnection. This enables to keep the data and
cmd channel open for read.
CRs-Fixed: 1057143
Change-Id: Ie6f19319b75f3bf389ddd5a8168fd3bcd3efbc8b
Signed-off-by: Manoj Prabhu B <bmanoj@codeaurora.org>
