evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/drivers
History
Eddie Wai d653220711 [SCSI] bnx2i: Fixed NULL ptr deference for 1G bnx2 Linux iSCSI offload 
This patch fixes the following kernel panic invoked by uninitialized fields
in the chip initialization for the 1G bnx2 iSCSI offload.

One of the bits in the chip initialization is being used by the latest
firmware to control overflow packets.  When this control bit gets enabled
erroneously, it would ultimately result in a bad packet placement which would
cause the bnx2 driver to dereference a NULL ptr in the placement handler.

This can happen under certain stress I/O environment under the Linux
iSCSI offload operation.

This change only affects Broadcom's 5709 chipset.

Unable to handle kernel NULL pointer dereference at 0000000000000008 RIP:
 [<ffffffff881f0e7d>] :bnx2:bnx2_poll_work+0xd0d/0x13c5
Pid: 0, comm: swapper Tainted: G     ---- 2.6.18-333.el5debug #2
RIP: 0010:[<ffffffff881f0e7d>]  [<ffffffff881f0e7d>] :bnx2:bnx2_poll_work+0xd0d/0x13c5
RSP: 0018:ffff8101b575bd50  EFLAGS: 00010216
RAX: 0000000000000005 RBX: ffff81007c5fb180 RCX: 0000000000000000
RDX: 0000000000000ffc RSI: 00000000817e8000 RDI: 0000000000000220
RBP: ffff81015bbd7ec0 R08: ffff8100817e9000 R09: 0000000000000000
R10: ffff81007c5fb180 R11: 00000000000000c8 R12: 000000007a25a010
R13: 0000000000000000 R14: 0000000000000005 R15: ffff810159f80558
FS:  0000000000000000(0000) GS:ffff8101afebc240(0000) knlGS:0000000000000000
CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
CR2: 0000000000000008 CR3: 0000000000201000 CR4: 00000000000006a0
Process swapper (pid: 0, threadinfo ffff8101b5754000, task ffff8101afebd820)
Stack:  000000000000000b ffff810159f80000 0000000000000040 ffff810159f80520
 ffff810159f80500 00cf00cf8008e84b ffffc200100939e0 ffff810009035b20
 0000502900000000 000000be00000001 ffff8100817e7810 00d08101b575bea8
Call Trace:
 <IRQ>  [<ffffffff8008e0d0>] show_schedstat+0x1c2/0x25b
 [<ffffffff881f1886>] :bnx2:bnx2_poll+0xf6/0x231
 [<ffffffff8000c9b9>] net_rx_action+0xac/0x1b1
 [<ffffffff800125a0>] __do_softirq+0x89/0x133
 [<ffffffff8005e30c>] call_softirq+0x1c/0x28
 [<ffffffff8006d5de>] do_softirq+0x2c/0x7d
 [<ffffffff8006d46e>] do_IRQ+0xee/0xf7
 [<ffffffff8005d625>] ret_from_intr+0x0/0xa
 <EOI>  [<ffffffff801a5780>] acpi_processor_idle_simple+0x1c5/0x341
 [<ffffffff801a573d>] acpi_processor_idle_simple+0x182/0x341
 [<ffffffff801a55bb>] acpi_processor_idle_simple+0x0/0x341
 [<ffffffff80049560>] cpu_idle+0x95/0xb8
 [<ffffffff80078b1c>] start_secondary+0x479/0x488

Signed-off-by: Eddie Wai <eddie.wai@broadcom.com>
Cc: stable@vger.kernel.org
Reviewed-by: Mike Christie <michaelc@cs.wisc.edu>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
2012-09-17 13:40:32 +01:00
..
accessibility
acpi Merge branch 'drm-fixes-3.6' of git://people.freedesktop.org/~agd5f/linux into drm-fixes 2012-08-22 09:18:49 +10:00
amba Merge branch 'for-linus' of git://git.linaro.org/people/rmk/linux-arm 2012-07-27 15:14:26 -07:00
ata libata: Add a space to " 2GB ATA Flash Disk" DMA blacklist entry 2012-08-25 10:16:45 -04:00
atm drivers/atm/iphase.c: fix error return code 2012-08-06 13:29:57 -07:00
auxdisplay
base mm: cma: fix alignment requirements for contiguous regions 2012-08-28 21:01:01 +02:00
bcma bcma: BCM43228 support 2012-08-02 13:51:46 -04:00
block Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2012-08-25 11:36:43 -07:00
bluetooth Bluetooth: add support for atheros 0489:e057 2012-08-06 15:33:05 -03:00
cdrom
char drm/i915: fix hsw uncached pte 2012-08-17 09:21:35 +02:00
clk clk: validate pointer in __clk_disable() 2012-07-30 17:25:13 -07:00
clocksource cs5535-clockevt: typo, it's MFGPT, not MFPGT 2012-08-21 16:45:02 -07:00
connector
cpufreq Merge branch 'imx/fixes-for-3.6' of git://git.linaro.org/people/shawnguo/linux-2.6 into fixes 2012-08-23 17:02:42 +02:00
cpuidle cpuidle: Prevent null pointer dereference in cpuidle_coupled_cpu_notify 2012-08-17 19:37:08 +02:00
crypto Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2012-09-12 07:14:17 +08:00
dca
devfreq
dio
dma dma: tegra: enable/disable dma clock 2012-08-13 10:15:22 +05:30
edac Merge branch 'devel' 2012-07-29 21:11:05 -03:00
eisa
extcon extcon: extcon_gpio: Replace gpio_request_one by devm_gpio_request_one 2012-08-16 10:29:08 -07:00
firewire - Small fixes and optimizations. 2012-07-30 09:32:39 -07:00
firmware This patch series contains a major revamp of how we collect entropy 2012-07-31 19:07:42 -07:00
gpio gpio: rdc321x: Prevent removal of modules exporting active GPIOs 2012-09-01 12:52:24 +02:00
gpu drm/vmwgfx: add MODULE_DEVICE_TABLE so vmwgfx loads at boot 2012-09-07 13:25:34 +10:00
hid Merge branch 'upstream-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2012-09-07 12:29:38 -07:00
hsi
hv This patch series contains a major revamp of how we collect entropy 2012-07-31 19:07:42 -07:00
hwmon hwmon: (asus_atk0110) Add quirk for Asus M5A78L 2012-08-22 22:33:31 -07:00
hwspinlock
i2c i2c-core: Fix for lockdep validator 2012-09-10 10:14:02 +02:00
ide ide: fix generic_ide_suspend/resume Oops 2012-08-21 14:54:42 -07:00
idle intel_idle: Check cpu_idle_get_driver() for NULL before dereferencing it. 2012-08-17 19:37:14 +02:00
ieee802154
iio iio: lm3533-als: Fix build warnings 2012-08-16 20:24:38 +01:00
infiniband Merge branches 'cma', 'ipoib', 'misc', 'mlx4', 'ocrdma', 'qib' and 'srp' into for-next 2012-08-16 09:38:39 -07:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2012-09-08 16:20:59 -07:00
iommu iommu/amd: Fix wrong check for ARRAY_SIZE() 2012-08-10 11:34:08 +02:00
isdn mISDN: Bugfix for layer2 fixed TEI mode 2012-08-06 13:22:50 -07:00
leds leds: renesas: fix error handling 2012-08-13 14:34:02 +08:00
lguest
macintosh
md md/raid10: fix problem with on-stack allocation of r10bio structure. 2012-08-18 09:51:42 +10:00
media Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media 2012-08-21 16:54:38 -07:00
memory
memstick
message drivers/message/i2o/i2o_config.c: bound allocation 2012-07-30 17:25:17 -07:00
mfd More USB patches for 3.6-rc3 2012-08-20 13:14:22 -07:00
misc drivers/misc/sgi-xp/xpc_uv.c: SGI XPC fails to load when cpu 0 is out of IRQ resources 2012-08-21 16:45:03 -07:00
mmc mmc: omap: fix broken PIO mode 2012-09-04 13:58:11 -04:00
mtd UBI: fix a horrible memory deallocation bug 2012-09-04 09:40:26 +03:00
net net: qmi_wwan: add several new Gobi devices 2012-09-01 22:49:34 -04:00
nfc
nubus
of dt: introduce for_each_available_child_of_node, of_get_next_available_child 2012-08-20 02:16:00 -07:00
oprofile
parisc
parport
pci PCI: Don't print anything while decoding is disabled 2012-08-23 10:53:08 -06:00
pcmcia Merge branch 'for-linus' of git://git.linaro.org/people/rmk/linux-arm 2012-07-27 15:14:26 -07:00
pinctrl pinctrl/nomadik: add kp_b_2 keyboard function group list 2012-08-17 11:09:58 +02:00
platform ideapad: add Lenovo IdeaPad Z570 support (part 3) 2012-08-20 12:44:41 -04:00
pnp
power Merge branch 'for-linus-3.6' of git://dev.laptop.org/users/dilinger/linux-olpc 2012-08-02 11:52:39 -07:00
pps pps: return PTR_ERR on error in device_create 2012-07-30 17:25:21 -07:00
ps3
ptp
pwm pwm: Improve Kconfig help text 2012-08-20 11:58:43 +02:00
rapidio rapidio/tsi721: fix unused variable compiler warning 2012-08-21 16:45:03 -07:00
regulator regulator: twl-regulator: fix up VINTANA1/VINTANA2 2012-08-15 17:19:01 +01:00
remoteproc A batch of remoteproc patches for 3.6: 2012-07-26 16:19:08 -07:00
rpmsg A batch of remoteproc patches for 3.6: 2012-07-26 16:19:08 -07:00
rtc Fixes for AT91 related to: 2012-08-27 17:07:37 -07:00
s390 s390/dasd: fix ioctl return value 2012-08-28 10:08:31 +02:00
sbus
scsi [SCSI] bnx2i: Fixed NULL ptr deference for 1G bnx2 Linux iSCSI offload 2012-09-17 13:40:32 +01:00
sfi
sh sh: intc: Handle domain association for sparseirq pre-allocated vectors. 2012-08-09 13:21:05 +09:00
sn
spi Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2012-08-25 11:45:04 -07:00
ssb
staging More USB patches for 3.6-rc3 2012-08-20 13:14:22 -07:00
target target: Remove unused se_cmd.cmd_spdtl 2012-08-21 14:27:35 -07:00
tc
thermal The tag contains just a few battery-related changes for v3.6. It's is 2012-07-31 18:08:25 -07:00
tty pmac_zilog,kdb: Fix console poll hook to return instead of loop 2012-08-16 12:20:20 -07:00
uio
usb More USB patches for 3.6-rc3 2012-08-20 13:14:22 -07:00
uwb
vfio vfio: grab vfio_device reference *before* exposing the sucker via fd_install() 2012-08-22 10:26:42 -04:00
vhost tcm_vhost: Fix vhost_scsi_target structure alignment 2012-08-20 14:52:11 -07:00
video OMAPFB: fix framebuffer console colors 2012-08-23 12:37:22 +00:00
virt
virtio
vlynq
vme
w1 1-Wire: Add support for the maxim ds1825 temperature sensor 2012-08-16 12:33:59 -07:00
watchdog watchdog: da9052: Remove duplicate inclusion of delay.h 2012-08-29 17:13:06 +02:00
xen xen/pciback: Fix proper FLR steps. 2012-09-06 09:22:02 -04:00
zorro
Kconfig vfio: VFIO core 2012-07-31 08:16:22 -06:00
Makefile vfio: VFIO core 2012-07-31 08:16:22 -06:00