evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/drivers
History
Pierre-Louis Bossart 906bb56e3a drm/dp/mst: fix kernel oops when turning off secondary monitor 
commit bb08c04dc867b5f392caec635c097d5d5fcd8c9f upstream.

100% reproducible issue found on SKL SkullCanyon NUC with two external
DP daisy-chained monitors in DP/MST mode. When turning off or changing
the input of the second monitor the machine stops with a kernel
oops. This issue happened with 4.8.8 as well as drm/drm-intel-nightly.

This issue is traced to an inconsistent control flow in
drm_dp_update_payload_part1(): the 'port' pointer is set to NULL at the
same time as 'req_payload.num_slots' is set to zero, but the pointer is
dereferenced even when req_payload.num_slot is zero.

The problematic dereference was introduced in commit dfda0df34
("drm/mst: rework payload table allocation to conform better") and may
impact all versions since v3.18

The fix suggested by Chris Wilson removes the kernel oops and was found to
work well after 10mn of monkey-testing with the second monitor power and
input buttons

Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=98990
Fixes: dfda0df342 ("drm/mst: rework payload table allocation to conform better.")
Cc: Dave Airlie <airlied@redhat.com>
Cc: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Nathan D Ciobanu <nathan.d.ciobanu@linux.intel.com>
Cc: Dhinakaran Pandiyan <dhinakaran.pandiyan@intel.com>
Cc: Sean Paul <seanpaul@chromium.org>
Tested-by: Nathan D Ciobanu <nathan.d.ciobanu@linux.intel.com>
Reviewed-by: Dhinakaran Pandiyan <dhinakaran.pandiyan@intel.com>
Signed-off-by: Pierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
Signed-off-by: Jani Nikula <jani.nikula@intel.com>
Link: http://patchwork.freedesktop.org/patch/msgid/1487076561-2169-1-git-send-email-jani.nikula@intel.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-02-23 17:43:09 +01:00
..
accessibility
acpi ACPI / APEI: Fix NMI notification handling 2017-01-19 20:17:22 +01:00
amba
android ANDROID: binder: Clear binder and cookie when setting handle in flat binder struct 2016-11-10 16:36:33 +01:00
ata libata: apply MAX_SEC_1024 to all CX1-JB*-HP devices 2017-02-09 08:02:45 +01:00
atm
auxdisplay
base base/memory, hotplug: fix a kernel oops in show_valid_zones() 2017-02-09 08:02:47 +01:00
bcma x86/quirks: Add early quirk to reset Apple AirPort card 2016-08-10 11:49:24 +02:00
block loop: return proper error from loop_queue_rq() 2017-01-06 11:16:14 +01:00
bluetooth Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b] 2016-09-15 08:27:49 +02:00
bus bus: vexpress-config: fix device reference leak 2017-01-19 20:17:22 +01:00
cdrom
char tpm xen: Remove bogus tpm_chip_unregister 2017-01-06 11:16:16 +01:00
clk clk: imx31: fix rewritten input argument of mx31_clocks_init() 2017-01-12 11:22:49 +01:00
clocksource clocksource/exynos_mct: Clear interrupt when cpu is shut down 2017-01-26 08:23:48 +01:00
connector connector: bump skb->users before callback invocation 2016-01-04 21:46:45 -05:00
cpufreq cpufreq: powernv: Disable preemption while checking CPU throttling state 2017-01-19 20:17:22 +01:00
cpuidle ARM: cpuidle: Fix error return code 2016-10-16 17:36:15 +02:00
crypto crypto: caam - fix AEAD givenc descriptors 2017-01-06 11:16:12 +01:00
dca
devfreq
dio
dma dmaengine: pl330: Fix runtime PM support for terminated transfers 2017-01-26 08:23:50 +01:00
dma-buf
edac EDAC: Increment correct counter in edac_inc_ue_error() 2016-09-07 08:32:41 +02:00
eisa
extcon extcon: max77843: Use correct size for reading the interrupt register 2016-05-04 14:48:54 -07:00
firewire firewire: net: fix fragmented datagram_size off-by-one 2016-11-10 16:36:35 +01:00
firmware efi: Expose non-blocking set_variable() wrapper to efivars 2016-05-04 14:48:49 -07:00
fmc
fpga
gpio gpio: mpc8xxx: Correct irq handler function 2016-10-28 03:01:25 -04:00
gpu drm/dp/mst: fix kernel oops when turning off secondary monitor 2017-02-23 17:43:09 +01:00
hid HID: wacom: Fix poor prox handling in 'wacom_pl_irq' 2017-02-09 08:02:46 +01:00
hsi
hv hv: do not lose pending heartbeat vmbus packets 2016-11-10 16:36:34 +01:00
hwmon hwmon: (g762) Fix overflows and crash seen when writing limit attributes 2017-01-12 11:22:48 +01:00
hwspinlock drivers/hwspinlock: fix race between radix tree insertion and lookup 2016-02-25 12:01:23 -08:00
hwtracing intel_th: Fix a deadlock in modprobing 2016-08-10 11:49:30 +02:00
i2c i2c: fix kernel memory disclosure in dev interface 2017-01-19 20:17:20 +01:00
ide
idle intel_idle: Support for Intel Xeon Phi Processor x200 Product Family 2016-09-15 08:27:46 +02:00
iio iio: orientation: hid-sensor-rotation: Add PM function (fix non working driver) 2016-11-18 10:48:35 +01:00
infiniband IB/umem: Release pid in error and ODP flow 2017-02-01 08:30:53 +01:00
input Input: elan_i2c - add ELAN0605 to the ACPI table 2017-02-23 17:43:09 +01:00
iommu iommu/vt-d: Flush old iommu caches for kdump when the device gets context mapped 2017-01-12 11:22:49 +01:00
ipack
irqchip irqchip/bcm7038-l1: Implement irq_cpu_offline() callback 2017-01-12 11:22:49 +01:00
isdn ISDN: eicon: silence misleading array-bounds warning 2017-02-01 08:30:52 +01:00
leds
lguest
lightnvm lightnvm: put bio before return 2016-09-24 10:07:35 +02:00
macintosh
mailbox
mcb mcb: Fixed bar number assignment for the gdd 2016-06-01 12:15:53 -07:00
md md: MD_RECOVERY_NEEDED is set for mddev->recovery 2017-01-12 11:22:50 +01:00
media siano: make it work again with CONFIG_VMAP_STACK 2017-02-23 17:43:09 +01:00
memory memory: omap-gpmc: Fix omap gpmc EXTRADELAY timing 2016-07-27 09:47:35 -07:00
memstick memstick: rtsx_usb_ms: Manage runtime PM when accessing the device 2016-10-28 03:01:35 -04:00
message
mfd mfd: core: Fix device reference leak in mfd_clone_cell 2016-11-26 09:54:53 +01:00
misc mei: bus: fix mei_cldev_enable KDoc 2017-01-12 11:22:47 +01:00
mmc mmc: sdhci: Ignore unexpected CARD_INT interrupts 2017-02-09 08:02:46 +01:00
mtd mtd: nand: xway: disable module support 2017-01-26 08:23:48 +01:00
net net: introduce device min_header_len 2017-02-18 16:39:27 +01:00
nfc mei: bus: fix received data size check in NFC fixup 2016-11-18 10:48:36 +01:00
ntb
nubus
nvdimm libnvdimm, pfn: fix uuid validation 2016-04-20 15:41:54 +09:00
nvme nvme: Call pci_disable_device on the error path. 2016-09-15 08:27:51 +02:00
nvmem nvmem: mxs-ocotp: fix buffer overflow in read 2016-05-11 11:21:21 +02:00
of of: silence warnings due to max() usage 2016-11-15 07:46:39 +01:00
oprofile
parisc
parport
pci PCI/ASPM: Handle PCI-to-PCIe bridges as roots of PCIe hierarchies 2017-02-09 08:02:44 +01:00
pcmcia pcmcia: db1xxx_ss: fix last irq_to_gpio user 2016-04-20 15:42:09 +09:00
perf drivers/perf: arm_pmu: Fix leak in error path 2016-10-07 15:23:41 +02:00
phy phy: core: fix wrong err handle for phy_power_on 2016-03-03 15:07:28 -08:00
pinctrl pinctrl: broxton: Use correct PADCFGLOCK offset 2017-02-01 08:30:54 +01:00
platform platform/x86: intel_mid_powerbtn: Set IRQ_ONESHOT 2017-02-01 08:30:54 +01:00
pnp PNP: Add Broadwell to Intel MCH size workaround 2016-08-16 09:30:48 +02:00
power power: bq24257: Fix use of uninitialized pointer bq->charger 2016-10-31 04:14:00 -06:00
powercap
pps pps: do not crash when failed to register 2016-08-10 11:49:25 +02:00
ps3
ptp
pwm pwm: Fix device reference leak 2016-12-08 07:15:24 +01:00
rapidio
ras
regulator regulator: stw481x-vmmc: fix ages old enable error 2017-01-09 08:07:43 +01:00
remoteproc remoteproc: Fix potential race condition in rproc_add 2016-08-20 18:09:20 +02:00
reset
rpmsg
rtc rtc: omap: Fix selecting external osc 2016-11-26 09:54:53 +01:00
s390 scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send 2017-02-14 15:22:52 -08:00
sbus
scsi Fix missing sanity check in /dev/sg 2017-02-23 17:43:09 +01:00
sfi
sh drivers: sh: Restore legacy clock domain on SuperH platforms 2016-03-09 15:34:49 -08:00
sn
soc soc: qcom/spm: shut up uninitialized variable warning 2016-09-24 10:07:42 +02:00
spi spi: mvebu: fix baudrate calculation for armada variant 2017-01-15 13:41:36 +01:00
spmi
ssb ssb: Fix error routine when fallback SPROM fails 2017-01-09 08:07:42 +01:00
staging staging: comedi: dt282x: tidy up register bit defines 2017-01-12 11:22:50 +01:00
target target: Fix COMPARE_AND_WRITE ref leak for non GOOD status 2017-02-14 15:22:51 -08:00
tc
thermal thermal: hwmon: Properly report critical temperature in sysfs 2017-01-09 08:07:44 +01:00
thunderbolt thunderbolt: Fix double free of drom buffer 2016-06-01 12:15:53 -07:00
tty sysrq: attach sysrq handler correctly for 32-bit kernel 2017-01-19 20:17:21 +01:00
uio uio: fix dmem_region_start computation 2016-10-31 04:13:59 -06:00
usb USB: serial: option: add device ID for HP lt2523 (Novatel E371) 2017-02-09 08:02:46 +01:00
uwb uwb: fix device reference leaks 2016-11-26 09:54:53 +01:00
vfio vfio/pci: Fix NULL pointer oops in error interrupt setup handling 2016-09-07 08:32:37 +02:00
vhost vhost/scsi: fix reuse of &vq->iov[out] in response 2016-09-15 08:27:53 +02:00
video fbdev: color map copying bounds checking 2017-02-01 08:30:52 +01:00
virt
virtio virtio_ring: Make interrupt suppression spec compliant 2016-11-10 16:36:34 +01:00
vlynq
vme vme: Fix wrong pointer utilization in ca91cx42_slave_get 2017-01-19 20:17:21 +01:00
w1 w1:omap_hdq: fix regression 2016-08-20 18:09:22 +02:00
watchdog watchdog: rc32434_wdt: fix ioctl error handling 2016-04-12 09:08:54 -07:00
xen xen/gntdev: Use VM_MIXEDMAP instead of VM_IO to avoid NUMA balancing 2017-01-06 11:16:17 +01:00
zorro
Kconfig
Makefile