From: Bjorn Andersson <bjorn.andersson@linaro.org>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: "Luis R. Rodriguez" <mcgrof@kernel.org>,
"Rafael J. Wysocki" <rafael@kernel.org>,
linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org,
stable@vger.kernel.org,
Rishabh Bhatnagar <rishabhb@codeaurora.org>
Subject: Re: [PATCH] firmware: Always initialize the fw_priv list object
Date: Thu, 20 Sep 2018 00:34:15 -0700 [thread overview]
Message-ID: <20180920073415.GC1367@tuxbook-pro> (raw)
In-Reply-To: <20180920052204.GA15695@kroah.com>
On Wed 19 Sep 22:22 PDT 2018, Greg Kroah-Hartman wrote:
> On Wed, Sep 19, 2018 at 06:09:38PM -0700, Bjorn Andersson wrote:
> > When freeing the fw_priv the item is taken off the list. This causes an
> > oops in the FW_OPT_NOCACHE case as the list object is not initialized.
> >
> > Make sure to initialize the list object regardless of this flag.
> >
> > Fixes: 422b3db2a503 ("firmware: Fix security issue with request_firmware_into_buf()")
> > Cc: stable@vger.kernel.org
> > Cc: Rishabh Bhatnagar <rishabhb@codeaurora.org>
> > Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
> > ---
> > drivers/base/firmware_loader/main.c | 7 +++++--
> > 1 file changed, 5 insertions(+), 2 deletions(-)
>
> Is this being triggered by some hardware somewhere today? Or is this
> just a fix found by code inspection?
>
Hi Greg,
Yes, I found this issue while attempting to load the firmware and boot
one of the DSPs on one of my Qualcomm dev boards after v4.19-rc4 and it
can be reproduced on the upstream Dragonboard 820c.
Regards,
Bjorn
next prev parent reply other threads:[~2018-09-20 7:34 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-20 1:09 [PATCH] firmware: Always initialize the fw_priv list object Bjorn Andersson
2018-09-20 5:22 ` Greg Kroah-Hartman
2018-09-20 7:34 ` Bjorn Andersson [this message]
2018-10-01 13:27 ` Niklas Cassel
2018-10-01 18:18 ` Luis Chamberlain
2018-10-01 18:32 ` Bjorn Andersson
2018-10-01 18:53 ` Luis Chamberlain
2018-10-01 20:58 ` Greg Kroah-Hartman
2018-09-20 7:38 ` Rafael J. Wysocki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180920073415.GC1367@tuxbook-pro \
--to=bjorn.andersson@linaro.org \
--cc=gregkh@linuxfoundation.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mcgrof@kernel.org \
--cc=rafael@kernel.org \
--cc=rishabhb@codeaurora.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.