From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tomi Valkeinen Date: Fri, 17 Apr 2015 10:40:31 +0000 Subject: Re: [PATCH] video/logo: fix use logo after free prevention Message-Id: <5530E31F.2010300@ti.com> List-Id: References: <5530D6D2.8080103@gmx.at> In-Reply-To: <5530D6D2.8080103@gmx.at> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: Manfred Schlaegl , Jean-Christophe Plagniol-Villard Cc: linux-fbdev@vger.kernel.org, linux-kernel@vger.kernel.org, Manfred Schlaegl Hi, On 04/17/2015 12:48 PM, Manfred Schlaegl wrote: > After 92b004d1aa9f367c372511ca0330f58216b25703 the logos disappeared on > Freescale i.MX53 and i.MX6 SoC's (detected on linux-3.12.37). > This happens because the fb_find_logo function is validly called > (initdata still not freed) AFTER newly introduced latecall > fb_logo_late_init. > > Instead of stetting a logos_freed flag somewhere in lateinit, this patch > uses system_state=SYSTEM_BOOTING as indication for valid initdata. The kernel init does free_initmem() call before setting the system_state to SYSTEM_RUNNING, so there's a period of time when the logos are freed, but the check in you patch does not catch it. Tomi From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753887AbbDQKko (ORCPT ); Fri, 17 Apr 2015 06:40:44 -0400 Received: from bear.ext.ti.com ([192.94.94.41]:51424 "EHLO bear.ext.ti.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751795AbbDQKkm (ORCPT ); Fri, 17 Apr 2015 06:40:42 -0400 Message-ID: <5530E31F.2010300@ti.com> Date: Fri, 17 Apr 2015 13:40:31 +0300 From: Tomi Valkeinen User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: Manfred Schlaegl , Jean-Christophe Plagniol-Villard CC: , , Manfred Schlaegl Subject: Re: [PATCH] video/logo: fix use logo after free prevention References: <5530D6D2.8080103@gmx.at> In-Reply-To: <5530D6D2.8080103@gmx.at> Content-Type: text/plain; charset="windows-1252"; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On 04/17/2015 12:48 PM, Manfred Schlaegl wrote: > After 92b004d1aa9f367c372511ca0330f58216b25703 the logos disappeared on > Freescale i.MX53 and i.MX6 SoC's (detected on linux-3.12.37). > This happens because the fb_find_logo function is validly called > (initdata still not freed) AFTER newly introduced latecall > fb_logo_late_init. > > Instead of stetting a logos_freed flag somewhere in lateinit, this patch > uses system_state==SYSTEM_BOOTING as indication for valid initdata. The kernel init does free_initmem() call before setting the system_state to SYSTEM_RUNNING, so there's a period of time when the logos are freed, but the check in you patch does not catch it. Tomi