From: Greg KH <gregkh@linuxfoundation.org>
To: Asmaa Mnebhi <asmaa@nvidia.com>
Cc: kernel-team@lists.ubuntu.com, khoav@nvidia.com,
meriton@nvidia.com, vlad@nvidia.com,
Shreeya Patel <shreeya.patel@collabora.com>,
stable@vger.kernel.org,
Andy Shevchenko <andy.shevchenko@gmail.com>,
Linus Walleij <linus.walleij@linaro.org>,
Bartosz Golaszewski <brgl@bgdev.pl>
Subject: Re: [SRU][F:linux-bluefield][PATCH v2 1/2] gpio: Restrict usage of GPIO chip irq members before initialization
Date: Fri, 17 Feb 2023 15:26:30 +0100 [thread overview]
Message-ID: <Y++OlqihvPis7NK4@kroah.com> (raw)
In-Reply-To: <20230217140744.20600-2-asmaa@nvidia.com>
On Fri, Feb 17, 2023 at 09:07:43AM -0500, Asmaa Mnebhi wrote:
> BugLink: https://bugs.launchpad.net/bugs/2007581
>
> GPIO chip irq members are exposed before they could be completely
> initialized and this leads to race conditions.
>
> One such issue was observed for the gc->irq.domain variable which
> was accessed through the I2C interface in gpiochip_to_irq() before
> it could be initialized by gpiochip_add_irqchip(). This resulted in
> Kernel NULL pointer dereference.
>
> Following are the logs for reference :-
>
> kernel: Call Trace:
> kernel: gpiod_to_irq+0x53/0x70
> kernel: acpi_dev_gpio_irq_get_by+0x113/0x1f0
> kernel: i2c_acpi_get_irq+0xc0/0xd0
> kernel: i2c_device_probe+0x28a/0x2a0
> kernel: really_probe+0xf2/0x460
> kernel: RIP: 0010:gpiochip_to_irq+0x47/0xc0
>
> To avoid such scenarios, restrict usage of GPIO chip irq members before
> they are completely initialized.
>
> Signed-off-by: Shreeya Patel <shreeya.patel@collabora.com>
> Cc: stable@vger.kernel.org
> Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
> Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
> Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
> (backported from commit 5467801f1fcbdc46bc7298a84dbf3ca1ff2a7320)
> Signed-off-by: Asmaa Mnebhi <asmaa@nvidia.com>
<formletter>
This is not the correct way to submit patches for inclusion in the
stable kernel tree. Please read:
https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
for how to do this properly.
</formletter>
next prev parent reply other threads:[~2023-02-17 14:26 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20230217140744.20600-1-asmaa@nvidia.com>
2023-02-17 14:07 ` [SRU][F:linux-bluefield][PATCH v2 1/2] gpio: Restrict usage of GPIO chip irq members before initialization Asmaa Mnebhi
2023-02-17 14:26 ` Greg KH [this message]
2023-02-17 15:33 ` Asmaa Mnebhi
2023-02-17 15:43 ` Greg KH
2023-02-17 14:07 ` [SRU][F:linux-bluefield][PATCH v2 2/2] gpio: Request interrupts after IRQ is initialized Asmaa Mnebhi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y++OlqihvPis7NK4@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=andy.shevchenko@gmail.com \
--cc=asmaa@nvidia.com \
--cc=brgl@bgdev.pl \
--cc=kernel-team@lists.ubuntu.com \
--cc=khoav@nvidia.com \
--cc=linus.walleij@linaro.org \
--cc=meriton@nvidia.com \
--cc=shreeya.patel@collabora.com \
--cc=stable@vger.kernel.org \
--cc=vlad@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.