From mboxrd@z Thu Jan 1 00:00:00 1970 From: Wang YanQing Date: Mon, 05 Mar 2012 00:52:50 +0000 Subject: Re: [PATCH] video:uvesafb: Fix oops that uvesafb try to execute NX-protected page Message-Id: <20120305005250.GA17071@udknight> List-Id: References: <20120302004850.GA4139@udknight> In-Reply-To: <20120302004850.GA4139@udknight> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable To: FlorianSchandinat@gmx.de, linux-fbdev@vger.kernel.org, linux-kernel@vger.kernel.org, spock@gentoo.org On Fri, Mar 02, 2012 at 08:48:50AM +0800, Wang YanQing wrote: >=20 > Ok! I think I have learned to make thing simple and send to the right peo= ple:) > This patch try to fix the oops below that catched in my machine >=20 > [ 81.560602] uvesafb: NVIDIA Corporation, GT216 Board - 0696a290, Chip = Rev , OEM: NVIDIA, VBE v3.0 > [ 81.609384] uvesafb: protected mode interface info at c000:d350 > [ 81.609388] uvesafb: pmi: set display start =3D c00cd3b3, set palette = =3D c00cd40e > [ 81.609390] uvesafb: pmi: ports =3D 3b4 3b5 3ba 3c0 3c1 3c4 3c5 3c6 3c= 7 3c8 3c9 3cc 3ce 3cf 3d0 3d1 3d2 3d3 3d4 3d5 3da > [ 81.614558] uvesafb: VBIOS/hardware doesn't support DDC transfers > [ 81.614562] uvesafb: no monitor limits have been set, default refresh = rate will be used > [ 81.614994] uvesafb: scrolling: ypan using protected mode interface, y= res_virtualI15 > [ 81.744147] kernel tried to execute NX-protected page - exploit attemp= t? (uid: 0) > [ 81.744153] BUG: unable to handle kernel paging request at c00cd3b3 > [ 81.744159] IP: [] 0xc00cd3b2 > [ 81.744167] *pdpt =3D 00000000016d6001 *pde =3D 0000000001c7b067 *pte = =3D 80000000000cd163 > [ 81.744171] Oops: 0011 [#1] SMP > [ 81.744174] Modules linked in: uvesafb(+) cfbcopyarea cfbimgblt cfbfil= lrect > [ 81.744178] > [ 81.744181] Pid: 3497, comm: modprobe Not tainted 3.3.0-rc4NX+ #71 Ace= r Aspire 4741 /Aspire 4741 > [ 81.744185] EIP: 0060:[] EFLAGS: 00010246 CPU: 0 > [ 81.744187] EIP is at 0xc00cd3b3 > [ 81.744189] EAX: 00004f07 EBX: 00000000 ECX: 00000000 EDX: 00000000 > [ 81.744191] ESI: f763f000 EDI: f763f6e8 EBP: f57f3a0c ESP: f57f3a00 > [ 81.744192] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 > [ 81.744195] Process modprobe (pid: 3497, ti=F57f2000 task=F748c600 tas= k.ti=F57f2000) > [ 81.744196] Stack: > [ 81.744197] f82512c5 f759341c 00000000 f57f3a30 c124a9bc 00000001 000= 00001 000001e0 > [ 81.744202] f8251280 f763f000 f7593400 00000000 f57f3a40 c12598dd f5c= 0c000 00000000 > [ 81.744206] f57f3b10 c1255efe c125a21a 00000006 f763f09c 00000000 c1c= 6cb60 f7593400 > [ 81.744210] Call Trace: > [ 81.744215] [] ? uvesafb_pan_display+0x45/0x60 [uvesafb] > [ 81.744222] [] fb_pan_display+0x10c/0x160 > [ 81.744226] [] ? uvesafb_vbe_find_mode+0x180/0x180 [uvesafb] > [ 81.744230] [] bit_update_start+0x1d/0x50 > [ 81.744232] [] fbcon_switch+0x39e/0x550 > [ 81.744235] [] ? bit_cursor+0x4ea/0x560 > [ 81.744240] [] redraw_screen+0x12b/0x220 > [ 81.744245] [] ? tty_do_resize+0x3b/0xc0 > [ 81.744247] [] vc_do_resize+0x3d2/0x3e0 > [ 81.744250] [] vc_resize+0x14/0x20 > [ 81.744253] [] fbcon_init+0x29d/0x500 > [ 81.744255] [] ? set_inverse_trans_unicode+0xe4/0x110 > [ 81.744258] [] visual_init+0xb8/0x150 > [ 81.744261] [] bind_con_driver+0x16c/0x360 > [ 81.744264] [] ? register_con_driver+0x6e/0x190 > [ 81.744267] [] take_over_console+0x41/0x50 > [ 81.744269] [] fbcon_takeover+0x6a/0xd0 > [ 81.744272] [] fbcon_event_notify+0x758/0x790 > [ 81.744277] [] notifier_call_chain+0x42/0xb0 > [ 81.744280] [] __blocking_notifier_call_chain+0x60/0x90 > [ 81.744283] [] blocking_notifier_call_chain+0x1a/0x20 > [ 81.744285] [] fb_notifier_call_chain+0x11/0x20 > [ 81.744288] [] register_framebuffer+0x1d9/0x2b0 > [ 81.744293] [] ? ioremap_wc+0x33/0x40 > [ 81.744298] [] uvesafb_probe+0xaba/0xc40 [uvesafb] > [ 81.744302] [] platform_drv_probe+0xf/0x20 > [ 81.744306] [] driver_probe_device+0x68/0x170 > [ 81.744309] [] __device_attach+0x41/0x50 > [ 81.744313] [] bus_for_each_drv+0x48/0x70 > [ 81.744316] [] device_attach+0x83/0xa0 > [ 81.744319] [] ? __driver_attach+0x90/0x90 > [ 81.744321] [] bus_probe_device+0x6f/0x90 > [ 81.744324] [] device_add+0x5e5/0x680 > [ 81.744329] [] ? kvasprintf+0x43/0x60 > [ 81.744332] [] ? kobject_set_name_vargs+0x64/0x70 > [ 81.744335] [] ? kobject_set_name_vargs+0x64/0x70 > [ 81.744339] [] platform_device_add+0xff/0x1b0 > [ 81.744343] [] uvesafb_init+0x50/0x9b [uvesafb] > [ 81.744346] [] do_one_initcall+0x2f/0x170 > [ 81.744350] [] ? uvesafb_is_valid_mode+0x66/0x66 [uvesafb] > [ 81.744355] [] sys_init_module+0xf4/0x1410 > [ 81.744359] [] ? vfsmount_lock_local_unlock_cpu+0x30/0x30 > [ 81.744363] [] sysenter_do_call+0x12/0x36 > [ 81.744365] Code: f5 00 00 00 32 f6 66 8b da 66 d1 e3 66 ba d4 03 8a e= 3 b0 1c 66 ef b0 1e 66 ef 8a e7 b0 1d 66 ef b0 1f 66 ef e8 fa 00 00 00 61 c= 3 <60> e8 c8 00 00 00 66 8b f3 66 8b da 66 ba d4 03 b0 0c 8a e5 66 > [ 81.744388] EIP: [] 0xc00cd3b3 SS:ESP 0068:f57f3a00 > [ 81.744391] CR2: 00000000c00cd3b3 > [ 81.744393] ---[ end trace 18b2c87c925b54d6 ]--- >=20 > Signed-off-by: Wang YanQing > --- > drivers/video/uvesafb.c | 12 ++++++++++-- > 1 file changed, 10 insertions(+), 2 deletions(-) >=20 > diff --git a/drivers/video/uvesafb.c b/drivers/video/uvesafb.c > index e7f69ef..f9a670d 100644 > --- a/drivers/video/uvesafb.c > +++ b/drivers/video/uvesafb.c > @@ -23,6 +23,7 @@ > #include