[PATCH] dma: of-dma: check OF pointer property before dereferencing

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] dma: of-dma: check OF pointer property before dereferencing
@ 2013-04-15  8:39 Paolo Pisati
  2013-04-15  8:39 ` [PATCH] dma: of-dma: check OF pointer property before dereferencing it Paolo Pisati
  0 siblings, 1 reply; 3+ messages in thread
From: Paolo Pisati @ 2013-04-15  8:39 UTC (permalink / raw)
  To: Vinod Koul
  Cc: Dan Williams, Grant Likely, Rob Herring, linux-kernel,
	devicetree-discuss, Paolo Pisati

Unable to handle kernel NULL pointer dereference at virtual address 00000000
pgd = c0004000
[00000000] *pgd=00000000
Internal error: Oops: 5 [#1] SMP ARM
CPU: 0    Tainted: G        W     (3.9.0-rc739rc7fix1-dirty #10)
PC is at of_dma_controller_register+0xb8/0x11c
LR is at of_find_property+0x44/0x4c
pc : [<c01adf8c>]    lr : [<c0281754>]    psr: 60000113
sp : ef043e40  ip : 00000000  fp : c01af774
r10: ef015550  r9 : c01af5c0  r8 : 00000000
r7 : c01afb40  r6 : ef120400  r5 : c48613dc  r4 : ef02e900
r3 : 00000000  r2 : 00000023  r1 : a0000113  r0 : 00000000
Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment kernel
Control: 10c5387d  Table: 0000404a  DAC: 00000015
Process swapper/0 (pid: 1, stack limit = 0xef042238)
Stack: (0xef043e40 to 0xef044000)
3e40: ef015550 ef01558c ef120400 c01affe4 00000000 c01af5c0 ef015584 c01b1170
3e60: 00000000 ef015550 c033ca54 c48613dc c033ca54 0000007c 00041308 ef103d80
3e80: a0000113 00000000 ef012440 c03bc7d4 ef120400 00000000 c03bc780 c03bc780
3ea0: c038c000 00000000 00000000 c01ac1f4 c01ac16c ef120400 c03fa67c c03fa684
3ec0: 00000000 c01d9570 ef120400 c03bc780 ef120434 00000000 0000008b c01d9718
3ee0: 00000000 c03bc780 c01d968c c01d7ce4 ef0c2558 ef0eefb4 ef02b100 c03bc780
3f00: c03bc64c c01d8450 c033cfa8 c03bc1e0 c03bc780 c0398e48 c03a0784 c03cab40
3f20: 0000008b c01d9ce8 00000000 00000006 c0398e48 c03a0784 c03cab40 0000008b
3f40: 00000000 c0377878 00000006 00000006 c03b25a4 00000006 00000006 c0398e48
3f60: c03a0784 c03cab40 0000008b c0398e54 c037727c c0377a44 00000006 00000006
3f80: c037727c 00000000 00000000 c02bb874 00000000 00000000 00000000 00000000
3fa0: 00000000 c02bb87c 00000000 c000dfd8 00000000 00000000 00000000 00000000
3fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
3fe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000
[<c01adf8c>] (of_dma_controller_register+0xb8/0x11c) from [<c01b1170>] (pl330_probe+0x740/0xa9c)
[<c01b1170>] (pl330_probe+0x740/0xa9c) from [<c01ac1f4>] (amba_probe+0x88/0xa0)
[<c01ac1f4>] (amba_probe+0x88/0xa0) from [<c01d9570>] (driver_probe_device+0xf8/0x214)
[<c01d9570>] (driver_probe_device+0xf8/0x214) from [<c01d9718>] (__driver_attach+0x8c/0x90)
[<c01d9718>] (__driver_attach+0x8c/0x90) from [<c01d7ce4>] (bus_for_each_dev+0x54/0x88)
[<c01d7ce4>] (bus_for_each_dev+0x54/0x88) from [<c01d8450>] (bus_add_driver+0xdc/0x230)
[<c01d8450>] (bus_add_driver+0xdc/0x230) from [<c01d9ce8>] (driver_register+0x78/0x14c)
[<c01d9ce8>] (driver_register+0x78/0x14c) from [<c0377878>] (do_one_initcall+0x90/0x160)
[<c0377878>] (do_one_initcall+0x90/0x160) from [<c0377a44>] (kernel_init_freeable+0xfc/0x1c4)
[<c0377a44>] (kernel_init_freeable+0xfc/0x1c4) from [<c02bb87c>] (kernel_init+0x8/0xe4)
[<c02bb87c>] (kernel_init+0x8/0xe4) from [<c000dfd8>] (ret_from_fork+0x14/0x3c)
Code: e1a00008 e8bd87f0 e3a04010 eaffffe0 (e5909000)
---[ end trace 1b75b31a2719ed1e ]---
Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b

Paolo Pisati (1):
  dma: of-dma: check OF pointer property before dereferencing it

 drivers/dma/of-dma.c |    7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

-- 
1.7.10.4


^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCH] dma: of-dma: check OF pointer property before dereferencing it
  2013-04-15  8:39 [PATCH] dma: of-dma: check OF pointer property before dereferencing Paolo Pisati
@ 2013-04-15  8:39 ` Paolo Pisati
  2013-04-15 15:22   ` Lars-Peter Clausen
  0 siblings, 1 reply; 3+ messages in thread
From: Paolo Pisati @ 2013-04-15  8:39 UTC (permalink / raw)
  To: Vinod Koul
  Cc: Dan Williams, Grant Likely, Rob Herring, linux-kernel,
	devicetree-discuss, Paolo Pisati

Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
---
 drivers/dma/of-dma.c |    7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/drivers/dma/of-dma.c b/drivers/dma/of-dma.c
index 69d04d2..9628298 100644
--- a/drivers/dma/of-dma.c
+++ b/drivers/dma/of-dma.c
@@ -91,6 +91,7 @@ int of_dma_controller_register(struct device_node *np,
 				(struct of_phandle_args *, struct of_dma *),
 				void *data)
 {
+	void 	*parent;
 	struct of_dma	*ofdma;
 	int		nbcells;
 
@@ -103,8 +104,10 @@ int of_dma_controller_register(struct device_node *np,
 	if (!ofdma)
 		return -ENOMEM;
 
-	nbcells = be32_to_cpup(of_get_property(np, "#dma-cells", NULL));
-	if (!nbcells) {
+	parent = of_get_property(np, "#dma-cells", NULL);
+	if (parent)
+		nbcells = be32_to_cpup(parent);
+	if (!parent || !nbcells) {
 		pr_err("%s: #dma-cells property is missing or invalid\n",
 		       __func__);
 		kfree(ofdma);
-- 
1.7.10.4


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] dma: of-dma: check OF pointer property before dereferencing it
  2013-04-15  8:39 ` [PATCH] dma: of-dma: check OF pointer property before dereferencing it Paolo Pisati
@ 2013-04-15 15:22   ` Lars-Peter Clausen
  0 siblings, 0 replies; 3+ messages in thread
From: Lars-Peter Clausen @ 2013-04-15 15:22 UTC (permalink / raw)
  To: Paolo Pisati
  Cc: Vinod Koul, Dan Williams, Grant Likely, Rob Herring, linux-kernel,
	devicetree-discuss

On 04/15/2013 10:39 AM, Paolo Pisati wrote:
> Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>

That should already be fixed in the DMA tree. See commit 7362f04c28 ("DMA:
OF: Check properties value before running be32_to_cpup() on it").

- Lars


> ---
>  drivers/dma/of-dma.c |    7 +++++--
>  1 file changed, 5 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/dma/of-dma.c b/drivers/dma/of-dma.c
> index 69d04d2..9628298 100644
> --- a/drivers/dma/of-dma.c
> +++ b/drivers/dma/of-dma.c
> @@ -91,6 +91,7 @@ int of_dma_controller_register(struct device_node *np,
>  				(struct of_phandle_args *, struct of_dma *),
>  				void *data)
>  {
> +	void 	*parent;
>  	struct of_dma	*ofdma;
>  	int		nbcells;
>  
> @@ -103,8 +104,10 @@ int of_dma_controller_register(struct device_node *np,
>  	if (!ofdma)
>  		return -ENOMEM;
>  
> -	nbcells = be32_to_cpup(of_get_property(np, "#dma-cells", NULL));
> -	if (!nbcells) {
> +	parent = of_get_property(np, "#dma-cells", NULL);
> +	if (parent)
> +		nbcells = be32_to_cpup(parent);
> +	if (!parent || !nbcells) {
>  		pr_err("%s: #dma-cells property is missing or invalid\n",
>  		       __func__);
>  		kfree(ofdma);


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2013-04-15 15:23 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-04-15  8:39 [PATCH] dma: of-dma: check OF pointer property before dereferencing Paolo Pisati
2013-04-15  8:39 ` [PATCH] dma: of-dma: check OF pointer property before dereferencing it Paolo Pisati
2013-04-15 15:22   ` Lars-Peter Clausen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox