From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linuxfoundation.org ([140.211.169.12]:58316 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S967287AbdAJNOU (ORCPT ); Tue, 10 Jan 2017 08:14:20 -0500 Subject: Patch "tick/broadcast: Prevent NULL pointer dereference" has been added to the 4.9-stable tree To: tglx@linutronix.de, anna-maria@linutronix.de, bigeasy@linutronix.de, daniel.lezcano@linaro.org, gregkh@linuxfoundation.org, mark.rutland@arm.com, peterz@infradead.org, rcochran@linutronix.de, robin.murphy@arm.com, sf84@laposte.net, slash.tmp@free.fr, thibaud_cornic@sigmadesigns.com Cc: , From: Date: Tue, 10 Jan 2017 14:14:32 +0100 Message-ID: <1484054072255129@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org List-ID: This is a note to let you know that I've just added the patch titled tick/broadcast: Prevent NULL pointer dereference to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: tick-broadcast-prevent-null-pointer-dereference.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >>From c1a9eeb938b5433947e5ea22f89baff3182e7075 Mon Sep 17 00:00:00 2001 From: Thomas Gleixner Date: Thu, 15 Dec 2016 12:10:37 +0100 Subject: tick/broadcast: Prevent NULL pointer dereference From: Thomas Gleixner commit c1a9eeb938b5433947e5ea22f89baff3182e7075 upstream. When a disfunctional timer, e.g. dummy timer, is installed, the tick core tries to setup the broadcast timer. If no broadcast device is installed, the kernel crashes with a NULL pointer dereference in tick_broadcast_setup_oneshot() because the function has no sanity check. Reported-by: Mason Signed-off-by: Thomas Gleixner Cc: Mark Rutland Cc: Anna-Maria Gleixner Cc: Richard Cochran Cc: Sebastian Andrzej Siewior Cc: Daniel Lezcano Cc: Peter Zijlstra , Cc: Sebastian Frias Cc: Thibaud Cornic Cc: Robin Murphy Link: http://lkml.kernel.org/r/1147ef90-7877-e4d2-bb2b-5c4fa8d3144b@free.fr Signed-off-by: Greg Kroah-Hartman --- kernel/time/tick-broadcast.c | 3 +++ 1 file changed, 3 insertions(+) --- a/kernel/time/tick-broadcast.c +++ b/kernel/time/tick-broadcast.c @@ -871,6 +871,9 @@ void tick_broadcast_setup_oneshot(struct { int cpu = smp_processor_id(); + if (!bc) + return; + /* Set it up only once ! */ if (bc->event_handler != tick_handle_oneshot_broadcast) { int was_periodic = clockevent_state_periodic(bc); Patches currently in stable-queue which might be from tglx@linutronix.de are queue-4.9/clocksource-dummy_timer-move-hotplug-callback-after-the-real-timers.patch queue-4.9/irqchip-bcm7038-l1-implement-irq_cpu_offline-callback.patch queue-4.9/x86-cpu-probe-cpuid-leaf-6-even-when-cpuid_level-6.patch queue-4.9/x86-prctl-uapi-remove-ifdef-for-checkpoint_restore.patch queue-4.9/efi-efivar_ssdt_load-don-t-return-success-on-allocation-failure.patch queue-4.9/pci-msi-check-for-null-affinity-mask-in-pci_irq_get_affinity.patch queue-4.9/genirq-affinity-fix-node-generation-from-cpumask.patch queue-4.9/tick-broadcast-prevent-null-pointer-dereference.patch