| Message ID | 1326458191-23492-1-git-send-email-mans.rullgard@linaro.org |
|---|---|
| State | Accepted |
| Commit | 46e33c606af8e0caeeca374103189663d877c0d6 |
| Headers | show |
On Fri, Jan 13, 2012 at 12:36:31PM +0000, Mans Rullgard wrote: > This fixes the thrd->req_running field being accessed before thrd > is checked for null. The error was introduced in abb959f. > > Signed-off-by: Mans Rullgard <mans.rullgard@linaro.org> I don't know what's happening with the PL330 driver, but there's patches around to remove this file and merge it with the DMA engine driver.
On 13/01/12 12:36, Mans Rullgard wrote: > This fixes the thrd->req_running field being accessed before thrd > is checked for null. The error was introduced in abb959f. > > Signed-off-by: Mans Rullgard <mans.rullgard@linaro.org> > --- > arch/arm/common/pl330.c | 3 ++- As Russell points out, the s5p tree has merged this file with drivers/dma/pl330.c so this bug is now in that file. Please rebase the patch on top of linux-next. Other than that, yes, that's my fault. Acked-by: Javi Merino <javi.merino@arm.com> > 1 files changed, 2 insertions(+), 1 deletions(-) > > diff --git a/arch/arm/common/pl330.c b/arch/arm/common/pl330.c > index 8d8df74..67abef5 100644 > --- a/arch/arm/common/pl330.c > +++ b/arch/arm/common/pl330.c > @@ -1496,12 +1496,13 @@ int pl330_chan_ctrl(void *ch_id, enum pl330_chan_op op) > struct pl330_thread *thrd = ch_id; > struct pl330_dmac *pl330; > unsigned long flags; > - int ret = 0, active = thrd->req_running; > + int ret = 0, active; > > if (!thrd || thrd->free || thrd->dmac->state == DYING) > return -EINVAL; > > pl330 = thrd->dmac; > + active = thrd->req_running; > > spin_lock_irqsave(&pl330->lock, flags); >
Hello. On 13-01-2012 16:36, Mans Rullgard wrote: > This fixes the thrd->req_running field being accessed before thrd > is checked for null. The error was introduced in abb959f. Please also specify summary of that commit in parens. > Signed-off-by: Mans Rullgard<mans.rullgard@linaro.org> WBR, Sergei
On 13/01/12 13:02, Russell King - ARM Linux wrote: > On Fri, Jan 13, 2012 at 12:36:31PM +0000, Mans Rullgard wrote: >> This fixes the thrd->req_running field being accessed before thrd >> is checked for null. The error was introduced in abb959f. >> >> Signed-off-by: Mans Rullgard <mans.rullgard@linaro.org> > > I don't know what's happening with the PL330 driver, but there's patches > around to remove this file and merge it with the DMA engine driver. The PL330 merge didn't happen in the 3.3 merge window and I can't see it in linux-next, so linux 3.3 will ship with the driver still split in arch/arm/common/pl330.c and drivers/dma/pl330.c . I think this patch should be part of linux 3.3 (and you should add "Cc: stable@kernel.org" so that it's included in the next 3.2 stable release). Unless somebody thinks otherwise, Mans, can you please submit it to rmk's patch tracking system? http://www.arm.linux.org.uk/developer/patches/ Thanks, Javi
Javi Merino wrote: > On 13/01/12 13:02, Russell King - ARM Linux wrote: > > On Fri, Jan 13, 2012 at 12:36:31PM +0000, Mans Rullgard wrote: > >> This fixes the thrd->req_running field being accessed before thrd > >> is checked for null. The error was introduced in abb959f. > >> > >> Signed-off-by: Mans Rullgard <mans.rullgard@linaro.org> > > > > I don't know what's happening with the PL330 driver, but there's patches > > around to remove this file and merge it with the DMA engine driver. > > The PL330 merge didn't happen in the 3.3 merge window and I can't see it > in linux-next, so linux 3.3 will ship with the driver still split in > arch/arm/common/pl330.c and drivers/dma/pl330.c . I think this patch > should be part of linux 3.3 (and you should add "Cc: stable@kernel.org" > so that it's included in the next 3.2 stable release). > > Unless somebody thinks otherwise, Mans, can you please submit it to > rmk's patch tracking system? I rebased your patch based on pl330 merge commit with kukjin kim. And confirmed to working it well. You can check it on below URL. git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung.git v3.4-for-vkou As I know, Kukjin kim will send a pull request to DMA and ARM SoC trees soon. > > http://www.arm.linux.org.uk/developer/patches/ > > Thanks, > Javi > > > _______________________________________________ > linux-arm-kernel mailing list > linux-arm-kernel@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
On 09/02/12 00:44, Boojin Kim wrote: > Javi Merino wrote: > >> On 13/01/12 13:02, Russell King - ARM Linux wrote: >>> On Fri, Jan 13, 2012 at 12:36:31PM +0000, Mans Rullgard wrote: >>>> This fixes the thrd->req_running field being accessed before thrd >>>> is checked for null. The error was introduced in abb959f. >>>> >>>> Signed-off-by: Mans Rullgard <mans.rullgard@linaro.org> >>> >>> I don't know what's happening with the PL330 driver, but there's patches >>> around to remove this file and merge it with the DMA engine driver. >> >> The PL330 merge didn't happen in the 3.3 merge window and I can't see it >> in linux-next, so linux 3.3 will ship with the driver still split in >> arch/arm/common/pl330.c and drivers/dma/pl330.c . I think this patch >> should be part of linux 3.3 (and you should add "Cc: stable@kernel.org" >> so that it's included in the next 3.2 stable release). >> >> Unless somebody thinks otherwise, Mans, can you please submit it to >> rmk's patch tracking system? > I rebased your patch based on pl330 merge commit with kukjin kim. And confirmed to working it well. You can check it on below URL. > git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung.git v3.4-for-vkou Sorry, I wasn't talking about my patch but Mans': http://article.gmane.org/gmane.linux.linaro.devel/9445 It fixes a null pointer dereference in the current kernel and I still think it should go into 3.3 and in the next 3.2 stable release. That will create another conflict in your tree I'm afraid. Cheers, Javi
diff --git a/arch/arm/common/pl330.c b/arch/arm/common/pl330.c index 8d8df74..67abef5 100644 --- a/arch/arm/common/pl330.c +++ b/arch/arm/common/pl330.c @@ -1496,12 +1496,13 @@ int pl330_chan_ctrl(void *ch_id, enum pl330_chan_op op) struct pl330_thread *thrd = ch_id; struct pl330_dmac *pl330; unsigned long flags; - int ret = 0, active = thrd->req_running; + int ret = 0, active; if (!thrd || thrd->free || thrd->dmac->state == DYING) return -EINVAL; pl330 = thrd->dmac; + active = thrd->req_running; spin_lock_irqsave(&pl330->lock, flags);
This fixes the thrd->req_running field being accessed before thrd is checked for null. The error was introduced in abb959f. Signed-off-by: Mans Rullgard <mans.rullgard@linaro.org> --- arch/arm/common/pl330.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-)