mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/drivers
History
Jon Hunter 0b987032f8 usb: tegra: Fix allocation for the FPCI context 
Commit 5c4e8d3781 ("usb: host: xhci-tegra: Add support for XUSB
context save/restore") is using the IPFS 'num_offsets' value when
allocating memory for FPCI context instead of the FPCI 'num_offsets'.

After commit cad064f1bd ("devres: handle zero size in devm_kmalloc()")
was added system suspend started failing on Tegra186. The kernel log
showed that the Tegra XHCI driver was crashing on entry to suspend when
attempting the save the USB context. On Tegra186, the IPFS context has a
zero length but the FPCI content has a non-zero length, and because of
the bug in the Tegra XHCI driver we are incorrectly allocating a zero
length array for the FPCI context. The crash seen on entering suspend
when we attempt to save the FPCI context and following commit
cad064f1bd ("devres: handle zero size in devm_kmalloc()") this now
causes a NULL pointer deference when we access the memory. Fix this by
correcting the amount of memory we are allocating for FPCI contexts.

Cc: stable@vger.kernel.org

Fixes: 5c4e8d3781 ("usb: host: xhci-tegra: Add support for XUSB context save/restore")

Signed-off-by: Jon Hunter <jonathanh@nvidia.com>
Acked-by: Thierry Reding <treding@nvidia.com>
Link: https://lore.kernel.org/r/20200715113842.30680-1-jonathanh@nvidia.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-07-23 13:21:01 +02:00
..
accessibility treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
acpi Merge branch 'acpi-fan' 2020-07-03 16:15:31 +02:00
amba ARM: tegra: Replace zero-length array with flexible-array 2020-06-15 23:08:28 -05:00
android binder: fix null deref of proc->context 2020-06-23 07:54:46 +02:00
ata libata-5.8-2020-06-19 2020-06-19 13:09:40 -07:00
atm treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
auxdisplay treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
base regmap: Fixes for v5.8 2020-07-17 09:58:18 -07:00
bcma
block Char/Misc fixes for 5.8-rc6 2020-07-16 11:26:40 -07:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2020-06-03 16:27:18 -07:00
bus bus: ti-sysc: Do not disable on suspend for no-idle 2020-07-02 13:57:57 -07:00
cdrom Merge branch 'work.sysctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2020-06-10 16:05:54 -07:00
char Char/Misc fixes for 5.8-rc6 2020-07-16 11:26:40 -07:00
clk A couple build fixes for issues exposed this merge window and a fix for 2020-07-15 19:00:12 -07:00
clocksource arm64: arch_timer: Disable the compat vdso for cores affected by ARM64_WORKAROUND_1418040 2020-07-08 21:57:51 +01:00
connector treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
counter counter: 104-quad-8: Add lock guards - filter clock prescaler 2020-06-14 14:46:52 +01:00
cpufreq cpufreq: intel_pstate: Fix active mode setting from command line 2020-07-13 17:55:57 +02:00
cpuidle cpuidle: Rearrange s2idle-specific idle state entry code 2020-06-25 13:52:53 +02:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2020-06-21 10:01:03 -07:00
dax device-dax: add memory via add_memory_driver_managed() 2020-06-04 19:06:23 -07:00
dca
devfreq PM / devfreq: Use lockdep asserts instead of manual checks for locked mutex 2020-05-28 18:02:40 +09:00
dio maccess: rename probe_kernel_{read,write} to copy_{from,to}_kernel_nofault 2020-06-17 10:57:41 -07:00
dma dmaengine fixes for v5.5-rc6 2020-07-15 15:58:11 -07:00
dma-buf dmabuf: use spinlock to access dmabuf->name 2020-07-10 15:39:29 +05:30
edac EDAC/amd64: Read back the scrub rate PCI register on F15h 2020-06-18 20:25:25 +02:00
eisa treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
extcon extcon: arizona: Fix runtime PM imbalance on error 2020-05-29 17:36:02 +09:00
firewire firewire: ohci: Replace zero-length array with flexible-array 2020-06-15 23:08:31 -05:00
firmware arm64 fixes for -rc6 2020-07-17 15:27:52 -07:00
fpga FPGA Manager fixes for 5.8-rc1 2020-06-26 17:26:31 +02:00
fsi treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
gnss treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
gpio gpio fixes for v5.8-rc3 2020-06-26 23:53:25 +02:00
gpu Merge tag 'amd-drm-fixes-5.8-2020-07-15' of git://people.freedesktop.org/~agd5f/linux into drm-fixes 2020-07-17 13:29:00 +10:00
greybus treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid into master 2020-07-17 09:43:13 -07:00
hsi treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
hv Drivers: hv: Change flag to write log level in panic msg to false 2020-06-29 10:30:35 +00:00
hwmon hwmon: (drivetemp) Avoid SCT usage on Toshiba DT01ACA family drives 2020-07-18 08:11:44 -07:00
hwspinlock
hwtracing intel_th: Fix a NULL dereference when hub driver is not loaded 2020-07-10 15:12:48 +02:00
i2c i2c: mlxcpld: check correct size of maximum RECV_LEN packet 2020-07-04 08:20:38 +02:00
i3c
ide treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
idle
iio First set of IIO and counter fixes in the 5.8 cycle. 2020-07-08 09:20:50 +02:00
infiniband RDMA/mlx5: Set PD pointers for the error flow unwind 2020-07-08 20:15:59 -03:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2020-07-13 18:31:15 -07:00
interconnect More power management updates for 5.8-rc1 2020-06-10 14:04:39 -07:00
iommu Two fixes for the interrupt subsystem: 2020-07-19 11:53:08 -07:00
ipack treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
irqchip Bugfixes and a one-liner patch to silence sparse. 2020-07-06 12:48:04 -07:00
isdn treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
leds LEDs pull request for 5.8-rc1. 2020-06-04 11:03:45 -07:00
lightnvm for-5.8/block-2020-06-01 2020-06-02 15:29:19 -07:00
macintosh treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
mailbox mailbox: qcom: Add ipq6018 apcs compatible 2020-06-10 22:43:57 -05:00
mcb
md dm: use noio when sending kobject event 2020-07-08 12:50:51 -04:00
media media: omap3isp: remove cacheflush.h 2020-06-26 00:27:37 -07:00
memory Merge branch 'baikal/drivers' into arm/drivers 2020-05-28 14:18:11 +02:00
memstick
message scsi: mptfusion: Don't use GFP_ATOMIC for larger DMA allocations 2020-06-26 22:51:53 -04:00
mfd irqdomain/treewide: Keep firmware node unconditionally allocated 2020-07-14 17:44:42 +02:00
misc mei: bus: don't clean driver pointer 2020-06-29 19:10:51 +02:00
mmc mmc: sdhci-msm: Override DLL_CONFIG only if the valid value is supplied 2020-07-08 15:30:35 +02:00
most
mtd mtd: rawnand: xway: Fix build issue 2020-07-07 21:04:38 +02:00
mux
net mlxsw: pci: Fix use-after-free in case of failed devlink reload 2020-07-10 14:33:34 -07:00
nfc treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
ntb NTB: perf: Fix race condition when run with ntb_test 2020-06-05 20:02:09 -04:00
nubus
nvdimm libnvdimm/security: Fix key lookup permissions 2020-07-08 17:08:01 -07:00
nvme nvme: explicitly update mpath disk capacity on revalidation 2020-07-16 16:40:27 +02:00
nvmem nvmem: qfprom: remove incorrect write support 2020-05-27 11:09:26 +02:00
of of: of_mdio: Correct loop scanning logic 2020-06-19 13:39:00 -07:00
opp opp: Increase parsed_static_opps in _of_add_opp_table_v1() 2020-07-16 08:50:54 +05:30
oprofile oprofile: Replace zero-length array with flexible-array 2020-06-15 23:08:32 -05:00
parisc
parport treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
pci irqdomain/treewide: Keep firmware node unconditionally allocated 2020-07-14 17:44:42 +02:00
pcmcia treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
perf drivers/perf: Prevent forced unbinding of PMU drivers 2020-07-17 10:51:44 +01:00
phy phy: fixes for 5.8 2020-07-08 18:00:07 +02:00
pinctrl intel-pinctrl for v5.8-2 2020-06-28 01:08:21 +02:00
platform platform/x86: asus-wmi: allow BAT1 battery name 2020-07-15 12:47:04 +03:00
pnp treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
power power supply and reset changes for the v5.8 series 2020-06-10 11:28:35 -07:00
powercap Kbuild updates for v5.8 (2nd) 2020-06-13 13:29:16 -07:00
pps treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
ps3
ptp treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
pwm pwm: Add missing "CONFIG_" prefix 2020-06-04 19:09:28 +02:00
rapidio rapidio: Replace zero-length array with flexible-array 2020-06-15 23:08:32 -05:00
ras
regulator regulator: rename da903x to da903x-regulator 2020-06-25 15:29:21 +01:00
remoteproc remoteproc updates for v5.8 2020-06-08 13:01:08 -07:00
reset Char/Misc driver patches for 5.8-rc1 2020-06-07 10:59:32 -07:00
rpmsg remoteproc updates for v5.8 2020-06-08 13:01:08 -07:00
rtc RTC for 5.8 2020-06-07 16:11:23 -07:00
s390 vfio-ccw: Fix a build error due to missing include of linux/slab.h 2020-07-03 11:41:31 +02:00
sbus treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
scsi scsi: megaraid_sas: Remove undefined ENABLE_IRQ_POLL macro 2020-07-15 16:16:45 -04:00
sfi treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
sh
siox
slimbus
soc i.MX fixes for 5.8, round 2: 2020-07-16 22:08:07 +02:00
soundwire soundwire: intel: fix memory leak with devm_kasprintf 2020-06-22 17:15:20 +05:30
spi spi: Fixes for v5.8 2020-07-17 10:24:09 -07:00
spmi
ssb
staging staging: comedi: verify array index is correct before using it 2020-07-10 14:03:00 +02:00
target Kbuild updates for v5.8 (2nd) 2020-06-13 13:29:16 -07:00
tc
tee mmap locking API: use coccinelle to convert mmap_sem rwsem call sites 2020-06-09 09:39:14 -07:00
thermal - Fix invalid index array access on int340x_thermal leading to a 2020-07-16 11:08:54 -07:00
thunderbolt thunderbolt: Fix path indices used in USB3 tunnel discovery 2020-06-25 15:45:30 +03:00
tty TTY/Serial driver fixes for 5.8-rc6 2020-07-16 11:10:27 -07:00
uio uio_pdrv_genirq: fix use without device tree and no interrupt 2020-07-03 10:52:02 +02:00
usb usb: tegra: Fix allocation for the FPCI context 2020-07-23 13:21:01 +02:00
vdpa vdpa: fix typos in the comments for __vdpa_alloc_device() 2020-06-22 12:34:21 -04:00
vfio vfio/pci: Fix SR-IOV VF handling with MMIO blocking 2020-06-25 11:04:23 -06:00
vhost tools/virtio: Add --reset 2020-06-22 12:34:21 -04:00
video Short summary of fixes pull (less than what git shortlog provides): 2020-06-26 13:49:17 +10:00
virt virt: vbox: Fix guest capabilities mask check 2020-07-10 13:40:19 +02:00
virtio virtio-mem: add memory via add_memory_driver_managed() 2020-06-22 12:34:21 -04:00
visorbus treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
vlynq
vme treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
w1 w1: Replace zero-length array with flexible-array 2020-06-15 23:08:32 -05:00
watchdog treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
xen xen: branch for v5.8-rc5 2020-07-11 11:16:46 -07:00
zorro treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
Kconfig
Makefile