mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-01 06:33:07 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/opp
History
Stephan Gerhold c05e76d6b2 opp: Fix use-after-free in lazy_opp_tables after probe deferral 
commit b2a2ab039b upstream.

When dev_pm_opp_of_find_icc_paths() in _allocate_opp_table() returns
-EPROBE_DEFER, the opp_table is freed again, to wait until all the
interconnect paths are available.

However, if the OPP table is using required-opps then it may already
have been added to the global lazy_opp_tables list. The error path
does not remove the opp_table from the list again.

This can cause crashes later when the provider of the required-opps
is added, since we will iterate over OPP tables that have already been
freed. E.g.:

  Unable to handle kernel NULL pointer dereference when read
  CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.4.0-rc3
  PC is at _of_add_opp_table_v2 (include/linux/of.h:949
  drivers/opp/of.c:98 drivers/opp/of.c:344 drivers/opp/of.c:404
  drivers/opp/of.c:1032) -> lazy_link_required_opp_table()

Fix this by calling _of_clear_opp_table() to remove the opp_table from
the list and clear other allocated resources. While at it, also add the
missing mutex_destroy() calls in the error path.

Cc: stable@vger.kernel.org
Suggested-by: Viresh Kumar <viresh.kumar@linaro.org>
Fixes: 7eba0c7641 ("opp: Allow lazy-linking of required-opps")
Signed-off-by: Stephan Gerhold <stephan.gerhold@kernkonzept.com>
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-07-23 13:54:07 +02:00
..
core.c opp: Fix use-after-free in lazy_opp_tables after probe deferral 2023-07-23 13:54:07 +02:00
cpu.c OPP: Use consistent names for OPP table instances 2022-07-08 11:27:50 +05:30
debugfs.c OPP: fix error checking in opp_migrate_dentry() 2023-02-08 10:40:59 +05:30
Kconfig drivers/opp: Remove "select SRCU" 2023-01-05 11:47:21 +05:30
Makefile treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
of.c Devicetree updates for v6.4, part 2: 2023-04-27 10:09:05 -07:00
opp.h OPP: Move required opps configuration to specialized callback 2023-04-03 09:45:09 +05:30
ti-opp-supply.c OPP: ti: Migrate to dev_pm_opp_set_config_regulators() 2022-07-08 11:27:49 +05:30