mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-13 20:16:26 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers
History
Connor Abbott f5af19889f Bluetooth: btqca: Don't modify firmware contents in-place 
commit b43ca51117 upstream.

struct firmware::data is marked const, and when the firmware is
compressed with xz (default at least with Fedora) it's mapped read-only
which results in a crash:

BUG: unable to handle page fault for address: ffffae57c0ca5047
PGD 100000067 P4D 100000067 PUD 1001ce067 PMD 10165a067 PTE 8000000112bba161
Oops: 0003 [#1] SMP NOPTI
CPU: 3 PID: 204 Comm: kworker/u17:0 Not tainted 5.12.1-test+ #1
Hardware name: Dell Inc. XPS 13 9310/0F7M4C, BIOS 1.2.5 12/10/2020
Workqueue: hci0 hci_power_on [bluetooth]
RIP: 0010:qca_download_firmware+0x27c/0x4e0 [btqca]
Code: 1b 75 04 80 48 0c 01 0f b7 c6 8d 54 02 0c 41 39 d7 0f 8e 62 fe ff ff 48 63 c2 4c 01 e8 0f b7 38 0f b7 70 02 66 83 ff 11 75 d3 <80> 48 0c 80 41 83 fc 03 7e 6e 88 58 0d eb ce 41 0f b6 45 0e 48 8b
RSP: 0018:ffffae57c08dfc68 EFLAGS: 00010246
RAX: ffffae57c0ca503b RBX: 000000000000000e RCX: 0000000000000000
RDX: 0000000000000037 RSI: 0000000000000006 RDI: 0000000000000011
RBP: ffff978d9949e000 R08: ffff978d84ed7540 R09: ffffae57c0ca5000
R10: 000000000010cd00 R11: 0000000000000001 R12: 0000000000000005
R13: ffffae57c0ca5004 R14: ffff978d98ca8680 R15: 00000000000016a9
FS:  0000000000000000(0000) GS:ffff9794ef6c0000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffae57c0ca5047 CR3: 0000000113d5a004 CR4: 0000000000770ee0
PKRU: 55555554
Call Trace:
 qca_uart_setup+0x2cb/0x1390 [btqca]
 ? qca_read_soc_version+0x136/0x220 [btqca]
 qca_setup+0x288/0xab0 [hci_uart]
 hci_dev_do_open+0x1f3/0x780 [bluetooth]
 ? try_to_wake_up+0x1c1/0x4f0
 hci_power_on+0x3f/0x200 [bluetooth]
 process_one_work+0x1ec/0x380
 worker_thread+0x53/0x3e0
 ? process_one_work+0x380/0x380
 kthread+0x11b/0x140
 ? kthread_associate_blkcg+0xa0/0xa0
 ret_from_fork+0x1f/0x30
Modules linked in: llc ip_set nf_tables nfnetlink snd_soc_skl_hda_dsp(+) ip6table_filter snd_soc_hdac_hdmi ip6_tables qrtr_mhi iptable_filter snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic s>
 dell_wmi_sysman(+) dell_smbios snd dcdbas mhi vfat videobuf2_vmalloc i2c_i801 videobuf2_memops videobuf2_v4l2 dell_wmi_descriptor fat wmi_bmof soundcore i2c_smbus videobuf2_common libarc4 mei_me mei hid_se>
 i2c_hid_acpi i2c_hid video pinctrl_tigerlake fuse
CR2: ffffae57c0ca5047

This also seems to fix a failure to suspend due to the firmware
download on bootup getting interrupted by the crash:

Bluetooth: hci0: SSR or FW download time out
PM: dpm_run_callback(): acpi_subsys_suspend+0x0/0x60 returns -110
PM: Device serial0-0 failed to suspend: error -110
PM: Some devices failed to suspend, or early wake event detected

Fixes: 83e8196 ("Bluetooth: btqca: Introduce generic QCA ROME support")
Cc: Venkata Lakshmi Narayana Gubba <gubbaven@codeaurora.org>
Cc: stable@vger.kernel.org
Signed-off-by: Connor Abbott <cwabbott0@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-07-14 16:55:34 +02:00
..
accessibility
acpi Revert "ACPI: sleep: Put the FACS table after using it" 2021-06-16 12:01:39 +02:00
amba
android
ata
atm
auxdisplay
base drivers: base: Fix device link removal 2021-06-03 09:00:34 +02:00
bcma
block nbd: Fix NULL pointer in flush_workqueue 2021-05-19 10:13:14 +02:00
bluetooth Bluetooth: btqca: Don't modify firmware contents in-place 2021-07-14 16:55:34 +02:00
bus bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act 2021-06-10 13:39:22 +02:00
cdrom cdrom: gdrom: initialize global variable at init time 2021-05-26 12:06:55 +02:00
char char: hpet: add checks after calling ioremap 2021-06-03 09:00:41 +02:00
clk clk: exynos7: Mark aclk_fsys1_200 as critical 2021-05-19 10:13:19 +02:00
clocksource clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940 2021-05-19 10:13:18 +02:00
connector
counter
cpufreq cpufreq: intel_pstate: Use HWP if enabled by platform firmware 2021-05-19 10:12:51 +02:00
cpuidle
crypto Revert "crypto: cavium/nitrox - add an error message to explain the failure of pci_request_mem_regions" 2021-06-03 09:00:40 +02:00
dax
dca
devfreq
dio
dma dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma 2021-06-30 08:47:20 -04:00
dma-buf
edac
eisa
extcon
firewire
firmware efi: cper: fix snprintf() use in cper_dimm_err_location() 2021-06-10 13:39:14 +02:00
fpga
fsi
gnss
gpio gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP 2021-07-07 08:22:46 -04:00
gpu drm/nouveau: fix dma_address check for CPU/GPU sync 2021-07-07 08:22:46 -04:00
greybus
hid HID: gt683r: add missing MODULE_DEVICE_TABLE 2021-06-18 10:00:04 +02:00
hsi HSI: core: fix resource leaks in hsi_add_client_from_dt() 2021-05-14 09:50:28 +02:00
hv
hwmon hwmon: (scpi-hwmon) shows the negative temperature properly 2021-06-23 14:42:49 +02:00
hwspinlock
hwtracing coresight: Do not scan for graph if none is present 2021-05-19 10:12:55 +02:00
i2c i2c: robotfuzz-osif: fix control-request directions 2021-06-30 08:47:25 -04:00
i3c
ide
idle
iio iio: adc: ad7192: handle regulator voltage error first 2021-06-03 09:00:33 +02:00
infiniband RDMA/mlx5: Block FDB rules when not in switchdev mode 2021-07-07 08:22:47 -04:00
input Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state 2021-05-22 11:40:52 +02:00
interconnect interconnect: qcom: Add missing MODULE_DEVICE_TABLE 2021-06-03 09:00:46 +02:00
iommu iommu/vt-d: Use user privilege for RID2PASID translation 2021-06-03 09:00:49 +02:00
ipack
irqchip irqchip/gic-v3: Workaround inconsistent PMR setting on NMI entry 2021-06-23 14:42:49 +02:00
isdn isdn: mISDN: netjet: Fix crash in nj_probe: 2021-06-16 12:01:36 +02:00
leds leds: lp5523: check return value of lp5xx_read and jump to cleanup code 2021-05-26 12:06:56 +02:00
lightnvm
macintosh
mailbox mailbox: sprd: Introduce refcnt when clients requests/free channels 2021-05-14 09:50:27 +02:00
mcb
md dm verity: fix require_signatures module_param permissions 2021-06-16 12:01:37 +02:00
media media: uvcvideo: Support devices that report an OT as an entity source 2021-07-11 12:53:30 +02:00
memory
memstick
message
mfd mfd: stm32-timers: Avoid clearing auto reload register 2021-05-14 09:50:27 +02:00
misc platform/x86: hp_accel: Avoid invoking _INI to speed up resume 2021-06-03 09:00:39 +02:00
mmc mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk 2021-06-30 08:47:16 -04:00
most
mtd
mux
net net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY 2021-06-30 08:47:24 -04:00
nfc nfc: pn533: prevent potential memory corruption 2021-05-14 09:50:32 +02:00
ntb
nubus
nvdimm
nvme nvme-loop: do not warn for deleted controllers during reset 2021-06-18 10:00:05 +02:00
nvmem
of
opp
oprofile
parisc
parport
pci Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" 2021-06-30 08:47:17 -04:00
pcmcia
perf
phy phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init() 2021-06-23 14:42:48 +02:00
pinctrl pinctrl: stm32: fix the reported number of GPIO lines per bank 2021-06-30 08:47:24 -04:00
platform platform/x86: thinkpad_acpi: Add X1 Carbon Gen 9 second fan support 2021-06-23 14:42:47 +02:00
pnp
power
powercap
pps
ps3
ptp ptp: improve max_adj check against unreasonable values 2021-06-23 14:42:45 +02:00
pwm pwm: atmel: Fix duty cycle calculation in .get_state() 2021-05-19 10:13:04 +02:00
rapidio rapidio: handle create_workqueue() failure 2021-05-26 12:06:52 +02:00
ras
regulator regulator: rt4801: Fix NULL pointer dereference if priv->enable_gpios is NULL 2021-06-23 14:42:48 +02:00
remoteproc remoteproc: qcom_q6v5_mss: Validate p_filesz in ELF loader 2021-05-19 10:13:01 +02:00
reset
rpmsg rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() 2021-05-19 10:13:02 +02:00
rtc rtc: pcf85063: fallback to parent of_node 2021-05-26 12:06:57 +02:00
s390 s390/ap: Fix hanging ioctl caused by wrong msg counter 2021-06-23 14:42:51 +02:00
sbus
scsi scsi: sr: Return appropriate error code when disk is ejected 2021-07-07 08:22:46 -04:00
sfi
sh
siox
slimbus
soc
soundwire
spi spi: spi-nxp-fspi: move the register operation after the clock enable 2021-06-30 08:47:17 -04:00
spmi
ssb
staging pinctrl: ralink: rt2880: avoid to error in calls is pin is already enabled 2021-06-23 14:42:49 +02:00
target scsi: target: core: Fix warning on realtime kernels 2021-06-18 10:00:04 +02:00
tc
tee optee: use export_uuid() to copy client UUID 2021-06-10 13:39:21 +02:00
thermal thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID 2021-06-03 09:00:35 +02:00
thunderbolt thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue 2021-06-03 09:00:32 +02:00
tty serial: stm32: fix threaded interrupt handling 2021-06-10 13:39:22 +02:00
uio uio_hv_generic: Fix a memory leak in error handling paths 2021-05-26 12:06:52 +02:00
usb usb: dwc3: core: fix kernel panic when do reboot 2021-06-23 14:42:54 +02:00
vdpa {net,vdpa}/mlx5: Configure interface MAC into mpfs L2 table 2021-06-03 09:00:36 +02:00
vfio vfio/platform: fix module_put call in error flow 2021-06-10 13:39:15 +02:00
vhost
video video: hgafb: correctly handle card detect failure during probe 2021-05-26 12:06:57 +02:00
virt
virtio
visorbus
vlynq
vme
w1
watchdog
xen xen/events: reset active flag for lateeoi events later 2021-07-11 12:53:31 +02:00
zorro
Kconfig
Makefile