mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-21 10:01:00 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers
History
Alex Elder 6d3635ed12 net: ipa: terminate message handler arrays 
[ Upstream commit 3a9ef3e11c ]

When a QMI handle is initialized, an array of message handler
structures is provided, defining how any received message should
be handled based on its type and message ID.  The QMI core code
traverses this array when a message arrives and calls the function
associated with the (type, msg_id) found in the array.

The array is supposed to be terminated with an empty (all zero)
entry though.  Without it, an unsupported message will cause
the QMI core code to go past the end of the array.

Fix this bug, by properly terminating the message handler arrays
provided when QMI handles are set up by the IPA driver.

Fixes: 530f9216a9 ("soc: qcom: ipa: AP/modem communications")
Reported-by: Sujit Kautkar <sujitka@chromium.org>
Signed-off-by: Alex Elder <elder@linaro.org>
Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-03-30 14:31:58 +02:00
..
accessibility speakup: fix uninitialized flush_lock 2020-12-30 11:53:44 +01:00
acpi ACPICA: Always create namespace nodes using acpi_ns_create_node() 2021-03-30 14:31:54 +02:00
amba amba: Fix resource leak for drivers without .remove 2021-03-04 11:38:02 +01:00
android binder: add flag to clear buffer on txn complete 2020-12-30 11:54:09 +01:00
ata ata: ahci_brcm: Add back regulators management 2021-03-04 11:37:45 +01:00
atm atm: idt77252: fix null-ptr-dereference 2021-03-30 14:31:50 +02:00
auxdisplay auxdisplay: ht16k33: Fix refresh rate handling 2021-03-04 11:38:00 +01:00
base Revert "PM: runtime: Update device status before letting suppliers suspend" 2021-03-25 09:04:05 +01:00
bcma
block umem: fix error return code in mm_pci_probe() 2021-03-30 14:31:50 +02:00
bluetooth Bluetooth: btqca: Add valid le states quirk 2021-03-11 14:17:22 +01:00
bus bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD 2021-03-30 14:31:56 +02:00
cdrom
char tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() 2021-03-09 11:11:10 +01:00
clk clk: qcom: gcc-sc7180: Use floor ops for the correct sdcc1 clk 2021-03-30 14:31:58 +02:00
clocksource clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined 2021-03-04 11:37:57 +01:00
connector
counter counter: stm32-timer-cnt: fix ceiling miss-alignment with reload register 2021-03-25 09:04:16 +01:00
cpufreq cpufreq: blacklist Arm Vexpress platforms in cpufreq-dt-platdev 2021-03-30 14:31:49 +02:00
cpuidle
crypto crypto: sun4i-ss - initialize need_fallback 2021-03-04 11:38:32 +01:00
dax device-dax: Fix default return code of range_parse() 2021-03-04 11:38:15 +01:00
dca
devfreq
dio
dma dmaengine: idxd: set DMA channel to be private 2021-03-04 11:37:57 +01:00
dma-buf dmabuf: fix use-after-free of dmabuf's file->f_inode 2021-01-12 20:18:24 +01:00
edac EDAC/amd64: Do not load on family 0x15, model 0x13 2021-03-07 12:34:08 +01:00
eisa
extcon extcon: max77693: Fix modalias string 2020-12-30 11:53:49 +01:00
firewire
firmware firmware/efi: Fix a use after bug in efi_mem_reserve_persistent 2021-03-25 09:04:18 +01:00
fpga
fsi fsi: Aspeed: Add mutex to protect HW access 2020-12-30 11:53:46 +01:00
gnss
gpio gpiolib: acpi: Add missing IRQF_ONESHOT 2021-03-30 14:31:49 +02:00
gpu drm/i915: Fix the GT fence revocation runtime PM logic 2021-03-30 14:31:55 +02:00
greybus
hid HID: logitech-dj: add support for the new lightspeed connection iteration 2021-03-17 17:06:24 +01:00
hsi HSI: Fix PM usage counter unbalance in ssi_hw_init 2021-03-04 11:37:52 +01:00
hv Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() 2021-03-04 11:37:46 +01:00
hwmon hwmon: (dell-smm) Add XPS 15 L502X to fan control blacklist 2021-02-26 10:13:00 +01:00
hwspinlock
hwtracing coresight: etm4x: Handle accesses to TRCSTALLCTLR 2021-03-04 11:38:37 +01:00
i2c i2c: rcar: optimize cacheline to minimize HW race condition 2021-03-17 17:06:22 +01:00
i3c i3c master: fix missing destroy_workqueue() on error in i3c_master_register 2021-01-06 14:56:53 +01:00
ide ide/falconide: Fix module unload 2021-03-04 11:38:21 +01:00
idle
iio iio: hid-sensor-temperature: Fix issues of timestamp channel 2021-03-25 09:04:16 +01:00
infiniband RDMA/mlx5: Allow creating all QPs even when non RDMA profile is used 2021-03-25 09:04:12 +01:00
input Input: applespi - don't wait for responses to commands indefinitely. 2021-03-17 17:06:24 +01:00
interconnect interconnect: imx8mq: Use icc_sync_state 2021-01-27 11:55:29 +01:00
iommu iommu/amd: Fix performance counter initialization 2021-03-17 17:06:24 +01:00
ipack
irqchip irqchip/ingenic: Add support for the JZ4760 2021-03-30 14:31:50 +02:00
isdn misdn: dsp: select CONFIG_BITREVERSE 2021-01-19 18:27:26 +01:00
leds leds: trigger: fix potential deadlock with libata 2021-02-03 23:28:41 +01:00
lightnvm lightnvm: fix memory leak when submit fails 2021-01-27 11:55:22 +01:00
macintosh macintosh/adb-iop: Use big-endian autopoll mask 2021-03-04 11:37:42 +01:00
mailbox mailbox: sprd: correct definition of SPRD_OUTBOX_FIFO_FULL 2021-03-04 11:38:15 +01:00
mcb
md dm ioctl: fix out of bounds array access when no devices 2021-03-30 14:31:56 +02:00
media media: rc: compile rc-cec.c into rc-core 2021-03-17 17:06:20 +01:00
memory memory: ti-aemif: Drop child node when jumping out loop 2021-03-04 11:37:25 +01:00
memstick memstick: r592: Fix error return in r592_probe() 2020-12-30 11:53:34 +01:00
message
mfd mfd: gateworks-gsc: Fix interrupt type 2021-03-04 11:38:40 +01:00
misc habanalabs: Call put_pid() when releasing control device 2021-03-30 14:31:50 +02:00
mmc mmc: cqhci: Fix random crash when remove mmc module/card 2021-03-17 17:06:28 +01:00
most
mtd mtd: spi-nor: hisi-sfc: Put child node np on error path 2021-03-04 11:38:37 +01:00
mux
net net: ipa: terminate message handler arrays 2021-03-30 14:31:58 +02:00
nfc nfc: s3fwrn5: Release the nfc firmware 2020-12-30 11:53:53 +01:00
ntb
nubus
nvdimm libnvdimm/dimm: Avoid race between probe and available_slots_show() 2021-02-10 09:29:17 +01:00
nvme nvme-pci: add the DISABLE_WRITE_ZEROES quirk for a Samsung PM1725a 2021-03-30 14:31:52 +02:00
nvmem nvmem: qcom-spmi-sdam: Fix uninitialized pdev pointer 2021-03-04 11:38:39 +01:00
of of: unittest: Fix build on architectures without CONFIG_OF_ADDRESS 2021-03-09 11:11:15 +01:00
opp opp: Correct debug message in _opp_add_static_v2() 2021-03-04 11:37:27 +01:00
oprofile
parisc
parport
pci PCI: rpadlpar: Fix potential drc_name corruption in store functions 2021-03-25 09:04:16 +01:00
pcmcia
perf perf/arm-cmn: Move IRQs when migrating context 2021-03-04 11:37:44 +01:00
phy phy: lantiq: rcu-usb2: wait after clock enable 2021-03-04 11:38:24 +01:00
pinctrl pinctrl: qcom: Don't clear pending interrupts when enabling 2021-01-27 11:55:27 +01:00
platform platform/x86: intel-vbtn: Stop reporting SW_DOCK events 2021-03-30 14:31:53 +02:00
pnp
power power: supply: smb347-charger: Fix interrupt usage if interrupt is unavailable 2021-03-04 11:37:59 +01:00
powercap
pps
ps3 powerpc/ps3: use dma_mapping_error() 2020-12-30 11:53:53 +01:00
ptp phy: dp83640: select CONFIG_CRC32 2021-01-17 14:17:02 +01:00
pwm pwm: iqs620a: Fix overflow and optimize calculations 2021-03-04 11:38:17 +01:00
rapidio
ras
regulator regulator: qcom-rpmh: Correct the pmic5_hfsmps515 buck 2021-03-30 14:31:51 +02:00
remoteproc remoteproc/mediatek: Fix kernel test robot warning 2021-03-07 12:34:15 +01:00
reset
rpmsg
rtc rtc: zynqmp: depend on HAS_IOMEM 2021-03-04 11:38:03 +01:00
s390 s390/qeth: schedule TX NAPI on QAOB completion 2021-03-25 09:04:13 +01:00
sbus
scsi scsi: ufs: ufs-qcom: Disable interrupt in reset path 2021-03-30 14:31:48 +02:00
sfi
sh
siox
slimbus slimbus: qcom: fix potential NULL dereference in qcom_slim_prg_slew() 2020-12-30 11:53:47 +01:00
soc soc: ti: omap-prm: Fix occasional abort on reset deassert for dra7 iva 2021-03-30 14:31:56 +02:00
soundwire soundwire: intel: fix possible crash when no device is detected 2021-03-04 11:38:22 +01:00
spi spi: cadence: set cqspi to the driver_data field of struct device 2021-03-25 09:04:04 +01:00
spmi spmi: spmi-pmic-arb: Fix hw_irq overflow 2021-03-04 11:38:40 +01:00
ssb
staging staging: rtl8192e: fix kconfig dependency on CRYPTO 2021-03-30 14:31:50 +02:00
target scsi: target: core: Prevent underflow for service actions 2021-03-17 17:06:26 +01:00
tc
tee optee: simplify i2c access 2021-03-04 11:37:28 +01:00
thermal thermal: cpufreq_cooling: freq_qos_update_request() returns < 0 on error 2021-03-04 11:38:41 +01:00
thunderbolt thunderbolt: Increase runtime PM reference count on DP tunnel discovery 2021-03-25 09:04:15 +01:00
tty serial: stm32: fix DMA initialization error handling 2021-03-25 09:04:10 +01:00
uio
usb usb: dwc3: gadget: Prevent EP queuing while stopping transfers 2021-03-25 09:04:15 +01:00
vdpa vdpa/mlx5: fix param validation in mlx5_vdpa_get_config() 2021-03-04 11:37:17 +01:00
vfio vfio: IOMMU_API should be selected 2021-03-25 09:04:08 +01:00
vhost vhost_vdpa: fix the missing irq_bypass_unregister_producer() invocation 2021-03-25 09:04:08 +01:00
video udlfb: Fix memory leak in dlfb_usb_probe 2021-03-07 12:34:04 +01:00
virt virt: vbox: Do not use wait_event_interruptible when called from kernel context 2021-03-04 11:37:18 +01:00
virtio virtio_ring: Fix two use after free bugs 2020-12-30 11:54:00 +01:00
visorbus
vlynq
vme
w1 w1: w1_therm: Fix conversion result for negative temperatures 2021-03-04 11:37:18 +01:00
watchdog watchdog: mei_wdt: request stop on unregister 2021-03-04 11:38:36 +01:00
xen xen/events: avoid handling the same event on two cpus at the same time 2021-03-17 17:06:37 +01:00
zorro
Kconfig
Makefile