Ksawlii/kernel_samsung_a53x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
kernel_samsung_a53x/drivers
History
Harald Freudenberger f7013c9d5a s390/ap: Fix crash in AP internal function modify_bitmap() 
commit d4f9d5a99a3fd1b1c691b7a1a6f8f3f25f4116c9 upstream.

A system crash like this

  Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403
  Fault in home space mode while using kernel ASCE.
  AS:00000002d71bc007 R3:00000003fe5b8007 S:000000011a446000 P:000000015660c13d
  Oops: 0038 ilc:3 [#1] PREEMPT SMP
  Modules linked in: mlx5_ib ...
  CPU: 8 PID: 7556 Comm: bash Not tainted 6.9.0-rc7 #8
  Hardware name: IBM 3931 A01 704 (LPAR)
  Krnl PSW : 0704e00180000000 0000014b75e7b606 (ap_parse_bitmap_str+0x10e/0x1f8)
  R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
  Krnl GPRS: 0000000000000001 ffffffffffffffc0 0000000000000001 00000048f96b75d3
  000000cb00000100 ffffffffffffffff ffffffffffffffff 000000cb7df6fce0
  000000cb7df6fce0 00000000ffffffff 000000000000002b 00000048ffffffff
  000003ff9b2dbc80 200000cb7df6fcd8 0000014bffffffc0 000000cb7df6fbc8
  Krnl Code: 0000014b75e7b5fc: a7840047            brc     8,0000014b75e7b68a
  0000014b75e7b600: 18b2                lr      %r11,%r2
  #0000014b75e7b602: a7f4000a            brc     15,0000014b75e7b616
  >0000014b75e7b606: eb22d00000e6        laog    %r2,%r2,0(%r13)
  0000014b75e7b60c: a7680001            lhi     %r6,1
  0000014b75e7b610: 187b                lr      %r7,%r11
  0000014b75e7b612: 84960021            brxh    %r9,%r6,0000014b75e7b654
  0000014b75e7b616: 18e9                lr      %r14,%r9
  Call Trace:
  [<0000014b75e7b606>] ap_parse_bitmap_str+0x10e/0x1f8
  ([<0000014b75e7b5dc>] ap_parse_bitmap_str+0xe4/0x1f8)
  [<0000014b75e7b758>] apmask_store+0x68/0x140
  [<0000014b75679196>] kernfs_fop_write_iter+0x14e/0x1e8
  [<0000014b75598524>] vfs_write+0x1b4/0x448
  [<0000014b7559894c>] ksys_write+0x74/0x100
  [<0000014b7618a440>] __do_syscall+0x268/0x328
  [<0000014b761a3558>] system_call+0x70/0x98
  INFO: lockdep is turned off.
  Last Breaking-Event-Address:
  [<0000014b75e7b636>] ap_parse_bitmap_str+0x13e/0x1f8
  Kernel panic - not syncing: Fatal exception: panic_on_oops

occured when /sys/bus/ap/a[pq]mask was updated with a relative mask value
(like +0x10-0x12,+60,-90) with one of the numeric values exceeding INT_MAX.

The fix is simple: use unsigned long values for the internal variables. The
correct checks are already in place in the function but a simple int for
the internal variables was used with the possibility to overflow.

Reported-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Tested-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Reviewed-by: Holger Dengler <dengler@linux.ibm.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-11-19 12:27:19 +01:00
..
accessibility speakup: Fix sizeof() vs ARRAY_SIZE() bug 2024-11-19 12:26:51 +01:00
acpi ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx 2024-11-19 12:27:13 +01:00
amba Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
android binder: check offset alignment in binder_get_object() 2024-11-19 11:32:22 +01:00
ata ata: pata_legacy: make legacy_exit() work again 2024-11-19 12:27:13 +01:00
atm atm: idt77252: fix a memleak in open_card_ubr0 2024-11-18 12:13:24 +01:00
auxdisplay Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
base x86/rfds: Mitigate Register File Data Sampling (RFDS) 2024-11-19 09:22:40 +01:00
battery drivers: battery_v2: sec_battery: export {CURRENT/VOLTAGE}_MAX to sysfs 2024-11-17 17:43:14 +01:00
bcma Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
block null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() 2024-11-19 12:27:08 +01:00
bluetooth Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 2024-11-19 11:32:38 +01:00
bts Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
bus bus: tegra-aconnect: Update dependency to ARCH_TEGRA 2024-11-19 08:44:45 +01:00
cdrom Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
char ppdev: Add an error check in register_device 2024-11-19 12:27:04 +01:00
clk clk: qcom: mmcc-msm8998: fix venus clock issue 2024-11-19 12:26:59 +01:00
clocksource clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware 2024-11-18 11:43:12 +01:00
connector Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
counter counter: microchip-tcb-capture: Fix the use of internal GCLK logic 2024-11-08 11:25:51 +01:00
cpufreq cpufreq: exit() callback is optional 2024-11-19 12:26:54 +01:00
cpuidle Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
crypto crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak 2024-11-19 12:27:18 +01:00
dax Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dca Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
devfreq PM / devfreq: Fix buffer overflow in trans_stat_show 2024-11-19 11:32:38 +01:00
dio Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dma dmaengine: idma64: Add check for dma_set_max_seg_size 2024-11-19 12:27:00 +01:00
dma-buf dma-buf/sw-sync: don't enable IRQ from sync_print_obj() 2024-11-19 12:27:10 +01:00
edac EDAC/thunderx: Fix possible out-of-bounds string access 2024-11-18 12:12:19 +01:00
eisa Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
extcon extcon: max8997: select IRQ_DOMAIN instead of depending on it 2024-11-19 12:27:04 +01:00
fingerprint Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
firewire firewire: nosy: ensure user_length is taken into account when fetching packet contents 2024-11-19 11:32:46 +01:00
firmware firmware: dmi-id: add a release callback function 2024-11-19 12:27:01 +01:00
fpga fpga: region: add owner module and take its refcount 2024-11-19 12:27:04 +01:00
fsi Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
gnss Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
gpio gpio: crystalcove: Use -ENOTSUPP consistently 2024-11-19 11:32:45 +01:00
gpu drm/amdgpu: add error handle to avoid out-of-bounds 2024-11-19 12:27:13 +01:00
greybus Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
gud Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
hid HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors 2024-11-19 12:26:56 +01:00
hsi Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
hv Drivers: hv: vmbus: Drop error message when 'No request id available' 2024-11-18 23:19:53 +01:00
hwmon hwmon: (shtc1) Fix property misspelling 2024-11-19 12:27:11 +01:00
hwspinlock Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
hwtracing intel_th: pci: Add Meteor Lake-S CPU support 2024-11-19 12:27:18 +01:00
i2c i2c: smbus: fix NULL function pointer dereference 2024-11-19 11:32:40 +01:00
i3c i3c: master: cdns: Update maximum prescaler value for i2c clock 2024-11-18 12:13:19 +01:00
ide Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
idle Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ifconn Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
iio iio: pressure: dps310: support negative temperature values 2024-11-19 12:27:03 +01:00
infiniband RDMA/IPoIB: Fix format truncation compilation errors 2024-11-19 12:27:00 +01:00
input Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation 2024-11-19 12:27:05 +01:00
interconnect interconnect: Treat xlate() returning NULL node as an error 2024-11-18 12:12:00 +01:00
iommu iommu/vt-d: Allocate local memory for page request queue 2024-11-19 11:32:20 +01:00
ipack Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
irqchip irqchip/loongson-pch-msi: Fix off-by-one on allocation error path 2024-11-19 12:26:54 +01:00
isdn Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
kperfmon Kperfmon: add xyunbound version 2024-06-15 16:28:49 -03:00
kq/mesh Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
leds leds: sgm3140: Add missing timer cleanup and flash gpio control 2024-11-19 08:44:56 +01:00
lightnvm Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
macintosh macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" 2024-11-19 12:26:55 +01:00
mailbox mailbox: imx: fix suspend failue 2024-11-19 11:32:20 +01:00
mcb mcb: fix error handling for different scenarios when parsing 2024-11-18 11:43:25 +01:00
md md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING 2024-11-19 12:27:16 +01:00
media media: v4l2-core: hold videodev_lock until dev reg, finishes 2024-11-19 12:27:17 +01:00
memory Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
memstick Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
message Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
mfd mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref 2024-11-19 08:44:54 +01:00
misc mei: me: add lunar lake point M DID 2024-11-19 11:32:49 +01:00
mmc mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A 2024-11-19 12:27:18 +01:00
most Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
mtd mtd: rawnand: hynix: fixed typo 2024-11-19 12:26:57 +01:00
muic Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
mux Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
net wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path 2024-11-19 12:27:16 +01:00
nfc NFC: trf7970a: disable all regulators on removal 2024-11-19 11:32:37 +01:00
ntb Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
nubus Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
nvdimm nd_btt: Make BTT lanes preemptible 2024-11-18 11:43:03 +01:00
nvme nvmet: fix ns enable/disable possible hang 2024-11-19 12:27:10 +01:00
nvmem nvmem: meson-efuse: fix function pointer type mismatch 2024-11-19 09:22:34 +01:00
of of: dynamic: Synchronize of_changeset_destroy() with the devlink removals 2024-11-19 09:23:10 +01:00
opp OPP: debugfs: Fix warning around icc_get_name() 2024-11-19 08:44:49 +01:00
oprofile Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
parisc Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
parport parport: parport_serial: Add Brainboxes device IDs and geometry 2024-11-18 12:12:19 +01:00
pci PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 2024-11-19 12:27:04 +01:00
pcmcia pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() 2024-11-18 11:43:06 +01:00
perf perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7 2024-11-08 11:24:52 +01:00
phy phy: tegra: xusb: Add API to retrieve the port number of phy 2024-11-19 09:22:34 +01:00
pinctrl pinctrl: core: handle radix_tree_insert() errors in pinctrl_register_one_pin() 2024-11-19 12:26:38 +01:00
platform platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet 2024-11-19 09:23:14 +01:00
pnp PNP: ACPI: fix fortify warning 2024-11-18 12:13:09 +01:00
power power: rt9455: hide unused rt9455_boost_voltage_values 2024-11-19 11:32:42 +01:00
powercap Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
pps Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ps3 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ptp ptp: annotate data-race around q->head and q->tail 2024-11-18 11:43:19 +01:00
pwm pwm: jz4740: Don't use dev_err_probe() in .request() 2024-11-18 12:12:47 +01:00
rapidio Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ras Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
regulator regulator: bd71828: Don't overwrite runtime voltages 2024-11-19 12:27:09 +01:00
remoteproc remoteproc: stm32: fix phys_addr_t format string 2024-11-19 08:45:00 +01:00
reset reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning 2024-11-18 12:12:16 +01:00
rpmsg rpmsg: virtio: Free driver_override when rpmsg_remove() 2024-11-18 12:12:56 +01:00
rtc rtc: mt6397: select IRQ_DOMAIN instead of depending on it 2024-11-19 08:44:58 +01:00
s390 s390/ap: Fix crash in AP internal function modify_bitmap() 2024-11-19 12:27:19 +01:00
samsung Fix clang 16 errors treewide 2024-06-15 16:28:48 -03:00
sbus Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
scsi scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy() 2024-11-19 12:27:06 +01:00
sensorhub treewide: fix build errors 2024-06-15 16:21:17 -03:00
sensors Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
sfi Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
sh Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
siox Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
slimbus slimbus: core: Remove usage of the deprecated ida_simple_xx() API 2024-11-19 09:22:34 +01:00
soc soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE 2024-11-19 12:26:52 +01:00
soundwire soundwire: cadence: fix invalid PDI offset 2024-11-19 12:27:00 +01:00
spi spi: stm32: Don't warn about spurious interrupts 2024-11-19 12:27:10 +01:00
spmi Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
spu_verify Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ssb Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
staging greybus: arche-ctrl: move device table to its right location 2024-11-19 12:27:01 +01:00
sti Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
target scsi: target: Fix SELinux error when systemd-modules loads the target module 2024-11-19 11:32:44 +01:00
tc Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
tee tee: optee: Fix kernel panic caused by incorrect error handling 2024-11-19 09:22:39 +01:00
thermal thermal: core: prevent potential string overflow 2024-11-18 11:42:50 +01:00
thunderbolt thunderbolt: Fix wake configurations after device unplug 2024-11-19 11:32:22 +01:00
tty serial: sh-sci: protect invalidating RXDMA on shutdown 2024-11-19 12:27:05 +01:00
uh Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
uio uio: Fix use-after-free in uio_open 2024-11-18 12:12:19 +01:00
usb usb: gadget: u_audio: Clear uac pointer when freed. 2024-11-19 12:27:04 +01:00
vdpa Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
vfio vfio/fsl-mc: Block calling interrupt handler without trigger 2024-11-19 09:22:45 +01:00
vhost vhost: Add smp_rmb() in vhost_vq_avail_empty() 2024-11-19 11:32:20 +01:00
vibrator Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
video fbdev: savage: Handle err return when savagefb_check_var failed 2024-11-19 12:27:18 +01:00
virt Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
virtio virtio: delete vq in vp_find_vqs_msix() when request_irq() fails 2024-11-19 12:27:09 +01:00
vision Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
vision3 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
visorbus Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
vlynq Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
vme Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
w1 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
watchdog watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin 2024-11-19 12:27:18 +01:00
xen xen/events: close evtchn after mapping cleanup 2024-11-19 09:22:39 +01:00
zorro Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
Kconfig drivers: add stub kperfmon 2024-06-15 16:28:49 -03:00
Kconfig.variant1 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
Makefile drivers: add stub kperfmon 2024-06-15 16:28:49 -03:00
Makefile.variant1 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00