In Linux-4.16, drivers/video/fbdev/broadsheetfb.c,
158. static void broadsheet_mmio_send_cmdargs(...) {
......
163. par->board->mmio_write(...);
......
166. par->board->mmio_write(...);
167. }
For x86 kernel configuration, I find that there is no assignment of the
function pointer ".mmio_write" in the kernel code.
So calling the function pointer in lines 163 and 166 may cause a null
pointer dereference.
In this file, there are many calls to this function pointer...
Best wishes,
Jia-Ju Bai
On Thursday, July 26, 2018 10:17:44 PM bai wrote:
> In Linux-4.16, drivers/video/fbdev/broadsheetfb.c,
>
> 158. static void broadsheet_mmio_send_cmdargs(...) {
> ......
> 163. par->board->mmio_write(...);
> ......
> 166. par->board->mmio_write(...);
> 167. }
>
> For x86 kernel configuration, I find that there is no assignment of the
> function pointer ".mmio_write" in the kernel code.
> So calling the function pointer in lines 163 and 166 may cause a null
> pointer dereference.
>
> In this file, there are many calls to this function pointer...
This is a platform driver and it won't be used on x86 (actually it is
used only by single ARM PXA board). The dependency for FB_BROADSHEET
in Kconfig file could be improved to i.e.
depends on FB && (ARCH_PXA || COMPILE_TEST)
but there is no bug there.
Best regards,
--
Bartlomiej Zolnierkiewicz
Samsung R&D Institute Poland
Samsung Electronics
On 2018/7/26 22:34, Bartlomiej Zolnierkiewicz wrote:
> On Thursday, July 26, 2018 10:17:44 PM bai wrote:
>> In Linux-4.16, drivers/video/fbdev/broadsheetfb.c,
>>
>> 158. static void broadsheet_mmio_send_cmdargs(...) {
>> ......
>> 163. par->board->mmio_write(...);
>> ......
>> 166. par->board->mmio_write(...);
>> 167. }
>>
>> For x86 kernel configuration, I find that there is no assignment of the
>> function pointer ".mmio_write" in the kernel code.
>> So calling the function pointer in lines 163 and 166 may cause a null
>> pointer dereference.
>>
>> In this file, there are many calls to this function pointer...
> This is a platform driver and it won't be used on x86 (actually it is
> used only by single ARM PXA board). The dependency for FB_BROADSHEET
> in Kconfig file could be improved to i.e.
>
> depends on FB && (ARCH_PXA || COMPILE_TEST)
>
> but there is no bug there.
Thanks for the reply :)
So I want to submit a patch of updating Kconfig in
drivers/video/fbdev/Kconfig:
config FB_BROADSHEET
tristate "E-Ink Broadsheet/Epson S1D13521 controller support"
- depends on FB
+ depends on FB && (ARCH_PXA || COMPILE_TEST)
select FB_SYS_FILLRECT
select FB_SYS_COPYAREA
select FB_SYS_IMAGEBLIT
select FB_SYS_FOPS
select FB_DEFERRED_IO
Do you think it is okay?
Best wishes,
Jia-Ju Bai
On Friday, July 27, 2018 09:49:41 AM Jia-Ju Bai wrote:
>
> On 2018/7/26 22:34, Bartlomiej Zolnierkiewicz wrote:
> > On Thursday, July 26, 2018 10:17:44 PM bai wrote:
> >> In Linux-4.16, drivers/video/fbdev/broadsheetfb.c,
> >>
> >> 158. static void broadsheet_mmio_send_cmdargs(...) {
> >> ......
> >> 163. par->board->mmio_write(...);
> >> ......
> >> 166. par->board->mmio_write(...);
> >> 167. }
> >>
> >> For x86 kernel configuration, I find that there is no assignment of the
> >> function pointer ".mmio_write" in the kernel code.
> >> So calling the function pointer in lines 163 and 166 may cause a null
> >> pointer dereference.
> >>
> >> In this file, there are many calls to this function pointer...
> > This is a platform driver and it won't be used on x86 (actually it is
> > used only by single ARM PXA board). The dependency for FB_BROADSHEET
> > in Kconfig file could be improved to i.e.
> >
> > depends on FB && (ARCH_PXA || COMPILE_TEST)
> >
> > but there is no bug there.
>
> Thanks for the reply :)
> So I want to submit a patch of updating Kconfig in
> drivers/video/fbdev/Kconfig:
>
> config FB_BROADSHEET
> tristate "E-Ink Broadsheet/Epson S1D13521 controller support"
> - depends on FB
> + depends on FB && (ARCH_PXA || COMPILE_TEST)
> select FB_SYS_FILLRECT
> select FB_SYS_COPYAREA
> select FB_SYS_IMAGEBLIT
> select FB_SYS_FOPS
> select FB_DEFERRED_IO
>
>
> Do you think it is okay?
Please read Documentation/process/submitting-patches.rst.
Best regards,
--
Bartlomiej Zolnierkiewicz
Samsung R&D Institute Poland
Samsung Electronics