From: Kangjie Lu <[email protected]>
[ Upstream commit 1d84353d205a953e2381044953b7fa31c8c9702d ]
In case ioremap fails, the fix releases resources and returns
-ENOMEM to avoid NULL pointer dereferences.
Signed-off-by: Kangjie Lu <[email protected]>
Cc: Aditya Pakki <[email protected]>
Cc: Finn Thain <[email protected]>
Cc: Rob Herring <[email protected]>
Cc: Greg Kroah-Hartman <[email protected]>
[b.zolnierkie: minor patch summary fixup]
Signed-off-by: Bartlomiej Zolnierkiewicz <[email protected]>
Signed-off-by: Sasha Levin <[email protected]>
---
drivers/video/fbdev/imsttfb.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/video/fbdev/imsttfb.c b/drivers/video/fbdev/imsttfb.c
index 9b167f7ef6c69..4994a540f6809 100644
--- a/drivers/video/fbdev/imsttfb.c
+++ b/drivers/video/fbdev/imsttfb.c
@@ -1517,6 +1517,11 @@ static int imsttfb_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
info->fix.smem_start = addr;
info->screen_base = (__u8 *)ioremap(addr, par->ramdac == IBM ?
0x400000 : 0x800000);
+ if (!info->screen_base) {
+ release_mem_region(addr, size);
+ framebuffer_release(info);
+ return -ENOMEM;
+ }
info->fix.mmio_start = addr + 0x800000;
par->dc_regs = ioremap(addr + 0x800000, 0x1000);
par->cmap_regs_phys = addr + 0x840000;
--
2.20.1
On Sat, Jun 01, 2019 at 09:25:48AM -0400, Sasha Levin wrote:
> From: Kangjie Lu <[email protected]>
>
> [ Upstream commit 1d84353d205a953e2381044953b7fa31c8c9702d ]
>
> In case ioremap fails, the fix releases resources and returns
> -ENOMEM to avoid NULL pointer dereferences.
>
> Signed-off-by: Kangjie Lu <[email protected]>
> Cc: Aditya Pakki <[email protected]>
> Cc: Finn Thain <[email protected]>
> Cc: Rob Herring <[email protected]>
> Cc: Greg Kroah-Hartman <[email protected]>
> [b.zolnierkie: minor patch summary fixup]
> Signed-off-by: Bartlomiej Zolnierkiewicz <[email protected]>
> Signed-off-by: Sasha Levin <[email protected]>
> ---
> drivers/video/fbdev/imsttfb.c | 5 +++++
> 1 file changed, 5 insertions(+)
Why only 4.4.y? Shouldn't this be queued up for everything or none?
thanks,
greg k-h
On Sat, 1 Jun 2019, Greg Kroah-Hartman wrote:
> On Sat, Jun 01, 2019 at 09:25:48AM -0400, Sasha Levin wrote:
> > From: Kangjie Lu <[email protected]>
> >
> > [ Upstream commit 1d84353d205a953e2381044953b7fa31c8c9702d ]
> > ...
>
> Why only 4.4.y? Shouldn't this be queued up for everything or none?
>
> thanks,
>
> greg k-h
>
Also, why not check the result of the other ioremap calls? (I should have
checked that when this first crossed my inbox...)
From 1d84353d205a953e2381044953b7fa31c8c9702d Mon Sep 17 00:00:00 2001
From: Kangjie Lu <[email protected]>
Date: Mon, 1 Apr 2019 17:46:58 +0200
Subject: [PATCH] video: imsttfb: fix potential NULL pointer dereferences
In case ioremap fails, the fix releases resources and returns
-ENOMEM to avoid NULL pointer dereferences.
Signed-off-by: Kangjie Lu <[email protected]>
Cc: Aditya Pakki <[email protected]>
Cc: Finn Thain <[email protected]>
Cc: Rob Herring <[email protected]>
Cc: Greg Kroah-Hartman <[email protected]>
[b.zolnierkie: minor patch summary fixup]
Signed-off-by: Bartlomiej Zolnierkiewicz <[email protected]>
diff --git a/drivers/video/fbdev/imsttfb.c b/drivers/video/fbdev/imsttfb.c
index 4b9615e4ce74..35bba3c2036d 100644
--- a/drivers/video/fbdev/imsttfb.c
+++ b/drivers/video/fbdev/imsttfb.c
@@ -1515,6 +1515,11 @@ static int imsttfb_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
info->fix.smem_start = addr;
info->screen_base = (__u8 *)ioremap(addr, par->ramdac == IBM ?
0x400000 : 0x800000);
+ if (!info->screen_base) {
+ release_mem_region(addr, size);
+ framebuffer_release(info);
+ return -ENOMEM;
+ }
info->fix.mmio_start = addr + 0x800000;
par->dc_regs = ioremap(addr + 0x800000, 0x1000);
par->cmap_regs_phys = addr + 0x840000;
On Sat, Jun 01, 2019 at 09:19:29AM -0700, Greg Kroah-Hartman wrote:
>On Sat, Jun 01, 2019 at 09:25:48AM -0400, Sasha Levin wrote:
>> From: Kangjie Lu <[email protected]>
>>
>> [ Upstream commit 1d84353d205a953e2381044953b7fa31c8c9702d ]
>>
>> In case ioremap fails, the fix releases resources and returns
>> -ENOMEM to avoid NULL pointer dereferences.
>>
>> Signed-off-by: Kangjie Lu <[email protected]>
>> Cc: Aditya Pakki <[email protected]>
>> Cc: Finn Thain <[email protected]>
>> Cc: Rob Herring <[email protected]>
>> Cc: Greg Kroah-Hartman <[email protected]>
>> [b.zolnierkie: minor patch summary fixup]
>> Signed-off-by: Bartlomiej Zolnierkiewicz <[email protected]>
>> Signed-off-by: Sasha Levin <[email protected]>
>> ---
>> drivers/video/fbdev/imsttfb.c | 5 +++++
>> 1 file changed, 5 insertions(+)
>
>Why only 4.4.y? Shouldn't this be queued up for everything or none?
It's on all branches. Something weird happened with git-send-email and
mail.kernel.org, and apparently the rest of the branches didn't get all
their mails sent out. Sadly I don't have the logs for that :(
--
Thanks,
Sasha