Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp1998785rwi; Sat, 15 Oct 2022 06:30:33 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6GGVG7LXqUPIeUSkEXKcR4jy5qhx6yBFWOh9uegDSZ/d9opH7BQpx3EtPXLKD9CvX1af/w X-Received: by 2002:a17:902:e0d1:b0:17f:821d:24bb with SMTP id e17-20020a170902e0d100b0017f821d24bbmr2756451pla.6.1665840633081; Sat, 15 Oct 2022 06:30:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1665840633; cv=none; d=google.com; s=arc-20160816; b=M5RS89D1nux2HHfGZvk0aXJeiIiN1uOjrWQIYdJlD3AMQ6fepd/apmCKfhMLPmyrFc a+XwUI2zFtFjqR2ojVjf9y3AlrYBR/uXkscWj+NqktX1ajKO5UbWlyER8B+eGOF4afs2 JFF2JTbziPTDjmepdJ091flQqbSNarxREr3V9X9M9P1fYK/GbuMJZCEnrFH1odma0Hff fPjHORw81hNyQBi7ifIi7GXTKySkcqR5UxyxYCg4qS2HaVWEzqtk5cSpqu6Y5NfrrIqz HZSBPGiZJG5zkpx3yMnFkb5Xc39DxNal8GSHyGQCtVwioWfBvN2hVsHAhkmEEAipl4MT NZrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=v3o8F6Hzv4+9QpbVUjQpNY/Hm0jPjQUR08yEruJJQK4=; b=AG6jjVDx9MDM46mMCWwD2xaUMpaZJoD688aQ/NXuicK6bSJo1DUELkM9oe2gDJbI2P fimpOQVvqTOFeLHeezrHraOntT+zCm2ODC2wbMW+AwtAPMqM3SGLDBeBv1q7XIP2qxT0 NYPPN7+msA/pG0GrcqAJEmzGVwvBlIdDxGaE4+7aaVKtoVyiqjPe5D0fFTaE41cC38nj KdV0RrEYMwrmPsjy3o45QH/NQNw4J30vRPjFU3hy3kW/P9dOusIBW/BpsMoinBA03JkA F0XeRtEXnVK0ffZuxmTi0KMMJlOIgcicOd/uiMO8T1OkYaUKtjIMFN7vt5cOjygR+/23 fAlg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=OShDUJrY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k10-20020a056a00134a00b00562fc008395si5669927pfu.341.2022.10.15.06.30.15; Sat, 15 Oct 2022 06:30:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=OShDUJrY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229696AbiJONEu (ORCPT + 99 others); Sat, 15 Oct 2022 09:04:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48466 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229783AbiJONEo (ORCPT ); Sat, 15 Oct 2022 09:04:44 -0400 Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1EF7D13E23 for ; Sat, 15 Oct 2022 06:04:43 -0700 (PDT) Received: by mail-wr1-x433.google.com with SMTP id j7so11451983wrr.3 for ; Sat, 15 Oct 2022 06:04:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=v3o8F6Hzv4+9QpbVUjQpNY/Hm0jPjQUR08yEruJJQK4=; b=OShDUJrY8x7Bxem/6fuook3QozFgTgEl8mMG4Okk1cfdPk7azgJuv4+IcnEgv6XHtw uKxUvazHxrkQIQYqYLerac0YhNXrKHmXlqwPQ1eGFfwLRYctRe47JyLrU8ZPMhdZ9X40 h4eOJsP4bGaRn86Jx4QRRIxxXsrRj5gPR2Xo6ag5d+1bjPflMp6jpipzvinWXUdp7UOS puOoeR8iszX+9KXCt/HQRdVdy6qVF2PNmtnWiJR09JzfG+LCJt0d57fNVaJw3O6fv2h8 7s96Y1LmG7fRYZ8522UGKBxS5OTQeFAFimm0jam2ZFvtZNg3q94XhwSVLKWHLYZJv7vU R0tA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=v3o8F6Hzv4+9QpbVUjQpNY/Hm0jPjQUR08yEruJJQK4=; b=WNGJ4Rvd3R925RBnOyiwz1AdfYCNT5Dx6BRn8WwZbimRoDdbydKIGJLsdFaCuscuNz aAt6fGCEwbNEqoh15aQadESecBFAN6AjMhA9EPJ47Q3QhdX0oZpWjgvLKnYoNN8VZ1Hm KCGhpIQ8nUoOJEOgAOYbjWmDANvKAJHsOXGQRlROxpjbiWypYzqbMTX0fcp3ub28VaqH s6zzyOdQtA9qfB19smt6rybhPKGPiD1C2JRp9Nt3O3jA/d1fpzN9BIZECHbGZapI/PGt fF8Hyfz3WhqbYJj3ijAnrBFcTRpDrpQ3hK1/a4gwiu8HfAvYoY+divd++OKCFFzBDtIW FALQ== X-Gm-Message-State: ACrzQf3ziBLp+66/Z5uJZn/SQzEjhLovz2SWvGsmpJ2JRPnyOOyNFpSG 0rn4JCGmjef6U/nBNjmy9b/odQ== X-Received: by 2002:a05:6000:144d:b0:231:5786:f763 with SMTP id v13-20020a056000144d00b002315786f763mr1441807wrx.313.1665839081533; Sat, 15 Oct 2022 06:04:41 -0700 (PDT) Received: from radium.lan ([88.160.162.107]) by smtp.gmail.com with ESMTPSA id r12-20020adff10c000000b00225239d9265sm4151282wro.74.2022.10.15.06.04.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 15 Oct 2022 06:04:41 -0700 (PDT) From: Fabien Parent To: ilia.lin@kernel.org, agross@kernel.org, andersson@kernel.org, rafael@kernel.org, viresh.kumar@linaro.org Cc: linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-pm@vger.kernel.org, Fabien Parent Subject: [PATCH v2 2/3] cpufreq: qcom: fix writes in read-only memory region Date: Sat, 15 Oct 2022 15:04:23 +0200 Message-Id: <20221015130424.1923706-2-fabien.parent@linaro.org> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20221015130424.1923706-1-fabien.parent@linaro.org> References: <20221015130424.1923706-1-fabien.parent@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This commit fixes a kernel oops because of a write in some read-only memory: [ 9.068287] Unable to handle kernel write to read-only memory at virtual address ffff800009240ad8 ..snip.. [ 9.138790] Internal error: Oops: 9600004f [#1] PREEMPT SMP ..snip.. [ 9.269161] Call trace: [ 9.276271] __memcpy+0x5c/0x230 [ 9.278531] snprintf+0x58/0x80 [ 9.282002] qcom_cpufreq_msm8939_name_version+0xb4/0x190 [ 9.284869] qcom_cpufreq_probe+0xc8/0x39c ..snip.. The following line defines a pointer that point to a char buffer stored in read-only memory: char *pvs_name = "speedXX-pvsXX-vXX"; This pointer is meant to hold a template "speedXX-pvsXX-vXX" where the XX values get overridden by the qcom_cpufreq_krait_name_version function. Since the template is actually stored in read-only memory, when the function executes the following call we get an oops: snprintf(*pvs_name, sizeof("speedXX-pvsXX-vXX"), "speed%d-pvs%d-v%d", speed, pvs, pvs_ver); To fix this issue, we instead store the template name onto the stack by using the following syntax: char pvs_name_buffer[] = "speedXX-pvsXX-vXX"; Because the `pvs_name` needs to be able to be assigned to NULL, the template buffer is stored in the pvs_name_buffer and not under the pvs_name variable. Fixes: a8811ec764f9 ("cpufreq: qcom: Add support for krait based socs") Signed-off-by: Fabien Parent --- v2: * Added missing "Fixes" tag * Rebased to not depend on another non-bug fix patch drivers/cpufreq/qcom-cpufreq-nvmem.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/cpufreq/qcom-cpufreq-nvmem.c b/drivers/cpufreq/qcom-cpufreq-nvmem.c index 3bd38acde4b9..82e0339d7722 100644 --- a/drivers/cpufreq/qcom-cpufreq-nvmem.c +++ b/drivers/cpufreq/qcom-cpufreq-nvmem.c @@ -265,7 +265,8 @@ static int qcom_cpufreq_probe(struct platform_device *pdev) struct nvmem_cell *speedbin_nvmem; struct device_node *np; struct device *cpu_dev; - char *pvs_name = "speedXX-pvsXX-vXX"; + char pvs_name_buffer[] = "speedXX-pvsXX-vXX"; + char *pvs_name = pvs_name_buffer; unsigned cpu; const struct of_device_id *match; int ret; -- 2.37.2