# git rev-parse -q --verify 78e7b15e17ac175e7eed9e21c6f92d03d3b0a6fa^{commit} 78e7b15e17ac175e7eed9e21c6f92d03d3b0a6fa already have revision, skipping fetch # git checkout -q -f -B kisskb 78e7b15e17ac175e7eed9e21c6f92d03d3b0a6fa # git clean -qxdf # < git log -1 # commit 78e7b15e17ac175e7eed9e21c6f92d03d3b0a6fa # Author: Radu Rendec # Date: Tue Nov 27 22:20:48 2018 -0500 # # powerpc/msi: Fix NULL pointer access in teardown code # # The arch_teardown_msi_irqs() function assumes that controller ops # pointers were already checked in arch_setup_msi_irqs(), but this # assumption is wrong: arch_teardown_msi_irqs() can be called even when # arch_setup_msi_irqs() returns an error (-ENOSYS). # # This can happen in the following scenario: # - msi_capability_init() calls pci_msi_setup_msi_irqs() # - pci_msi_setup_msi_irqs() returns -ENOSYS # - msi_capability_init() notices the error and calls free_msi_irqs() # - free_msi_irqs() calls pci_msi_teardown_msi_irqs() # # This is easier to see when CONFIG_PCI_MSI_IRQ_DOMAIN is not set and # pci_msi_setup_msi_irqs() and pci_msi_teardown_msi_irqs() are just # aliases to arch_setup_msi_irqs() and arch_teardown_msi_irqs(). # # The call to free_msi_irqs() upon pci_msi_setup_msi_irqs() failure # seems legit, as it does additional cleanup; e.g. # list_del(&entry->list) and kfree(entry) inside free_msi_irqs() do # happen (MSI descriptors are allocated before pci_msi_setup_msi_irqs() # is called and need to be cleaned up if that fails). # # Fixes: 6b2fd7efeb88 ("PCI/MSI/PPC: Remove arch_msi_check_device()") # Cc: stable@vger.kernel.org # v3.18+ # Signed-off-by: Radu Rendec # Signed-off-by: Michael Ellerman # < /opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux-gcc --version # < git log --format=%s --max-count=1 78e7b15e17ac175e7eed9e21c6f92d03d3b0a6fa # < make -s -j 48 ARCH=powerpc O=/kisskb/build/powerpc-fixes_85xx_sbc8548_defconfig_powerpc CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- 85xx/sbc8548_defconfig # make -s -j 48 ARCH=powerpc O=/kisskb/build/powerpc-fixes_85xx_sbc8548_defconfig_powerpc CROSS_COMPILE=/opt/cross/kisskb/gcc-4.6.3-nolibc/powerpc-linux/bin/powerpc-linux- /kisskb/src/kernel/printk/printk.c: In function 'devkmsg_sysctl_set_loglvl': /kisskb/src/kernel/printk/printk.c:186:16: warning: 'old' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/proc/inode.c: In function 'proc_reg_open': /kisskb/src/include/linux/list.h:65:12: warning: 'pdeo' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/fs/proc/inode.c:341:21: note: 'pdeo' was declared here /kisskb/src/drivers/tty/serial/8250/8250_core.c: In function 'univ8250_release_irq': /kisskb/src/drivers/tty/serial/8250/8250_core.c:247:18: warning: 'i' may be used uninitialized in this function [-Wuninitialized] /kisskb/src/drivers/tty/serial/8250/8250_core.c:227:19: note: 'i' was declared here INFO: Uncompressed kernel (size 0x464208) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x500000) INFO: Uncompressed kernel (size 0x453bc0) overlaps the address of the wrapper(0x400000) INFO: Fixing the link_address of wrapper to (0x500000) Image Name: Linux-4.20.0-rc1-g78e7b15e17ac Created: Fri Nov 30 00:37:02 2018 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2199432 Bytes = 2147.88 KiB = 2.10 MiB Load Address: 00000000 Entry Point: 00000000 Image Name: Linux-4.20.0-rc1-g78e7b15e17ac Created: Fri Nov 30 00:37:02 2018 Image Type: PowerPC Linux Kernel Image (gzip compressed) Data Size: 2228957 Bytes = 2176.72 KiB = 2.13 MiB Load Address: 00500000 Entry Point: 005002a8 Completed OK # rm -rf /kisskb/build/powerpc-fixes_85xx_sbc8548_defconfig_powerpc # Build took: 0:00:34.688612