AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-12-15 16:46:49 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
47b037a051
linux_dsm_epyc7002/drivers/media/v4l2-core
History
Tuukka Toivonen 47b037a051 [media] v4l2-async: failing functions shouldn't have side effects 
v4l2-async had several functions doing some operations and then
not undoing the operations in a failure situation. For example,
v4l2_async_test_notify() moved a subdev into notifier's done list
even if registering the subdev (v4l2_device_register_subdev) failed.
If the subdev was allocated and v4l2_async_register_subdev() called
from the driver's probe() function, as usually, the probe()
function freed the allocated subdev and returned a failure.
Nevertheless, the subdev was still left into the notifier's done
list, causing an access to already freed memory when the notifier
was later unregistered.

A hand-edited call trace leaving freed subdevs into the notifier:

v4l2_async_register_notifier(notifier, asd)
cameradrv_probe
 sd = devm_kzalloc()
 v4l2_async_register_subdev(sd)
  v4l2_async_test_notify(notifier, sd, asd)
   list_move(sd, &notifier->done)
   v4l2_device_register_subdev(notifier->v4l2_dev, sd)
    cameradrv_registered(sd) -> fails
->v4l2_async_register_subdev returns failure
->cameradrv_probe returns failure
->devres frees the allocated sd
->sd was freed but it still remains in the notifier's list.

This patch fixes this and several other cases where a failing
function could leave nodes into a linked list while the caller
might free the node due to a failure.

Signed-off-by: Tuukka Toivonen <tuukka.toivonen@intel.com>
Acked-by: Sakari Ailus <sakari.ailus@linux.intel.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
2017-02-03 14:51:56 -02:00
..
Kconfig [media] v4l2-dv-timings: add helpers for vic and pixelaspect ratio 2016-11-16 15:20:03 -02:00
Makefile [media] v4l2-mc: add a generic function to create the media graph 2016-02-10 07:23:40 -02:00
tuner-core.c [media] tuner-core: use pr_foo, instead of internal printk macros 2016-11-18 10:04:28 -02:00
v4l2-async.c [media] v4l2-async: failing functions shouldn't have side effects 2017-02-03 14:51:56 -02:00
v4l2-clk.c [media] v4l2-clk: v4l2_clk_get() also need to find the of_fullname clock 2015-11-17 15:19:52 -02:00
v4l2-common.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
v4l2-compat-ioctl32.c [media] v4l: compat: Prevent allocating excessive amounts of memory 2016-11-22 10:31:23 -02:00
v4l2-ctrls.c [media] v4l2-ctrls.c: add NULL check 2017-02-03 11:24:48 -02:00
v4l2-dev.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
v4l2-device.c [media] v4l: subdev: Clean up properly in subdev devnode registration error path 2017-02-03 14:23:38 -02:00
v4l2-dv-timings.c [media] v4l2-dv-timings: add helpers for vic and pixelaspect ratio 2016-11-16 15:20:03 -02:00
v4l2-event.c [media] media: Drop FSF's postal address from the source code files 2017-01-27 11:38:09 -02:00
v4l2-fh.c [media] media: Drop FSF's postal address from the source code files 2017-01-27 11:38:09 -02:00
v4l2-flash-led-class.c [media] v4l2-flash-led-class: remove a now unused var 2016-10-24 18:51:29 -02:00
v4l2-ioctl.c [media] v4l: Add description of the Y8I, Y12I and Z16 formats 2016-11-23 20:04:43 -02:00
v4l2-mc.c [media] media: Protect enable_source and disable_source handler code paths 2017-02-03 07:39:35 -02:00
v4l2-mem2mem.c [media] v4l2-mem2mem.h: move descriptions from .c file 2016-09-09 10:05:32 -03:00
v4l2-of.c [media] v4l: of: Correct v4l2_of_parse_endpoint() kernel-doc 2016-02-01 10:01:22 -02:00
v4l2-subdev.c [media] media: Drop FSF's postal address from the source code files 2017-01-27 11:38:09 -02:00
v4l2-trace.c [media] media: videobuf2: Prepare to divide videobuf2 2015-10-20 15:12:45 -02:00
vb2-trace.c [media] media: videobuf2: Prepare to divide videobuf2 2015-10-20 15:12:45 -02:00
videobuf2-core.c [media] v4l2-core: don't break long lines 2016-10-21 09:56:08 -02:00
videobuf2-dma-contig.c [media] vb2: add WARN_ONs checking if a valid struct device was passed 2016-08-24 10:18:42 -03:00
videobuf2-dma-sg.c [media] vb2: add WARN_ONs checking if a valid struct device was passed 2016-08-24 10:18:42 -03:00
videobuf2-dvb.c [media] add media controller support to videobuf2-dvb 2016-02-10 07:23:41 -02:00
videobuf2-memops.c mm: replace get_vaddr_frames() write/force parameters with gup_flags 2016-10-19 08:11:24 -07:00
videobuf2-v4l2.c [media] v4l2-core: don't break long lines 2016-10-21 09:56:08 -02:00
videobuf2-vmalloc.c [media] v4l2-core: don't break long lines 2016-10-21 09:56:08 -02:00
videobuf-core.c [media] v4l2-core: don't break long lines 2016-10-21 09:56:08 -02:00
videobuf-dma-contig.c [media] videobuf-dma-contig: set vm_pgoff to be zero to pass the sanity check in vm_iomap_memory() 2014-10-24 09:32:41 -02:00
videobuf-dma-sg.c mm: use vmf->address instead of of vmf->virtual_address 2016-12-14 16:04:09 -08:00
videobuf-dvb.c
videobuf-vmalloc.c [media] Revert "[media] videobuf_vm_{open,close} race fixes" 2014-02-04 06:29:46 -02:00