linux_dsm_epyc7002

mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-12-16 10:06:42 +07:00

History

wenlin.kang 7e98f60003 usb: gadget: printer: fix memory leak When read data from g_printer, we see a Segmentation fault. eg: Unable to handle kernel paging request at virtual address bf048000 pgd = cf038000 [bf048000] pgd=8e8cf811, pte=00000000, *ppte=00000000 Internal error: Oops: 7 [#1] PREEMPT ARM Modules linked in: bluetooth rfcomm g_printer CPU: 0 Not tainted (3.4.43-WR5.0.1.9_standard #1) PC is at __copy_to_user_std+0x310/0x3a8 LR is at 0x4c808010 pc : [<c036e990>] lr : [<4c808010>] psr: 20000013 sp : cf883ea8 ip : 80801018 fp : cf883f24 r10: bf04706c r9 : 18a21205 r8 : 21953888 r7 : 201588aa r6 : 5109aa16 r5 : 0705aaa2 r4 : 5140aa8a r3 : 0000004c r2 : 00000fdc r1 : bf048000 r0 : bef5fc3c Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user Control: 10c5387d Table: 8f038019 DAC: 00000015 Process g_printer_test. (pid: 661, stack limit = 0xcf8822e8) Stack: (0xcf883ea8 to 0xcf884000) 3ea0: bf047068 00001fff bef5ecb9 cf882000 00001fff bef5ecb9 3ec0: 00001fff 00000000 cf2e8724 bf044d3c 80000013 80000013 00000001 bf04706c 3ee0: cf883f24 cf883ef0 c012e5ac c0324388 c007c8ac c0046298 00008180 cf29b900 3f00: 00002000 bef5ecb8 cf883f68 00000003 cf882000 cf29b900 cf883f54 cf883f28 3f20: c012ea08 bf044b0c c000eb88 00000000 cf883f7c 00000000 00000000 00002000 3f40: bef5ecb8 00000003 cf883fa4 cf883f58 c012eae8 c012e960 00000001 bef60cb8 3f60: 000000a8 c000eb88 00000000 00000000 cf883fa4 00000000 c014329c 00000000 3f80: 000000d4 41af63f0 00000003 c000eb88 cf882000 00000000 00000000 cf883fa8 3fa0: c000e920 c012eaa4 00000000 000000d4 00000003 bef5ecb8 00002000 bef5ecb8 3fc0: 00000000 000000d4 41af63f0 00000003 b6f534c0 00000000 419f9000 00000000 3fe0: 00000000 bef5ecac 000086d9 41a986bc 60000010 00000003 0109608a 0088828a Code: f5d1f07c e8b100f0 e1a03c2e e2522020 (e8b15300) ---[ end trace 97e2618e250e3377 ]--- Segmentation fault The root cause is the dev->rx_buffers list has been broken. When we call printer_read(), the following call tree is triggered: printer_read() \| +---setup_rx_reqs(req) \| \| \| +---usb_ep_queue(req) \| \| \| \| \| +---... \| \| \| \| \| +---rx_complete(req). \| \| \| +---add the req to dev->rx_reqs_active \| +---while(!list_empty(&dev->rx_buffers))) The route happens when we don't use DMA or fail to start DMA in USB driver. We can see: in the case, in rx_complete() it will add the req to dev->rx_buffers. meanwhile we see that we will also add the req to dev->rx_reqs_active after usb_ep_queue() return, so this adding will break the dev->rx_buffers out. After, when we call list_empty() to check dev->rx_buffers in while(), due to can't check correctly dev->rx_buffers, so the Segmentation fault occurs when copy_to_user() is called. Signed-off-by: wenlin.kang <wenlin.kang@windriver.com> Signed-off-by: Felipe Balbi <balbi@ti.com>		2014-02-18 10:52:54 -06:00
..
accessibility
acpi	Merge branches 'acpi-processor', 'acpi-hotplug', 'acpi-init', 'acpi-pm' and 'acpica'	2014-01-29 11:47:18 +01:00
amba
ata	ACPI and power management updates for 3.14-rc1	2014-01-24 15:51:02 -08:00
atm
auxdisplay
base	regmap: Updates for v3.14	2014-01-25 13:18:00 -08:00
bcma	Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus	2014-01-30 17:20:32 -08:00
block	Bug-fixes:	2014-01-31 08:38:18 -08:00
bluetooth
bus	drivers: bus: fix CCI driver kcalloc call parameters swap	2014-01-31 15:15:13 -08:00
cdrom	Merge branch 'for-3.14/drivers' of git://git.kernel.dk/linux-block	2014-01-30 11:40:10 -08:00
char	ipmi: Add missing rv in ipmi_parisc_probe()	2014-01-30 10:02:54 -08:00
clk	The second half of the clock framework pull requeust for 3.14 is	2014-01-28 18:44:53 -08:00
clocksource	clocksource: kona: Add basic use of external clock	2014-01-31 21:04:01 -08:00
connector
cpufreq	ACPI and power management fixes and cleanups for 3.14-rc1	2014-01-31 09:23:52 -08:00
cpuidle	powerpc/powernv/cpuidle: Back-end cpuidle driver for powernv platform.	2014-01-29 17:02:24 +11:00
crypto	ARM: driver updates for 3.14	2014-01-23 18:49:36 -08:00
dca
devfreq	Merge branches 'pm-cpufreq' and 'pm-devfreq'	2014-01-29 11:48:23 +01:00
dio
dma	Merge branch 'for-linus' of git://git.infradead.org/users/vkoul/slave-dma	2014-01-29 20:27:23 -08:00
edac	Merge branch 'x86-ras-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip	2014-01-20 12:10:27 -08:00
eisa	Revert "EISA: Initialize device before its resources"	2014-01-17 14:57:29 -07:00
extcon
firewire	firewire: Enable remote DMA above 4 GB	2014-01-20 01:11:13 +01:00
firmware	firmware/google: drop 'select EFI' to avoid recursive dependency	2014-01-27 21:02:40 -08:00
fmc
gpio	ARM: driver updates for 3.14	2014-01-23 18:49:36 -08:00
gpu	Merge branch 'drm-next' of git://people.freedesktop.org/~airlied/linux	2014-01-29 20:49:12 -08:00
hid	usbhid/quirks: Ignore Riso Kagaku Webmail Notifier	2014-02-15 12:26:48 -08:00
hsi
hv	hyperv: Add support for physically discontinuous receive buffer	2014-01-27 16:40:45 -08:00
hwmon	hwmon: Fix SENSORS_TMP102 dependencies to eliminate build errors	2014-02-02 17:59:07 +01:00
hwspinlock
i2c	Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux	2014-01-29 19:56:20 -08:00
ide	drivers: ide: Include appropriate header file in ide-pio-blacklist.c	2014-01-28 23:35:09 -08:00
idle	ACPI and power management updates for 3.14-rc1	2014-01-24 15:51:02 -08:00
iio	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial	2014-01-22 21:21:55 -08:00
infiniband	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2014-01-31 15:31:23 -08:00
input	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input	2014-01-24 17:17:30 -08:00
iommu	IOMMU Updates for Linux v3.14	2014-01-29 20:00:13 -08:00
ipack
irqchip	mvebu fixes for v3.13 (incremental #2 )	2014-01-31 14:59:28 -08:00
isdn	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2014-01-25 11:17:34 -08:00
leds	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/linux-leds	2014-01-28 18:53:01 -08:00
lguest
macintosh	Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc	2014-01-27 21:11:26 -08:00
mailbox	drivers/mailbox/omap: make mbox->irq signed for error handling	2014-01-23 16:36:53 -08:00
md	Merge branch 'for-3.14/drivers' of git://git.kernel.dk/linux-block	2014-01-30 11:40:10 -08:00
media	Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media	2014-01-31 09:31:14 -08:00
memory
memstick	drivers/memstick/host/rtsx_pci_ms.c: fix ms card data transfer bug	2014-01-23 16:37:04 -08:00
message	Merge branch 'for-3.14/core' of git://git.kernel.dk/linux-block	2014-01-30 11:19:05 -08:00
mfd	regulator: Updates for v3.14	2014-01-25 13:19:10 -08:00
misc	Merge branch 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging	2014-01-29 18:56:27 -08:00
mmc	MMC highlights for 3.14:	2014-01-26 11:00:41 -08:00
mtd	* Improve the NOR erasure quirk - now it tries to do as little writes as	2014-01-30 20:04:09 -08:00
net	Merge branch 'akpm' (patches from Andrew Morton)	2014-01-30 18:44:44 -08:00
nfc
ntb
nubus
of	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2014-01-25 11:17:34 -08:00
oprofile
parisc
parport	TTY/Serial driver patches for 3.14-rc1	2014-01-20 16:05:23 -08:00
pci	Revert "PCI: Remove from bus_list and release resources in pci_release_dev()"	2014-02-01 10:24:31 -08:00
pcmcia	PCI changes for the v3.14 merge window:	2014-01-22 16:39:28 -08:00
phy	phy-core: Don't allow building phy-core as a module	2014-02-15 12:28:39 -08:00
pinctrl	ARM: SoC DT updates for 3.14	2014-01-23 18:45:38 -08:00
platform	platform/chrome: Cleanups and improvements	2014-01-29 20:06:01 -08:00
pnp
power	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2014-01-25 11:17:34 -08:00
powercap
pps
ps3
ptp	ptp_pch: Add dependency on HAS_IOMEM	2014-01-15 14:51:22 -08:00
pwm	pwm: Changes for v3.14-rc1	2014-01-27 08:15:51 -08:00
rapidio
regulator	regulator: Updates for v3.14	2014-01-25 13:19:10 -08:00
remoteproc
reset
rpmsg
rtc	Merge branch 'akpm' (incoming from Andrew)	2014-01-23 19:11:50 -08:00
s390	Second batch of KVM updates. Some minor x86 fixes,	2014-01-31 08:37:32 -08:00
sbus	sparc: delete non-required instances of include <linux/init.h>	2014-01-28 23:38:23 -08:00
scsi	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2014-01-31 15:31:23 -08:00
sfi
sh
sn
spi	Merge remote-tracking branch 'agust/next' into next	2014-01-29 16:53:55 +11:00
ssb	Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus	2014-01-30 17:20:32 -08:00
staging	Staging wireless driver for 3.14-rc1	2014-02-01 10:29:59 -08:00
target	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2014-01-31 15:31:23 -08:00
tc
thermal	Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux	2014-01-24 17:13:49 -08:00
tty	Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus	2014-01-30 17:20:32 -08:00
uio
usb	usb: gadget: printer: fix memory leak	2014-02-18 10:52:54 -06:00
uwb
vfio	Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc	2014-01-27 21:11:26 -08:00
vhost	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2014-01-31 15:31:23 -08:00
video	parisc/sti_console: prefer Linux fonts over built-in ROM fonts	2014-02-02 20:56:47 +01:00
virt
virtio	A few simple fixes. Quiet cycle.	2014-01-22 22:24:35 -08:00
vlynq	drivers/vlynq/vlynq.c: fix another resource size off by 1 error	2014-01-23 16:36:55 -08:00
vme
w1	drivers/w1/masters/w1-gpio.c: add strong pullup emulation	2014-01-23 16:37:04 -08:00
watchdog	watchdog: w83627hf_wdt: Reset watchdog trigger during initialization	2014-01-28 21:35:40 +01:00
xen	Bug-fixes:	2014-01-31 08:38:18 -08:00
zorro
Kconfig
Makefile