linux

korg/linux

mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-20 02:34:23 +08:00

History

Chris Wilson bee7fb158f drm: Protect drm_connector_register_all() under DRIVER_MODESET 0-day kbuilder found [ 1.360244] BUG: unable to handle kernel NULL pointer dereference at (null) [ 1.360972] IP: [<c14db9ad>] mutex_lock_nested+0x11f/0x2c3 [ 1.361512] *pde = 00000000 [ 1.361827] Oops: 0002 [#1] [ 1.362123] Modules linked in: [ 1.362451] CPU: 0 PID: 1 Comm: swapper Not tainted 4.7.0-rc2-00564-ge28cd4d #1 [ 1.363202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Debian-1.8.2-1 04/01/2014 [ 1.364105] task: c03d0000 ti: d28da000 task.ti: d28da000 [ 1.364636] EIP: 0060:[<c14db9ad>] EFLAGS: 00210096 CPU: 0 [ 1.365215] EIP is at mutex_lock_nested+0x11f/0x2c3 [ 1.365703] EAX: 00000000 EBX: d39e8ae8 ECX: d39e8b14 EDX: c1361cf9 [ 1.366351] ESI: c03d0000 EDI: d28dbed0 EBP: d28dbeec ESP: d28dbec0 [ 1.367010] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 [ 1.367534] CR0: 80050033 CR2: 00000000 CR3: 019a9000 CR4: 00000690 [ 1.368152] Stack: [ 1.368356] d39e8b14 d39e8b24 c1361cf9 00200246 d39e8b14 00000000 11111111 d28dbed0 [ 1.369235] d39e8800 d39e8ae8 00000000 d28dbf08 c1361cf9 d28dbf0c c10b25be d39e8800 [ 1.370087] 00000000 00000000 d28dbf1c c135e37d fffffff4 ffffffff 00000000 d28dbf28 [ 1.371012] Call Trace: [ 1.371272] [<c1361cf9>] ? drm_connector_register_all+0x1a/0x92 [ 1.371847] [<c1361cf9>] drm_connector_register_all+0x1a/0x92 [ 1.372421] [<c10b25be>] ? kstrdup+0x25/0x3a [ 1.372863] [<c135e37d>] drm_dev_register+0x59/0x99 [ 1.373358] [<c195ea3e>] vgem_init+0x34/0x49 [ 1.373770] [<c195ea0a>] ? mipi_dsi_bus_init+0xf/0xf [ 1.374257] [<c100048f>] do_one_initcall+0x7c/0xfd [ 1.374754] [<c104b409>] ? parse_args+0x1fd/0x314 [ 1.375259] [<c1939c10>] ? kernel_init_freeable+0xd0/0x179 [ 1.375837] [<c1939c2c>] kernel_init_freeable+0xec/0x179 [ 1.376371] [<c14d66ea>] kernel_init+0x8/0xcb [ 1.376806] [<c14debce>] ret_from_kernel_thread+0xe/0x30 [ 1.377322] [<c14d66e2>] ? rest_init+0x10e/0x10e [ 1.377754] Code: 89 fa e8 71 c5 b7 ff 8b 4e 04 89 fa 89 d8 e8 8e c6 b7 ff 8d 43 2c 89 45 d4 8b 43 30 8d 4b 2c 89 45 e8 89 7b 30 89 4d e4 8b 55 dc <89> 38 8d 43 3c 89 75 ec e8 c9 dd b7 ff eb 0c 31 c0 87 03 48 +75 [ 1.380442] EIP: [<c14db9ad>] mutex_lock_nested+0x11f/0x2c3 SS:ESP 0068:d28dbec0 [ 1.381174] CR2: 0000000000000000 when loading the non-modesetting vGEM module. To prevent use of the uninitialised dev->mode_config from drm_dev_register() we move the drm_connector_register_all() under a DRIVER_MODESET guard. Longer term, we probably want to initialise the embedded dev->mode_config automatically from drm_dev_init() for all DRIVER_MODESET drivers. v2: Also protect drm_dev_unregister. Fixes: `e28cd4d0a2` ("drm: Automatically register/unregister all connectors") Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk> Cc: Daniel Vetter <daniel.vetter@ffwll.ch> Cc: Emil Velikov <emil.l.velikov@gmail.com> Cc: dri-devel@lists.freedesktop.org Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com> Testcase: igt/vgem_reload_basic Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch> Link: http://patchwork.freedesktop.org/patch/msgid/1466257601-5656-1-git-send-email-chris@chris-wilson.co.uk		2016-06-19 00:30:25 +02:00
..
accessibility
acpi	Merge branches 'acpica-fixes', 'acpi-video' and 'acpi-processor'	2016-06-03 22:35:05 +02:00
amba
android
ata	remove lots of IS_ERR_VALUE abuses	2016-05-27 15:26:11 -07:00
atm	atm: iphase: off by one in rx_pkt()	2016-05-31 11:52:59 -07:00
auxdisplay
base	More power management updates for v4.7-rc1	2016-05-25 15:29:21 -07:00
bcma	MTD updates for v4.7:	2016-05-24 11:00:20 -07:00
block	DAX error handling for 4.7	2016-05-26 19:34:26 -07:00
bluetooth	Bluetooth: Add USB ID 13D3:3487 to ath3k	2016-05-13 16:54:59 +02:00
bus	Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus	2016-05-19 10:02:26 -07:00
cdrom
char	Merge branch 'akpm' (patches from Andrew)	2016-05-20 22:31:33 -07:00
clk	remove lots of IS_ERR_VALUE abuses	2016-05-27 15:26:11 -07:00
clocksource	Small release overall.	2016-05-19 11:27:09 -07:00
connector
cpufreq	Merge branch 'pm-cpufreq-fixes'	2016-06-03 22:34:18 +02:00
cpuidle	cpuidle: Fix cpuidle_state_is_coupled() argument in cpuidle_enter()	2016-05-18 02:48:37 +02:00
crypto	Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6	2016-05-30 15:20:18 -07:00
dax	/dev/dax, core: file operations and dax-mmap	2016-05-20 22:02:55 -07:00
dca
devfreq
dio
dma	remove lots of IS_ERR_VALUE abuses	2016-05-27 15:26:11 -07:00
dma-buf	Merge tag 'topic/drm-misc-2016-06-07' of git://anongit.freedesktop.org/drm-intel into drm-next	2016-06-09 11:19:28 +10:00
edac	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial	2016-05-17 17:05:30 -07:00
eisa
extcon
firewire
firmware	driver core update for 4.7-rc1	2016-05-20 21:26:15 -07:00
fmc
fpga
gpio	gpio: drop lock before reading GPIO direction	2016-05-30 17:11:59 +02:00
gpu	drm: Protect drm_connector_register_all() under DRIVER_MODESET	2016-06-19 00:30:25 +02:00
hid	Merge branch 'for-4.7/wacom' into for-linus	2016-05-17 12:42:27 +02:00
hsi	HSI: omap-ssi: move omap_ssi_port_update_fclk	2016-05-09 22:45:18 +02:00
hv
hwmon	Merge branch 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging	2016-05-26 09:48:23 -07:00
hwspinlock	drivers/hwspinlock: use correct radix tree API	2016-05-20 17:58:30 -07:00
hwtracing	Char / Misc driver update for 4.7-rc1	2016-05-20 21:20:31 -07:00
i2c	i2c: dev: use after free in detach	2016-05-28 17:37:42 +02:00
ide
idle
iio	Staging and IIO driver update for 4.7-rc1	2016-05-20 22:20:48 -07:00
infiniband	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2016-05-28 12:04:17 -07:00
input	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input	2016-05-27 19:14:35 -07:00
iommu	remove lots of IS_ERR_VALUE abuses	2016-05-27 15:26:11 -07:00
ipack
irqchip	irqchip/irq-pic32-evic: Fix bug with external interrupts.	2016-06-02 18:03:50 +01:00
isdn	TTY and Serial driver update for 4.7-rc1	2016-05-20 20:57:27 -07:00
leds	pwm: Changes for v4.7-rc1	2016-05-25 10:40:15 -07:00
lguest
lightnvm	lightnvm: reserved space calculation incorrect	2016-05-06 12:51:10 -06:00
macintosh
mailbox	mailbox: Fix devm_ioremap_resource error detection code	2016-05-08 22:44:46 +05:30
mcb
md	Merge branch 'for-linus' of git://git.kernel.dk/linux-block	2016-05-27 14:28:09 -07:00
media	[media] omap_vout: Switch to use the video/omapfb_dss.h header file	2016-06-03 16:06:39 +03:00
memory	MTD updates for v4.7:	2016-05-24 11:00:20 -07:00
memstick	drivers/memstick/core/mspro_block: use kmemdup	2016-05-23 17:04:14 -07:00
message	SCSI misc on 20160517	2016-05-18 16:38:59 -07:00
mfd	remove lots of IS_ERR_VALUE abuses	2016-05-27 15:26:11 -07:00
misc	Char / Misc driver update for 4.7-rc1	2016-05-20 21:20:31 -07:00
mmc	mmc: sunxi: Re-enable eMMC HS-DDR modes on Allwinner A80	2016-06-02 10:40:20 +02:00
mtd	This pull request contains mostly cleanups and minor	2016-05-27 18:49:29 -07:00
net	Linux 4.7-rc2	2016-06-09 11:01:49 +10:00
nfc	NFC: pn533: handle interrupted commands in pn533_recv_frame	2016-05-10 00:01:47 +02:00
ntb
nubus
nvdimm	DAX error handling for 4.7	2016-05-26 19:34:26 -07:00
nvme	nvme/host: Add missing blk_integrity tag_size + flags assignments	2016-05-17 17:14:21 -06:00
nvmem	remove lots of IS_ERR_VALUE abuses	2016-05-27 15:26:11 -07:00
of	MTD updates for v4.7:	2016-05-24 11:00:20 -07:00
oprofile
parisc
parport
pci	Char / Misc driver update for 4.7-rc1	2016-05-20 21:20:31 -07:00
pcmcia
perf	drivers/perf: arm_pmu: Avoid leaking pmu->irq_affinity on error	2016-06-03 10:16:21 +01:00
phy	USB patches for 4.7-rc1	2016-05-20 21:12:25 -07:00
pinctrl	pinctrl: mediatek: fix dual-edge code defect	2016-05-31 10:13:45 +02:00
platform	platform/chrome: Driver and binding changes for 4.7	2016-05-28 12:32:01 -07:00
pnp	driver core update for 4.7-rc1	2016-05-20 21:26:15 -07:00
power	power supply and reset changes for the v4.7 series	2016-05-20 14:06:21 -07:00
powercap	Power management material for v4.7-rc1	2016-05-16 19:17:22 -07:00
pps
ps3
ptp	ptp: oops in ptp_ioctl()	2016-05-29 22:32:27 -07:00
pwm	pwm: Changes for v4.7-rc1	2016-05-25 10:40:15 -07:00
rapidio
ras
regulator	regulator: pwm: Use pwm_get_args() where appropriate	2016-05-17 14:45:02 +02:00
remoteproc	remoteproc: Add additional crash reasons	2016-05-12 15:50:19 -07:00
reset
rpmsg	rpmsg: add THIS_MODULE to rpmsg_driver in rpmsg core	2016-05-06 11:08:58 -07:00
rtc	rtc: tps6586x: rename so module can be autoloaded	2016-05-21 17:07:17 +02:00
s390	DAX error handling for 4.7	2016-05-26 19:34:26 -07:00
sbus	openprom: fix warning	2016-05-20 18:33:37 -07:00
scsi	SCSI fixes on 20160529	2016-05-29 13:28:39 -07:00
sfi
sh
sn
soc	soc: mtk-pmic-wrap: avoid integer overflow warning	2016-05-19 15:20:24 +02:00
spi	sound updates #2 for 4.7-rc1	2016-05-28 12:23:12 -07:00
spmi
ssb
staging	dma-buf/fence: make fence context 64 bit v2	2016-06-02 08:27:41 +02:00
target	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2016-05-28 12:04:17 -07:00
tc
thermal	Merge branches 'acpica-fixes', 'acpi-video' and 'acpi-processor'	2016-06-03 22:35:05 +02:00
thunderbolt
tty	devpts: Make each mount of devpts an independent filesystem.	2016-06-05 10:36:01 -07:00
uio
usb	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2016-05-28 12:04:17 -07:00
uwb
vfio	vfio/pci: Allow VPD short read	2016-05-31 21:25:52 -06:00
vhost	target: make close_session optional	2016-05-10 01:19:26 -07:00
video	Merge omapdss header refactoring	2016-06-07 12:42:58 +03:00
virt
virtio	virtio_balloon: fix PFN format for virtio-1	2016-05-22 19:44:13 +03:00
vlynq
vme
w1
watchdog	Merge git://www.linux-watchdog.org/linux-watchdog	2016-05-25 10:19:17 -07:00
xen	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2016-05-28 12:04:17 -07:00
zorro
Kconfig	libnvdimm for 4.7	2016-05-23 11:18:01 -07:00
Makefile	/dev/dax, pmem: direct access to persistent memory	2016-05-20 22:02:53 -07:00