korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-12-18 08:35:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
dd80fb2dbf
linux/drivers/clk
History
Ian Nam dd80fb2dbf clk: zynqmp: Fix stack-out-of-bounds in strncpy` 
"BUG: KASAN: stack-out-of-bounds in strncpy+0x30/0x68"

Linux-ATF interface is using 16 bytes of SMC payload. In case clock name is
longer than 15 bytes, string terminated NULL character will not be received
by Linux. Add explicit NULL character at last byte to fix issues when clock
name is longer.

This fixes below bug reported by KASAN:

 ==================================================================
 BUG: KASAN: stack-out-of-bounds in strncpy+0x30/0x68
 Read of size 1 at addr ffff0008c89a7410 by task swapper/0/1

 CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.4.0-00396-g81ef9e7-dirty #3
 Hardware name: Xilinx Versal vck190 Eval board revA (QSPI) (DT)
 Call trace:
  dump_backtrace+0x0/0x1e8
  show_stack+0x14/0x20
  dump_stack+0xd4/0x108
  print_address_description.isra.0+0xbc/0x37c
  __kasan_report+0x144/0x198
  kasan_report+0xc/0x18
  __asan_load1+0x5c/0x68
  strncpy+0x30/0x68
  zynqmp_clock_probe+0x238/0x7b8
  platform_drv_probe+0x6c/0xc8
  really_probe+0x14c/0x418
  driver_probe_device+0x74/0x130
  __device_attach_driver+0xc4/0xe8
  bus_for_each_drv+0xec/0x150
  __device_attach+0x160/0x1d8
  device_initial_probe+0x10/0x18
  bus_probe_device+0xe0/0xf0
  device_add+0x528/0x950
  of_device_add+0x5c/0x80
  of_platform_device_create_pdata+0x120/0x168
  of_platform_bus_create+0x244/0x4e0
  of_platform_populate+0x50/0xe8
  zynqmp_firmware_probe+0x370/0x3a8
  platform_drv_probe+0x6c/0xc8
  really_probe+0x14c/0x418
  driver_probe_device+0x74/0x130
  device_driver_attach+0x94/0xa0
  __driver_attach+0x70/0x108
  bus_for_each_dev+0xe4/0x158
  driver_attach+0x30/0x40
  bus_add_driver+0x21c/0x2b8
  driver_register+0xbc/0x1d0
  __platform_driver_register+0x7c/0x88
  zynqmp_firmware_driver_init+0x1c/0x24
  do_one_initcall+0xa4/0x234
  kernel_init_freeable+0x1b0/0x24c
  kernel_init+0x10/0x110
  ret_from_fork+0x10/0x18

 The buggy address belongs to the page:
 page:ffff0008f9be1c88 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
 raw: 0008d00000000000 ffff0008f9be1c90 ffff0008f9be1c90 0000000000000000
 raw: 0000000000000000 0000000000000000 00000000ffffffff
 page dumped because: kasan: bad access detected

 addr ffff0008c89a7410 is located in stack of task swapper/0/1 at offset 112 in frame:
  zynqmp_clock_probe+0x0/0x7b8

 this frame has 3 objects:
  [32, 44) 'response'
  [64, 80) 'ret_payload'
  [96, 112) 'name'

 Memory state around the buggy address:
  ffff0008c89a7300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  ffff0008c89a7380: 00 00 00 00 f1 f1 f1 f1 00 04 f2 f2 00 00 f2 f2
 >ffff0008c89a7400: 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
                          ^
  ffff0008c89a7480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  ffff0008c89a7500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ==================================================================

Signed-off-by: Ian Nam <young.kwan.nam@xilinx.com>
Signed-off-by: Shubhrajyoti Datta <shubhrajyoti.datta@xilinx.com>
Link: https://lore.kernel.org/r/20220510070154.29528-3-shubhrajyoti.datta@xilinx.com
Acked-by: Michal Simek <michal.simek@amd.com>
Signed-off-by: Stephen Boyd <sboyd@kernel.org>
2022-08-22 17:01:05 -07:00
..
actions clk: actions: remove redundant assignment after a mask operation 2022-04-22 19:01:20 -07:00
analogbits Merge branch 'akpm' (patches from Andrew) 2021-07-02 12:08:10 -07:00
at91 clk: at91: generated: consider range when calculating best rate 2022-05-17 12:41:07 -07:00
axis clk: cleanup comments 2022-03-11 18:22:15 -08:00
axs10x treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_56.RULE (part 2) 2022-06-10 14:51:35 +02:00
baikal-t1
bcm SPDX changes for 6.0-rc1 2022-08-04 12:12:54 -07:00
berlin
davinci
hisilicon Merge branches 'clk-starfive', 'clk-ti', 'clk-terminate' and 'clk-cleanup' into clk-next 2022-03-29 10:19:10 -07:00
imgtec
imx clk: imx: clk-fracn-gppll: Add more freq config for video pll 2022-06-16 17:28:59 +03:00
ingenic clk: ingenic-tcu: Fix missing TCU clock for X1000 SoCs 2022-05-18 17:30:36 -07:00
keystone treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_320.RULE 2022-06-10 14:51:36 +02:00
loongson1 clk: loongson1: Terminate clk_div_table with sentinel element 2022-03-11 18:13:24 -08:00
mediatek clk: mediatek: reset: Add infra_ao reset support for MT8186 2022-06-15 17:24:25 -07:00
meson clk: meson: axg-audio: Don't duplicate devm_clk_get_enabled() 2022-06-15 19:22:29 -07:00
microchip clk: microchip: mpfs: add RTCREF clock control 2022-04-22 18:40:26 -07:00
mmp treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_56.RULE (part 2) 2022-06-10 14:51:35 +02:00
mstar clk: mstar: msc313-mpll: Fix format specifier 2021-02-16 12:52:28 -08:00
mvebu clk: mvebu: use time_is_before_eq_jiffies() instead of open coding it 2022-02-17 14:06:12 -08:00
mxs
nxp treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_56.RULE (part 2) 2022-06-10 14:51:35 +02:00
pistachio clk: pistachio: Declare mux table as const u32[] 2022-02-25 16:41:39 -08:00
pxa ARM: pxa: move clk register definitions to driver 2022-05-07 22:55:49 +02:00
qcom clk: qcom: gcc-msm8994: use parent_hws for gpll0/4 2022-07-18 21:40:36 -05:00
ralink clk: ralink: make system controller node a reset provider 2022-02-15 17:06:37 +01:00
renesas clk: renesas: rcar-gen4: Fix initconst confusion for cpg_pll_config 2022-07-05 09:20:34 +02:00
rockchip clk: rockchip: Mark hclk_vo as critical on rk3568 2022-05-03 11:16:48 +02:00
samsung clk: samsung: exynosautov9: add cmu_peric1 clock support 2022-05-10 19:19:34 +02:00
sifive clk: sifive: Move all stuff into SoCs header files from C files 2022-03-15 15:56:28 -07:00
socfpga clk: cleanup comments 2022-03-11 18:22:15 -08:00
spear treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_56.RULE (part 2) 2022-06-10 14:51:35 +02:00
sprd
st clk: st: clkgen-mux: search reg within node or parent 2022-01-05 17:21:28 -08:00
starfive clk: starfive: Add JH7100 audio clock driver 2022-03-10 18:17:33 -08:00
stm32 clk: stm32: rcc_reset: Fix missing spin_lock_init() 2022-06-09 15:34:08 -07:00
sunxi clk: sunxi: Do not select the PRCM MFD 2022-07-04 21:59:30 +02:00
sunxi-ng clk: sunxi-ng: Fix H6 RTC clock definition 2022-07-27 16:45:58 -07:00
tegra clk: tegra: Update kerneldoc to match prototypes 2022-05-06 10:56:00 +02:00
ti The clk core gains a new set of APIs that allow drivers to both acquire clks 2022-08-04 18:40:08 -07:00
uniphier clk: uniphier: Fix fixed-rate initialization 2022-03-11 19:29:02 -08:00
ux500 clk: ux500: fix a possible off-by-one in u8500_prcc_reset_base() 2022-05-18 13:34:03 -07:00
versatile clk: versatile: clk-icst: use after free on error path 2021-12-07 12:25:29 -08:00
visconti clk: visconti: prevent array overflow in visconti_clk_register_gates() 2022-03-17 12:21:28 -07:00
x86 platform/x86: Drop the PMC_ATOM Kconfig option 2022-06-12 14:41:22 +02:00
xilinx clk: xilinx: move xlnx_vcu clock driver from soc 2021-02-08 18:31:25 -08:00
zynq clk: zynq: Update the parameters to zynq_clk_register_periph_clk 2022-03-29 10:17:49 -07:00
zynqmp clk: zynqmp: Fix stack-out-of-bounds in strncpy` 2022-08-22 17:01:05 -07:00
.kunitconfig clk: explicitly disable CONFIG_UML_PCI_OVER_VIRTIO in .kunitconfig 2022-07-14 10:35:44 -06:00
clk_test.c Revert "clk: Drop the rate range on clk_put()" 2022-04-02 19:28:53 -07:00
clk-apple-nco.c clk: clk-apple-nco: Allow and fix module building 2022-03-15 09:56:12 -07:00
clk-asm9260.c
clk-aspeed.c
clk-aspeed.h
clk-ast2600.c clk/ast2600: Fix soc revision for AHB 2021-11-03 19:42:35 -07:00
clk-axi-clkgen.c clk: axi-clkgen: use devm_platform_ioremap_resource() short-hand 2021-02-08 18:13:13 -08:00
clk-axm5516.c
clk-bd718x7.c clk: bd718xx: Drop BD70528 support 2021-06-27 18:42:45 -07:00
clk-bm1880.c clk: bm1880: remove kfrees on static allocations 2022-01-06 17:46:56 -08:00
clk-bulk.c
clk-cdce706.c clk: cdce706: use simple i2c probe function 2022-04-22 19:28:06 -07:00
clk-cdce925.c clk: cdce925: use i2c_match_id and simple i2c probe 2022-04-22 19:28:07 -07:00
clk-clps711x.c clk: clps711x: Terminate clk_div_table with sentinel element 2022-03-11 18:13:24 -08:00
clk-composite.c clk: composite: Fix 'switching' to same clock 2021-11-03 17:49:54 -07:00
clk-conf.c
clk-cs2000-cp.c clk: cs2000-cp: use simple i2c probe function 2022-04-22 19:28:07 -07:00
clk-devres.c clk: Fix pointer casting to prevent oops in devm_clk_release() 2022-06-22 16:10:23 -07:00
clk-divider.c clk: divider: Implement and wire up .determine_rate by default 2021-08-05 17:35:58 -07:00
clk-en7523.c clk: en7523: fix wrong pointer check in en7523_clk_probe() 2022-04-26 11:17:47 -07:00
clk-fixed-factor.c clk: fixed-factor: Introduce *clk_hw_register_fixed_factor_parent_hw() 2022-07-29 16:44:08 -07:00
clk-fixed-mmio.c clk: clk-fixed-mmio: Demote obvious kernel-doc abuse 2021-02-11 11:56:05 -08:00
clk-fixed-rate.c clk: fixed-rate: Remove redundant if statement 2022-05-16 23:45:53 -07:00
clk-fractional-divider.c clk: cleanup comments 2022-03-11 18:22:15 -08:00
clk-fractional-divider.h clk: fractional-divider: Hide clk_fractional_divider_ops from wide audience 2021-08-12 12:42:00 -07:00
clk-fsl-flexspi.c
clk-fsl-sai.c
clk-gate_test.c clk: gate: Add some kunit test suites 2022-01-24 17:22:53 -08:00
clk-gate.c clk: gate: Add devm_clk_hw_register_gate() 2021-12-08 11:19:20 +01:00
clk-gemini.c clk: Gemini: fix struct name in kernel-doc 2021-12-02 17:27:48 -08:00
clk-gpio.c
clk-hi655x.c
clk-highbank.c
clk-hsdk-pll.c treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_56.RULE (part 2) 2022-06-10 14:51:35 +02:00
clk-k210.c clk: k210: Fix k210_clk_set_parent() 2021-06-30 11:34:36 -07:00
clk-lan966x.c clk: lan966x: Fix the lan966x clock gate register address 2022-07-19 00:04:10 -07:00
clk-lmk04832.c spi: make remove callback a void function 2022-02-09 13:00:45 +00:00
clk-lochnagar.c
clk-max9485.c clk: max9485: use simple i2c probe function 2022-04-22 19:28:08 -07:00
clk-max77686.c
clk-milbeaut.c
clk-moxart.c treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_56.RULE (part 2) 2022-06-10 14:51:35 +02:00
clk-multiplier.c
clk-mux.c clk: mux: remove redundant initialization of variable width 2022-04-25 15:49:20 -07:00
clk-nomadik.c
clk-npcm7xx.c clk: clk-npcm7xx: Remove unused static const tables 'npcm7xx_gates' and 'npcm7xx_divs_fx' 2021-02-11 11:56:05 -08:00
clk-nspire.c
clk-oxnas.c clk: Use of_device_get_match_data() 2022-03-11 19:23:30 -08:00
clk-palmas.c clk: palmas: Add a missing SPDX license header 2021-08-05 17:34:30 -07:00
clk-plldig.c
clk-pwm.c
clk-qoriq.c clk: qoriq: use macros to generate pll_mask 2021-02-14 13:02:01 -08:00
clk-renesas-pcie.c clk: renesas-pcie: use simple i2c probe function 2022-04-22 19:28:09 -07:00
clk-rk808.c
clk-s2mps11.c
clk-scmi.c clk: scmi: Support atomic clock enable/disable API 2022-02-21 10:37:00 +00:00
clk-scpi.c
clk-si514.c clk: si514: use simple i2c probe function 2022-04-22 19:28:08 -07:00
clk-si544.c clk: si544: use i2c_match_id and simple i2c probe 2022-04-22 19:28:08 -07:00
clk-si570.c clk: si570: use i2c_match_id and simple i2c probe 2022-04-22 19:28:08 -07:00
clk-si5341.c clk: si5341: use simple i2c probe function 2022-04-22 19:28:08 -07:00
clk-si5351.c clk: si5351: use i2c_match_id and simple i2c probe 2022-04-22 19:28:08 -07:00
clk-si5351.h clk: si5351: Update datasheet references 2021-11-02 14:29:17 -07:00
clk-sparx5.c
clk-stm32f4.c clk: stm32: Fix ltdc's clock turn off by clk_disable_unused() after system enter shell 2021-12-15 22:45:48 -08:00
clk-stm32h7.c clk: stm32h7: Switch to clk_divider.determine_rate 2021-08-05 17:36:10 -07:00
clk-stm32mp1.c clk: stm32mp1: Add parent_data to ETHRX clock 2022-01-24 17:17:31 -08:00
clk-tps68470.c clk: Introduce clk-tps68470 driver 2021-12-15 20:12:07 -08:00
clk-twl6040.c
clk-versaclock5.c clk: vc5: Use i2c .probe_new 2021-11-02 14:28:51 -07:00
clk-vt8500.c
clk-wm831x.c
clk-xgene.c clk: clk-xgene: Add description for 'mask' and fix formatting for 'flags' 2021-02-11 11:56:06 -08:00
clk.c clk: Remove never used devm_clk_*unregister() 2022-06-22 16:14:08 -07:00
clk.h
clkdev.c clkdev: remove unused clkdev_alloc() interfaces 2021-06-08 17:00:09 +02:00
Kconfig Merge branches 'clk-rockchip', 'clk-ingenic', 'clk-bindings', 'clk-samsung' and 'clk-stm' into clk-next 2022-05-25 00:27:09 -07:00
Makefile Mainly driver updates this time around. There's a single patch to the core clk 2022-05-27 15:33:24 -07:00