projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 894c169)
[COMMON] iommu/exynos: remove __initconst for sysmmu_of_match table
authorJanghyuck Kim <janghyuck.kim@samsung.com>
Wed, 22 Feb 2017 07:24:21 +0000 (16:24 +0900)
committerSangwook Ju <sw.ju@samsung.com>
Mon, 14 May 2018 10:45:20 +0000 (19:45 +0900)
KASAN reported use-after-free case like below.
To avoid this case, __instconst is removed.

BUG: KASAN: use-after-free in __of_match_node+0xb0/0x104 at addr
ffffffc002653338
Read of size 1 by task kworker/u16:0/6
page:ffffffbdc00994c0 count:0 mapcount:0 mapping:          (null)
index:0x1
flags: 0x0()
page dumped because: kasan: bad access detected

.. < skip > ..

Workqueue: deferwq deferred_probe_work_func
Call trace:
[<ffffffc0000e7140>] dump_backtrace+0x0/0x21c
[<ffffffc0000e7370>] show_stack+0x14/0x1c
[<ffffffc0007a4dc8>] dump_stack+0xa8/0xe8
[<ffffffc000393e04>] kasan_report+0x468/0x484
[<ffffffc000393e38>] __asan_report_load1_noabort+0x18/0x20
[<ffffffc00125f65c>] __of_match_node+0xb0/0x104
[<ffffffc00125f6e8>] of_match_node+0x38/0x5c
[<ffffffc00125ff3c>] of_match_device+0x50/0x5c
[<ffffffc000b0fa5c>] platform_match+0x9c/0x1c4
[<ffffffc000b0be84>] __device_attach_driver+0x100/0x180
[<ffffffc000b08bb0>] bus_for_each_drv+0x15c/0x164
[<ffffffc000b0b584>] __device_attach+0x198/0x208
[<ffffffc000b0c180>] device_initial_probe+0x10/0x18
[<ffffffc000b09020>] bus_probe_device+0x98/0x190
[<ffffffc000b0ac78>] deferred_probe_work_func+0xd4/0xec
[<ffffffc000145428>] process_one_work+0x978/0x1208
[<ffffffc00014636c>] worker_thread+0x654/0x824
[<ffffffc0001524fc>] kthread+0x240/0x250
[<ffffffc0000dde30>] ret_from_fork+0x10/0x20
Memory state around the buggy address:

Signed-off-by: Janghyuck Kim <janghyuck.kim@samsung.com>
Change-Id: Ibc46808a38b0db3f9cc62a1e106022fa9383dd20

drivers/iommu/exynos-iommu.c patch | blob | blame | history

diff --git a/drivers/iommu/exynos-iommu.c b/drivers/iommu/exynos-iommu.c
index 87fb55682b55b359fad757e9dd20b034282b9b0f..9e10598bfa37b644219d0a846880b6a5ac83b025 100644 (file)
--- a/drivers/iommu/exynos-iommu.c
+++ b/drivers/iommu/exynos-iommu.c
@@ -1067,7 +1067,7 @@ static const struct dev_pm_ops sysmmu_pm_ops = {
        SET_LATE_SYSTEM_SLEEP_PM_OPS(exynos_sysmmu_suspend, exynos_sysmmu_resume)
 };
 
-static const struct of_device_id sysmmu_of_match[] __initconst = {
+static const struct of_device_id sysmmu_of_match[] = {
        { .compatible   = "samsung,exynos-sysmmu", },
        { },
 };