kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
linux-hardened/drivers/media/platform/exynos4-is
History
Sylwester Nawrocki 3cf138a639 [media] exynos4-is: Prevent NULL pointer dereference when firmware isn't loaded 
Ensure the firmware isn't accessed in the driver when the firmware loading
routine has not completed. This fixes a potential kernel crash:
[   96.510000] Unable to handle kernel NULL pointer dereference at virtual address 00000000
[   96.520000] pgd = ee604000
[   96.520000] [00000000] *pgd=6e947831, *pte=00000000, *ppte=00000000
[   96.530000] Internal error: Oops: 17 [#1] PREEMPT SMP ARM
[   96.530000] Modules linked in:
[   96.530000] CPU: 2 PID: 2787 Comm: camera_test Not tainted 3.10.0-rc1-00269-gcdbde37-dirty #2158
[   96.545000] task: ee42e400 ti: edfcc000 task.ti: edfcc000
[   96.545000] PC is at fimc_is_start_firmware+0x14/0x94
[   96.545000] LR is at fimc_isp_subdev_s_power+0x13c/0x1f8
	...
[   96.745000] [<c03e0354>] (fimc_is_start_firmware+0x14/0x94) from [<c03e1cc4>] (fimc_isp_subdev_s_power+0x13c/0x1f8)
[   96.745000] [<c03e1cc4>] (fimc_isp_subdev_s_power+0x13c/0x1f8) from [<c03ed088>] (__subdev_set_power+0x70/0x84)
[   96.745000] [<c03ed088>] (__subdev_set_power+0x70/0x84) from [<c03ed164>] (fimc_pipeline_s_power+0xc8/0x164)
[   96.745000] [<c03ed164>] (fimc_pipeline_s_power+0xc8/0x164) from [<c03ee2b8>] (__fimc_pipeline_open+0x90/0x268)
[   96.745000] [<c03ee2b8>] (__fimc_pipeline_open+0x90/0x268) from [<c03ec5f0>] (fimc_capture_open+0xe4/0x1ec)
[   96.745000] [<c03ec5f0>] (fimc_capture_open+0xe4/0x1ec) from [<c03c5560>] (v4l2_open+0xa8/0xe4)
[   96.745000] [<c03c5560>] (v4l2_open+0xa8/0xe4) from [<c0112900>] (chrdev_open+0x9c/0x158)
[   96.745000] [<c0112900>] (chrdev_open+0x9c/0x158) from [<c010d3e0>] (do_dentry_open+0x1f4/0x27c)
[   96.745000] [<c010d3e0>] (do_dentry_open+0x1f4/0x27c) from [<c010d558>] (finish_open+0x34/0x50)
[   96.745000] [<c010d558>] (finish_open+0x34/0x50) from [<c011bea0>] (do_last+0x59c/0xbcc)
[   96.745000] [<c011bea0>] (do_last+0x59c/0xbcc) from [<c011c580>] (path_openat+0xb0/0x484)
[   96.745000] [<c011c580>] (path_openat+0xb0/0x484) from [<c011ca58>] (do_filp_open+0x30/0x84)
[   96.745000] [<c011ca58>] (do_filp_open+0x30/0x84) from [<c010d060>] (do_sys_open+0xe8/0x170)
[   96.745000] [<c010d060>] (do_sys_open+0xe8/0x170) from [<c000f040>] (ret_fast_syscall+0x0/0x30)

Signed-off-by: Sylwester Nawrocki <s.nawrocki@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2013-06-08 19:52:34 -03:00
..
fimc-capture.c [media] exynos4-is: Fix driver name reported in vidioc_querycap 2013-04-25 09:38:04 -03:00
fimc-core.c [media] exynos4-is: Fix driver name reported in vidioc_querycap 2013-04-25 09:38:04 -03:00
fimc-core.h [media] exynos4-is: Fix driver name reported in vidioc_querycap 2013-04-25 09:38:04 -03:00
fimc-is-command.h [media] exynos4-is: Add Exynos4x12 FIMC-IS driver 2013-04-04 19:59:24 -03:00
fimc-is-errno.c [media] exynos4-is: Add Exynos4x12 FIMC-IS driver 2013-04-04 19:59:24 -03:00
fimc-is-errno.h [media] exynos4-is: Add Exynos4x12 FIMC-IS driver 2013-04-04 19:59:24 -03:00
fimc-is-i2c.c [media] exynos4-is: Remove redundant MODULE_DEVICE_TABLE entries 2013-04-25 09:34:34 -03:00
fimc-is-i2c.h [media] exynos4-is: Add FIMC-IS ISP I2C bus driver 2013-04-04 20:04:49 -03:00
fimc-is-param.c [media] exynos4-is: Remove meaningless test before bit setting 2013-04-14 15:52:39 -03:00
fimc-is-param.h [media] exynos4-is: Improve the ISP chain parameter count calculation 2013-04-14 15:50:31 -03:00
fimc-is-regs.c [media] exynos4-is: Fix off-by-one valid range checking for is->config_index 2013-05-21 08:37:11 -03:00
fimc-is-regs.h [media] exynos4-is: Add Exynos4x12 FIMC-IS driver 2013-04-04 19:59:24 -03:00
fimc-is-sensor.c [media] exynos4-is: Don't overwrite subdevdata in the fimc-is sensor driver 2013-04-25 09:35:43 -03:00
fimc-is-sensor.h [media] exynos4-is: Don't overwrite subdevdata in the fimc-is sensor driver 2013-04-25 09:35:43 -03:00
fimc-is.c [media] exynos4-is: Prevent NULL pointer dereference when firmware isn't loaded 2013-06-08 19:52:34 -03:00
fimc-is.h [media] exynos4-is: Rename the ISP chain configuration data structure 2013-04-14 15:51:56 -03:00
fimc-isp.c [media] exynos4-is: Fix initialization of subdev 'flags' field 2013-04-25 09:35:03 -03:00
fimc-isp.h [media] exynos4-is: Add Exynos4x12 FIMC-IS driver 2013-04-04 19:59:24 -03:00
fimc-lite-reg.c [media] exynos4-is: Allow colorspace conversion at FIMC-LITE 2013-04-04 20:23:24 -03:00
fimc-lite-reg.h [media] exynos4-is: Allow colorspace conversion at FIMC-LITE 2013-04-04 20:23:24 -03:00
fimc-lite.c [media] exynos4-is: Set fimc-lite subdev owner module 2013-04-25 09:36:09 -03:00
fimc-lite.h [media] exynos4-is: Convert index variable to signed 2013-04-25 09:33:14 -03:00
fimc-m2m.c [media] exynos4-is: Copy timestamps from M2M OUTPUT to CAPTURE buffer queue 2013-04-25 09:38:48 -03:00
fimc-reg.c [media] exynos4-is: Correct input DMA YUV order configuration 2013-04-04 20:23:53 -03:00
fimc-reg.h [media] exynos4-is: Correct input DMA YUV order configuration 2013-04-04 20:23:53 -03:00
Kconfig [media] exynos4-is: Add common FIMC-IS image sensor driver 2013-04-04 20:14:01 -03:00
Makefile [media] exynos4-is: Add common FIMC-IS image sensor driver 2013-04-04 20:14:01 -03:00
media-dev.c [media] exynos4-is: Remove redundant module_put() for MIPI-CSIS module 2013-04-25 09:36:25 -03:00
media-dev.h [media] exynos4-is: Make fimc-lite independent of struct fimc_sensor_info 2013-04-14 15:48:44 -03:00
mipi-csis.c [media] exynos4-is: Fix potential null pointer dereference in mipi-csis.c 2013-05-21 08:33:52 -03:00
mipi-csis.h [media] s5p-fimc: Change the driver directory name to exynos4-is 2013-03-31 11:04:03 -03:00