NothingOSS/android_kernel_msm-6.1_nothing_sm7635
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_msm-6.1_noth.../drivers
History
Johan Hovold db98de0809 mfd: qcom-spmi-pmic: Fix revid implementation 
commit 7b439aaa62fee474a0d84d67a25f4984467e7b95 upstream.

The Qualcomm SPMI PMIC revid implementation is broken in multiple ways.

First, it assumes that just because the sibling base device has been
registered that means that it is also bound to a driver, which may not
be the case (e.g. due to probe deferral or asynchronous probe). This
could trigger a NULL-pointer dereference when attempting to access the
driver data of the unbound device.

Second, it accesses driver data of a sibling device directly and without
any locking, which means that the driver data may be freed while it is
being accessed (e.g. on driver unbind).

Third, it leaks a struct device reference to the sibling device which is
looked up using the spmi_device_from_of() every time a function (child)
device is calling the revid function (e.g. on probe).

Fix this mess by reimplementing the revid lookup so that it is done only
at probe of the PMIC device; the base device fetches the revid info from
the hardware, while any secondary SPMI device fetches the information
from the base device and caches it so that it can be accessed safely
from its children. If the base device has not been probed yet then probe
of a secondary device is deferred.

Fixes: e9c11c6e3a ("mfd: qcom-spmi-pmic: expose the PMIC revid information to clients")
Cc: stable@vger.kernel.org      # 6.0
Signed-off-by: Johan Hovold <johan+linaro@kernel.org>
Acked-by: Caleb Connolly <caleb.connolly@linaro.org>
Link: https://lore.kernel.org/r/20231003152927.15000-3-johan+linaro@kernel.org
Signed-off-by: Lee Jones <lee@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-11-28 17:07:12 +00:00
..
accessibility
acpi ACPI: FPDT: properly handle invalid FPDT subtables 2023-11-28 17:07:12 +00:00
amba amba: bus: fix refcount leak 2023-09-13 09:42:56 +02:00
android binder: fix memory leak in binder_init() 2023-08-16 18:27:24 +02:00
ata scsi: sd: Introduce manage_shutdown device flag 2023-11-02 09:35:29 +01:00
atm atm: iphase: Do PCI error checks on own line 2023-11-28 17:07:00 +00:00
auxdisplay
base regmap: Ensure range selector registers are updated after cache sync 2023-11-28 17:07:09 +00:00
bcma
block virtio-blk: fix implicit overflow on virtio_max_dma_size 2023-11-28 17:07:02 +00:00
bluetooth Bluetooth: btusb: Add date->evt_skb is NULL check 2023-11-28 17:06:56 +00:00
bus bus: ti-sysc: Fix SYSC_QUIRK_SWSUP_SIDLE_ACT handling for uart wake-up 2023-10-06 14:56:48 +02:00
cdrom
char hwrng: geode - fix accessing registers 2023-11-20 11:52:04 +01:00
clk clk: qcom: ipq6018: drop the CLK_SET_RATE_PARENT flag from PLL clocks 2023-11-28 17:07:10 +00:00
clocksource clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware 2023-11-28 17:06:55 +00:00
comedi
connector
counter counter: microchip-tcb-capture: Fix the use of internal GCLK logic 2023-10-19 23:08:58 +02:00
cpufreq cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug 2023-09-13 09:43:04 +02:00
cpuidle powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT 2023-09-13 09:42:48 +02:00
crypto crypto: hisilicon/qm - prevent soft lockup in receive loop 2023-11-28 17:07:00 +00:00
cxl cxl/mem: Fix shutdown order 2023-11-20 11:52:13 +01:00
dax dax/kmem: Pass valid argument to memory_group_register_static 2023-07-19 16:21:43 +02:00
dca
devfreq PM / devfreq: rockchip-dfi: Make pmu regmap mandatory 2023-11-20 11:51:54 +01:00
dio
dma dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() 2023-11-20 11:52:10 +01:00
dma-buf dma-buf: add dma_fence_timestamp helper 2023-10-19 23:08:57 +02:00
edac EDAC/igen6: Fix the issue of no error events 2023-09-13 09:42:45 +02:00
eisa
extcon extcon: cht_wc: add POWER_SUPPLY dependency 2023-09-13 09:42:53 +02:00
firewire scsi: sd: Introduce manage_shutdown device flag 2023-11-02 09:35:29 +01:00
firmware firmware: qcom_scm: use 64-bit calling convention only when client is 64-bit 2023-11-28 17:07:12 +00:00
fpga
fsi fsi: aspeed: Reset master errors after CFAM reset 2023-09-13 09:42:54 +02:00
gnss
gpio gpio: vf610: mask the gpio irq in system suspend and support wakeup 2023-10-25 12:03:16 +02:00
gpu i915/perf: Fix NULL deref bugs with drm_dbg() calls 2023-11-28 17:07:07 +00:00
greybus
hid HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W 2023-11-28 17:07:00 +00:00
hsi
hte hte: tegra: Fix missing error code in tegra_hte_test_probe() 2023-11-20 11:51:58 +01:00
hv Drivers: hv: vmbus: Don't dereference ACPI root object handle 2023-09-13 09:42:59 +02:00
hwmon hwmon: (sch5627) Disallow write access if virtual registers are locked 2023-11-20 11:51:58 +01:00
hwspinlock hwspinlock: qcom: add missing regmap config for SFPB MMIO implementation 2023-09-19 12:28:05 +02:00
hwtracing coresight: tmc-etr: Disable warnings for allocation failures 2023-11-08 14:10:57 +01:00
i2c i2c: dev: copy userspace array safely 2023-11-28 17:07:02 +00:00
i3c i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data. 2023-11-28 17:07:02 +00:00
idle intel_idle: add Emerald Rapids Xeon support 2023-10-10 22:00:44 +02:00
iio iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe() 2023-11-28 17:07:01 +00:00
infiniband RDMA/hfi1: Use FIELD_GET() to extract Link Width 2023-11-28 17:06:59 +00:00
input Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() 2023-11-20 11:52:15 +01:00
interconnect interconnect: qcom: sm8350: Set ACV enable_mask 2023-11-20 11:52:12 +01:00
iommu iommu/mediatek: Fix share pgtable for iova over 4GB 2023-10-10 22:00:41 +02:00
ipack
irqchip irqchip/stm32-exti: add missing DT IRQ flag translation 2023-11-08 14:10:57 +01:00
isdn mISDN: Update parameter type of dsp_cmx_send() 2023-08-16 18:27:26 +02:00
leds leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu' 2023-11-20 11:52:08 +01:00
macintosh
mailbox mailbox: qcom-ipcc: fix incorrect num_chans counting 2023-09-19 12:27:58 +02:00
mcb mcb-lpc: Reallocate memory region to avoid memory overlapping 2023-11-02 09:35:22 +01:00
md dm zoned: free dmz->ddev array in dmz_put_zoned_devices 2023-10-10 22:00:44 +02:00
media media: venus: hfi: add checks to perform sanity on queue pointers 2023-11-28 17:07:07 +00:00
memory memory: brcmstb_dpfe: fix testing array offset after use 2023-07-19 16:21:24 +02:00
memstick memstick r592: make memstick_debug_get_tpc_name() static 2023-07-19 16:21:08 +02:00
message scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition 2023-05-24 17:32:37 +01:00
mfd mfd: qcom-spmi-pmic: Fix revid implementation 2023-11-28 17:07:12 +00:00
misc misc: pci_endpoint_test: Add Device ID for R-Car S4-8 PCIe controller 2023-11-28 17:07:00 +00:00
mmc mmc: Add quirk MMC_QUIRK_BROKEN_CACHE_FLUSH for Micron eMMC Q2J54A 2023-11-28 17:07:11 +00:00
most
mtd mtd: rawnand: meson: check return value of devm_kasprintf() 2023-11-28 17:07:03 +00:00
mux
net wifi: wilc1000: use vmm_table as array in wilc struct 2023-11-28 17:07:11 +00:00
nfc nfcsim.c: Fix error checking for debugfs_create_dir 2023-06-28 11:12:36 +02:00
ntb ntb: Fix calculation ntb_transport_tx_free_entry() 2023-09-13 09:43:02 +02:00
nubus nubus: Partially revert proc_create_single_data() conversion 2023-07-05 18:27:37 +01:00
nvdimm nd_btt: Make BTT lanes preemptible 2023-11-20 11:52:05 +01:00
nvme nvme: fix error-handling for io_uring nvme-passthrough 2023-11-20 11:52:17 +01:00
nvmem nvmem: imx: correct nregs for i.MX6UL 2023-11-02 09:35:31 +01:00
of of: dynamic: Fix potential memory leak in of_changeset_action() 2023-10-10 22:00:44 +02:00
opp OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd() 2023-09-13 09:42:28 +02:00
parisc parisc/power: Add power soft-off when running on qemu 2023-11-28 17:07:10 +00:00
parport
pci PCI: exynos: Don't discard .remove() callback 2023-11-28 17:07:11 +00:00
pcmcia pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() 2023-11-20 11:52:13 +01:00
peci
perf perf: hisi: Fix use-after-free when register pmu fails 2023-11-20 11:52:01 +01:00
phy phy: mapphone-mdm6600: Fix pinctrl_pm handling for sleep pins 2023-10-25 12:03:16 +02:00
pinctrl pinctrl: renesas: rzg2l: Make reverse order of enable() for disable() 2023-11-20 11:52:10 +01:00
platform platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e 2023-11-28 17:06:56 +00:00
pnp
power power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint 2023-11-08 14:11:02 +01:00
powercap powercap: RAPL: Fix CONFIG_IOSF_MBI dependency 2023-07-19 16:21:00 +02:00
pps
ps3
ptp ptp: annotate data-race around q->head and q->tail 2023-11-28 17:07:05 +00:00
pwm pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume 2023-11-20 11:52:15 +01:00
rapidio
ras
regulator regulator: mt6358: Fail probe on unknown chip ID 2023-11-20 11:51:56 +01:00
remoteproc remoteproc: imx_dsp_rproc: Fix kernel test robot sparse warning 2023-05-24 17:32:53 +01:00
reset
rpmsg rpmsg: glink: Add check for kstrdup 2023-09-13 09:42:58 +02:00
rtc rtc: pcf85363: fix wrong mask/val parameters in regmap_update_bits call 2023-11-20 11:52:13 +01:00
s390 s390/cio: fix a memleak in css_alloc_subchannel 2023-10-25 12:03:15 +02:00
sbus
scsi scsi: qla2xxx: Fix system crash due to bad pointer access 2023-11-28 17:07:07 +00:00
sh
siox
slimbus
soc soc: qcom: llcc: Handle a second device without data corruption 2023-11-20 11:52:02 +01:00
soundwire soundwire: dmi-quirks: update HP Omen match 2023-11-28 17:07:01 +00:00
spi spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies 2023-11-20 11:52:18 +01:00
spmi
ssb
staging media: cedrus: Fix clock/reset sequence 2023-11-20 11:52:14 +01:00
target scsi: target: core: Fix deadlock due to recursive locking 2023-10-10 22:00:41 +02:00
tc
tee tee: amdtee: fix use-after-free vulnerability in amdtee_close_session 2023-10-19 23:08:57 +02:00
thermal thermal: core: prevent potential string overflow 2023-11-20 11:51:54 +01:00
thunderbolt thunderbolt: Apply USB 3.x bandwidth quirk only in software connection manager 2023-11-28 17:07:01 +00:00
tty hvc/xen: fix event channel handling for secondary consoles 2023-11-28 17:07:08 +00:00
ufs scsi: ufs: core: Leave space for '\0' in utf8 desc string 2023-11-20 11:52:07 +01:00
uio
usb usb: gadget: f_ncm: Always set current gadget in ncm_bind() 2023-11-28 17:07:01 +00:00
vdpa vdpa: Enable strict validation for netlinks ops 2023-08-23 17:52:31 +02:00
vfio vfio/mdev: Fix a null-ptr-deref bug for mdev_unregister_parent() 2023-10-06 14:56:45 +02:00
vhost vhost-vdpa: fix use after free in vhost_vdpa_probe() 2023-11-28 17:07:04 +00:00
video fbdev: fsl-diu-fb: mark wr_reg_wa() static 2023-11-20 11:52:18 +01:00
virt virt: sevguest: Fix passing a stack buffer as a scatterlist target 2023-11-20 11:52:13 +01:00
virtio virtio_pci: fix the common cfg map size 2023-11-02 09:35:23 +01:00
vlynq
w1 w1: fix loop in w1_fini() 2023-07-19 16:21:48 +02:00
watchdog watchdog: ixp4xx: Make sure restart always works 2023-11-20 11:52:15 +01:00
xen xen/events: fix delayed eoi list handling 2023-11-28 17:07:05 +00:00
zorro
Kconfig
Makefile