NothingOSS/android_kernel_msm-6.1_nothing_sm7635
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_msm-6.1_noth.../drivers
History
Miquel Raynal 3e28d59a5f of: Fix modalias string generation 
[ Upstream commit b19a4266c52de78496fe40f0b37580a3b762e67d ]

The helper generating an OF based modalias (of_device_get_modalias())
works fine, but due to the use of snprintf() internally it needs a
buffer one byte longer than what should be needed just for the entire
string (excluding the '\0'). Most users of this helper are sysfs hooks
providing the modalias string to users. They all provide a PAGE_SIZE
buffer which is way above the number of bytes required to fit the
modalias string and hence do not suffer from this issue.

There is another user though, of_device_request_module(), which is only
called by drivers/usb/common/ulpi.c. This request module function is
faulty, but maybe because in most cases there is an alternative, ULPI
driver users have not noticed it.

In this function, of_device_get_modalias() is called twice. The first
time without buffer just to get the number of bytes required by the
modalias string (excluding the null byte), and a second time, after
buffer allocation, to fill the buffer. The allocation asks for an
additional byte, in order to store the trailing '\0'. However, the
buffer *length* provided to of_device_get_modalias() excludes this extra
byte. The internal use of snprintf() with a length that is exactly the
number of bytes to be written has the effect of using the last available
byte to store a '\0', which then smashes the last character of the
modalias string.

Provide the actual size of the buffer to of_device_get_modalias() to fix
this issue.

Note: the "str[size - 1] = '\0';" line is not really needed as snprintf
will anyway end the string with a null byte, but there is a possibility
that this function might be called on a struct device_node without
compatible, in this case snprintf() would not be executed. So we keep it
just to avoid possible unbounded strings.

Cc: Stephen Boyd <sboyd@kernel.org>
Cc: Peter Chen <peter.chen@kernel.org>
Fixes: 9c829c097f ("of: device: Support loading a module with OF based modalias")
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org>
Link: https://lore.kernel.org/r/20230404172148.82422-2-srinivas.kandagatla@linaro.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-05-11 23:03:28 +09:00
..
accessibility tty: fix possible null-ptr-defer in spk_ttyio_release 2023-01-24 07:24:37 +01:00
acpi ACPI: bus: Ensure that notify handlers are not running after removal 2023-05-11 23:03:16 +09:00
amba
android
ata ata: ahci: Revert "ata: ahci: Add Tiger Lake UP{3,4} AHCI controller" 2023-03-10 09:32:32 +01:00
atm atm: idt77252: fix kmemleak when rmmod idt77252 2023-03-30 12:49:09 +02:00
auxdisplay auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() 2023-03-11 13:55:16 +01:00
base tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem 2023-05-11 23:03:01 +09:00
bcma
block block: ublk_drv: mark device as LIVE before adding disk 2023-04-20 12:35:11 +02:00
bluetooth Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" 2023-05-11 23:03:26 +09:00
bus bus: mhi: host: Range check CHDBOFF and ERDBOFF 2023-05-11 23:03:05 +09:00
cdrom
char ipmi: ASPEED_BT_IPMI_BMC: select REGMAP_MMIO instead of depending on it 2023-05-11 23:03:26 +09:00
clk clk: rs9: Fix suspend/resume 2023-04-20 12:35:08 +02:00
clocksource clocksource/drivers/riscv: Patch riscv_clock_next_event() jump before first use 2023-03-10 09:33:03 +01:00
comedi comedi: adv_pci1760: Fix PWM instruction handling 2023-01-24 07:24:35 +01:00
connector
counter counter: 104-quad-8: Fix Synapse action reported for Index signals 2023-04-13 16:55:31 +02:00
cpufreq cpufreq: use correct unit when verify cur freq 2023-05-11 23:03:16 +09:00
cpuidle RISC-V: Align SBI probe implementation with spec 2023-05-11 23:03:04 +09:00
crypto crypto: sa2ul - Select CRYPTO_DES 2023-05-11 23:03:20 +09:00
cxl cxl/hdm: Fail upon detecting 0-sized decoders 2023-05-11 23:03:05 +09:00
dax dax/kmem: Fix leak of memory-hotplug resources 2023-03-10 09:34:25 +01:00
dca
devfreq PM/devfreq: governor: Add a private governor_data for governor 2023-01-07 11:11:40 +01:00
dio drivers: dio: fix possible memory leak in dio_init() 2022-12-31 13:32:38 +01:00
dma dmaengine: apple-admac: Fix 'current_tx' not getting freed 2023-04-20 12:35:08 +02:00
dma-buf dma-buf: actually set signaling bit for private stub fences 2023-02-09 11:28:23 +01:00
edac EDAC/skx: Fix overflows on the DRAM row address mapping arrays 2023-05-11 23:03:08 +09:00
eisa
extcon extcon: usbc-tusb320: Update state on probe even if no IRQ pending 2022-12-31 13:32:39 +01:00
firewire firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region 2023-02-09 11:27:59 +01:00
firmware firmware: arm_scmi: Fix xfers allocation on Rx channel 2023-05-11 23:03:11 +09:00
fpga fpga: bridge: fix kernel-doc parameter description 2023-05-11 23:03:27 +09:00
fsi use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
gnss
gpio gpiolib: acpi: Add a ignore wakeup quirk for Clevo NL5xNU 2023-05-01 08:26:27 +09:00
gpu drm/i915: Make intel_get_crtc_new_encoder() less oopsy 2023-05-11 23:03:16 +09:00
greybus
hid HID: intel-ish-hid: Fix kernel panic during warm reset 2023-04-20 12:35:13 +02:00
hsi HSI: omap_ssi_core: Fix error handling in ssi_init() 2022-12-31 13:32:45 +01:00
hte
hv Drivers: vmbus: Check for channel allocation before looking up relids 2023-04-13 16:55:18 +02:00
hwmon hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E 2023-05-11 23:03:16 +09:00
hwspinlock
hwtracing coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug 2023-04-13 16:55:30 +02:00
i2c i2c: omap: Fix standard mode false ACK readings 2023-05-11 23:03:04 +09:00
i3c
idle Revert "cpuidle, intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE *again*" 2023-04-06 12:10:58 +02:00
iio iio: light: max44009: add missing OF device matching 2023-05-11 23:03:27 +09:00
infiniband scsi: target: iscsit: isert: Alloc per conn cmd counter 2023-05-11 23:03:19 +09:00
input Input: pegasus-notetaker - check pipe type when probing 2023-04-26 14:28:43 +02:00
interconnect interconnect: qcom: rpm: drop bogus pm domain attach 2023-05-11 23:03:28 +09:00
iommu iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE 2023-05-11 23:03:04 +09:00
ipack
irqchip irqchip/irq-bcm7120-l2: Set IRQ_LEVEL for level triggered interrupts 2023-03-10 09:33:07 +01:00
isdn use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
leds pwm: Make .get_state() callback return an error code 2023-04-13 16:55:18 +02:00
macintosh macintosh: windfarm: Use unsigned type for 1-bit bitfields 2023-03-17 08:50:31 +01:00
mailbox mailbox: mpfs: switch to txdone_poll 2023-05-11 23:03:12 +09:00
mcb mcb: mcb-parse: fix error handing in chameleon_parse_gdd() 2022-12-31 13:32:41 +01:00
md md/raid10: don't call bio_start_io_acct twice for bio which experienced read error 2023-05-11 23:03:23 +09:00
media media: mediatek: vcodec: add remove function for decoder platform driver 2023-05-11 23:03:16 +09:00
memory memory: tegra30-emc: fix interconnect registration race 2023-03-22 13:33:56 +01:00
memstick memstick: fix memory leak if card device is never registered 2023-04-26 14:28:39 +02:00
message
mfd mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak 2023-03-11 13:55:32 +01:00
misc vmci_host: fix a race condition in vmci_host_poll() causing GPF 2023-05-11 23:03:28 +09:00
mmc mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data 2023-05-11 23:03:11 +09:00
most
mtd ubi: Fix return value overwrite issue in try_write_vid_and_data() 2023-05-11 23:03:05 +09:00
mux
net net: amd: Fix link leak when verifying config failed 2023-05-11 23:03:26 +09:00
nfc nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition 2023-03-22 13:33:46 +01:00
ntb
nubus
nvdimm cxl/pmem: Fix nvdimm registration races 2023-03-10 09:34:20 +01:00
nvme nvme-fcloop: fix "inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage" 2023-05-11 23:03:22 +09:00
nvmem nvmem: core: fix return value 2023-02-09 11:28:25 +01:00
of of: Fix modalias string generation 2023-05-11 23:03:28 +09:00
opp OPP: fix error checking in opp_migrate_dentry() 2023-03-10 09:33:01 +01:00
parisc parisc: led: Fix potential null-ptr-deref in start_task() 2023-01-07 11:11:55 +01:00
parport
pci PCI: imx6: Install the fault handler only on compatible match 2023-05-11 23:03:28 +09:00
pcmcia
peci
perf perf/arm-cmn: Fix port detection for CMN-700 2023-05-11 23:03:16 +09:00
phy phy: qcom-qmp-pcie: sc8180x PCIe PHY has 2 lanes 2023-05-11 23:02:59 +09:00
pinctrl pinctrl: qcom: lpass-lpi: set output value before enabling output 2023-05-11 23:03:02 +09:00
platform platform/chrome: cros_typec_switch: Add missing fwnode_handle_put() 2023-05-11 23:03:16 +09:00
pnp PNP: fix name memory leak in pnp_alloc_dev() 2022-12-31 13:31:56 +01:00
power power: supply: axp288_fuel_gauge: Added check for negative values 2023-04-20 12:35:10 +02:00
powercap powercap: fix possible name leak in powercap_register_zone() 2023-03-10 09:32:56 +01:00
pps
ps3
ptp ptp_qoriq: fix memory leak in probe() 2023-04-06 12:10:44 +02:00
pwm pwm: meson: Fix g12a ao clk81 name 2023-05-11 23:03:02 +09:00
rapidio rapidio: devices: fix missing put_device in mport_cdev_open 2022-12-31 13:32:00 +01:00
ras
regulator regulator: stm32-pwr: fix of_iomap leak 2023-05-11 23:03:16 +09:00
remoteproc remoteproc/mtk_scp: Move clk ops outside send_lock 2023-03-10 09:34:26 +01:00
reset reset: uniphier-glue: Fix possible null-ptr-deref 2023-02-01 08:34:05 +01:00
rpmsg rpmsg: glink: Propagate TX failures in intentless mode as well 2023-05-11 23:03:16 +09:00
rtc rtc: allow rtc_read_alarm without read_alarm callback 2023-03-11 13:55:30 +01:00
s390 s390/vfio-ap: fix memory leak in vfio_ap device driver 2023-04-06 12:10:46 +02:00
sbus
scsi scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() 2023-05-11 23:03:21 +09:00
sh
siox
slimbus
soc soc: renesas: renesas-soc: Release 'chipid' from ioremap() 2023-05-11 23:03:12 +09:00
soundwire soundwire: qcom: correct setting ignore bit on v1.5.1 2023-05-11 23:03:02 +09:00
spi spi: fsl-spi: Fix CPM/QE mode Litte Endian 2023-05-11 23:03:28 +09:00
spmi
ssb
staging drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler() 2023-05-11 23:03:27 +09:00
target scsi: target: iscsit: Fix TAS handling during conn cleanup 2023-05-11 23:03:19 +09:00
tc
tee tee: amdtee: fix race condition in amdtee_open_session 2023-03-30 12:49:29 +02:00
thermal thermal: intel: BXT_PMIC: select REGMAP instead of depending on it 2023-03-11 13:55:32 +01:00
thunderbolt thunderbolt: Limit USB3 bandwidth of certain Intel USB4 host routers 2023-04-06 12:10:33 +02:00
tty serial: 8250_bcm7271: Fix arbitration handling 2023-05-11 23:03:27 +09:00
ufs scsi: ufs: core: Add soft dependency on governor_simpleondemand 2023-03-30 12:49:17 +02:00
uio uio: uio_dmem_genirq: Fix deadlock between irq config and handling 2022-12-31 13:32:38 +01:00
usb usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition 2023-05-11 23:03:27 +09:00
vdpa vp_vdpa: fix the crash in hot unplug with vp_vdpa 2023-03-22 13:34:03 +01:00
vfio vfio/type1: restore locked_vm 2023-03-10 09:34:32 +01:00
vhost vhost-vdpa: free iommu domain after last use during cleanup 2023-03-22 13:33:44 +01:00
video fbcon: set_con2fb_map needs to set con2fb_map! 2023-04-20 12:35:07 +02:00
virt virt/coco/sev-guest: Double-buffer messages 2023-05-11 23:03:10 +09:00
virtio virtio_pci: modify ENOENT to EINVAL 2023-01-24 07:24:31 +01:00
vlynq
w1 w1: fix WARNING after calling w1_process() 2023-02-01 08:34:26 +01:00
watchdog watchdog: sbsa_wdog: Make sure the timeout programming is within the limits 2023-03-11 13:55:24 +01:00
xen ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 2023-05-11 23:03:11 +09:00
zorro
Kconfig
Makefile