-
DENG Qingfang authored
If an spi-gpio was specified with num-chipselects = <0> in dts, kernel will crash: Unable to handle kernel paging request at virtual address 32697073 pgd = (ptrval) [32697073] *pgd=00000000 Internal error: Oops: 5 [# 1] SMP ARM Modules linked in: CPU: 2 PID: 1 Comm: swapper/0 Not tainted 4.19.72 #0 Hardware name: Generic DT based system PC is at validate_desc+0x28/0x80 LR is at gpiod_direction_output+0x14/0x128 ... [<c0544db4>] (validate_desc) from [<c0545228>] (gpiod_direction_output+0x14/0x128) [<c0545228>] (gpiod_direction_output) from [<c05fa714>] (spi_gpio_setup+0x58/0x64) [<c05fa714>] (spi_gpio_setup) from [<c05f7258>] (spi_setup+0x12c/0x148) [<c05f7258>] (spi_setup) from [<c05f7330>] (spi_add_device+0xbc/0x12c) [<c05f7330>] (spi_add_device) from [<c05f7f74>] (spi_register_controller+0x838/0x924) [<c05f7f74>] (spi_register_controller) from [<c05fa494>] (spi_bitbang_start+0x108/0x120) [<c05fa494>] (spi_bitbang_start) from [<c05faa34>] (spi_gpio_probe+0x314/0x338) [<c05faa34>] (spi_gpio_probe) from [<c05a844c>] (platform_drv_probe+0x34/0x70) The cause is spi_gpio_setup() did not check if the spi-gpio has chipselect pins before setting their direction and results in derefing an invalid pointer. The bug is spotted in kernel 4.19.72 and does not occur in 4.14. There is a similar fix upstream in kernel 5.2 in commit 249e2632dcd0 ("spi: gpio: Don't request CS GPIO in DT use-case"). Ref: https://patchwork.kernel.org/patch/11150619/ Signed-off-by:DENG Qingfang <dengqf6@mail2.sysu.edu.cn> [use upstream patch, moved from hack to pending dir, commit facelift] Signed-off-by:
Petr Štetiar <ynezz@true.cz>
DENG Qingfang authoredIf an spi-gpio was specified with num-chipselects = <0> in dts, kernel will crash: Unable to handle kernel paging request at virtual address 32697073 pgd = (ptrval) [32697073] *pgd=00000000 Internal error: Oops: 5 [# 1] SMP ARM Modules linked in: CPU: 2 PID: 1 Comm: swapper/0 Not tainted 4.19.72 #0 Hardware name: Generic DT based system PC is at validate_desc+0x28/0x80 LR is at gpiod_direction_output+0x14/0x128 ... [<c0544db4>] (validate_desc) from [<c0545228>] (gpiod_direction_output+0x14/0x128) [<c0545228>] (gpiod_direction_output) from [<c05fa714>] (spi_gpio_setup+0x58/0x64) [<c05fa714>] (spi_gpio_setup) from [<c05f7258>] (spi_setup+0x12c/0x148) [<c05f7258>] (spi_setup) from [<c05f7330>] (spi_add_device+0xbc/0x12c) [<c05f7330>] (spi_add_device) from [<c05f7f74>] (spi_register_controller+0x838/0x924) [<c05f7f74>] (spi_register_controller) from [<c05fa494>] (spi_bitbang_start+0x108/0x120) [<c05fa494>] (spi_bitbang_start) from [<c05faa34>] (spi_gpio_probe+0x314/0x338) [<c05faa34>] (spi_gpio_probe) from [<c05a844c>] (platform_drv_probe+0x34/0x70) The cause is spi_gpio_setup() did not check if the spi-gpio has chipselect pins before setting their direction and results in derefing an invalid pointer. The bug is spotted in kernel 4.19.72 and does not occur in 4.14. There is a similar fix upstream in kernel 5.2 in commit 249e2632dcd0 ("spi: gpio: Don't request CS GPIO in DT use-case"). Ref: https://patchwork.kernel.org/patch/11150619/ Signed-off-by:
