OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/drivers/cpufreq
History
Oliver O'Halloran af80e6f70f cpufreq: powernv: Fix use-after-free 
commit d0a72efac8 upstream.

The cpufreq driver has a use-after-free that we can hit if:

a) There's an OCC message pending when the notifier is registered, and
b) The cpufreq driver fails to register with the core.

When a) occurs the notifier schedules a workqueue item to handle the
message. The backing work_struct is located on chips[].throttle and
when b) happens we clean up by freeing the array. Once we get to
the (now free) queued item and the kernel crashes.

Fixes: c5e29ea7ac ("cpufreq: powernv: Fix bugs in powernv_cpufreq_{init/exit}")
Cc: stable@vger.kernel.org # v4.6+
Signed-off-by: Oliver O'Halloran <oohall@gmail.com>
Reviewed-by: Gautham R. Shenoy <ego@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20200206062622.28235-1-oohall@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-04-17 10:50:22 +02:00
..
Kconfig
Kconfig.arm
Kconfig.powerpc
Kconfig.x86
Makefile
acpi-cpufreq.c
amd_freq_sensitivity.c
arm_big_little.c
arm_big_little.h
armada-8k-cpufreq.c
armada-37xx-cpufreq.c
bmips-cpufreq.c
brcmstb-avs-cpufreq.c
cppc_cpufreq.c
cpufreq-dt-platdev.c
cpufreq-dt.c
cpufreq-dt.h
cpufreq-nforce2.c
cpufreq.c
cpufreq_conservative.c
cpufreq_governor.c
cpufreq_governor.h
cpufreq_governor_attr_set.c
cpufreq_ondemand.c
cpufreq_ondemand.h
cpufreq_performance.c
cpufreq_powersave.c
cpufreq_stats.c
cpufreq_userspace.c
davinci-cpufreq.c
e_powersaver.c
elanfreq.c
freq_table.c
gx-suspmod.c
highbank-cpufreq.c
ia64-acpi-cpufreq.c
imx-cpufreq-dt.c
imx6q-cpufreq.c cpufreq: imx6q: fix error handling 2020-04-17 10:50:03 +02:00
intel_pstate.c
kirkwood-cpufreq.c
longhaul.c
longhaul.h
longrun.c
loongson1-cpufreq.c
loongson2_cpufreq.c
maple-cpufreq.c
mediatek-cpufreq.c
mvebu-cpufreq.c
omap-cpufreq.c
p4-clockmod.c
pasemi-cpufreq.c
pcc-cpufreq.c
pmac32-cpufreq.c
pmac64-cpufreq.c
powernow-k6.c
powernow-k7.c
powernow-k7.h
powernow-k8.c
powernow-k8.h
powernv-cpufreq.c cpufreq: powernv: Fix use-after-free 2020-04-17 10:50:22 +02:00
ppc_cbe_cpufreq.c
ppc_cbe_cpufreq.h
ppc_cbe_cpufreq_pervasive.c
ppc_cbe_cpufreq_pmi.c
pxa2xx-cpufreq.c
pxa3xx-cpufreq.c
qcom-cpufreq-hw.c
qcom-cpufreq-nvmem.c
qoriq-cpufreq.c
raspberrypi-cpufreq.c
s3c24xx-cpufreq-debugfs.c
s3c24xx-cpufreq.c
s3c64xx-cpufreq.c
s3c2410-cpufreq.c
s3c2412-cpufreq.c
s3c2416-cpufreq.c
s3c2440-cpufreq.c
s5pv210-cpufreq.c
sa1100-cpufreq.c
sa1110-cpufreq.c
sc520_freq.c
scmi-cpufreq.c
scpi-cpufreq.c
sfi-cpufreq.c
sh-cpufreq.c
sparc-us2e-cpufreq.c
sparc-us3-cpufreq.c
spear-cpufreq.c
speedstep-centrino.c
speedstep-ich.c
speedstep-lib.c
speedstep-lib.h
speedstep-smi.c
sti-cpufreq.c
sun50i-cpufreq-nvmem.c
tango-cpufreq.c
tegra20-cpufreq.c
tegra124-cpufreq.c
tegra186-cpufreq.c
ti-cpufreq.c
unicore2-cpufreq.c
vexpress-spc-cpufreq.c