6f957724b9
The firmware class uevent function accessed the "fw_priv->buf" buffer without the proper locking and testing for NULL. This is an old bug (looks like it goes back to 2012 and commit 1244691c73b2: "firmware loader: introduce firmware_buf"), but for some reason it's triggering only now in 4.2-rc1. Shuah Khan is trying to bisect what it is that causes this to trigger more easily, but in the meantime let's just fix the bug since others are hitting it too (at least Ingo reports having seen it as well). Reported-and-tested-by: Shuah Khan <shuahkh@osg.samsung.com> Acked-by: Ming Lei <ming.lei@canonical.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|---|---|---|
| .. | ||
| power | ||
| regmap | ||
| Kconfig | ||
| Makefile | ||
| attribute_container.c | ||
| base.h | ||
| bus.c | ||
| cacheinfo.c | ||
| class.c | ||
| component.c | ||
| container.c | ||
| core.c | ||
| cpu.c | ||
| dd.c | ||
| devcoredump.c | ||
| devres.c | ||
| devtmpfs.c | ||
| dma-coherent.c | ||
| dma-contiguous.c | ||
| dma-mapping.c | ||
| driver.c | ||
| firmware.c | ||
| firmware_class.c | ||
| hypervisor.c | ||
| init.c | ||
| isa.c | ||
| map.c | ||
| memory.c | ||
| module.c | ||
| node.c | ||
| pinctrl.c | ||
| platform.c | ||
| property.c | ||
| soc.c | ||
| syscore.c | ||
| topology.c | ||
| transport_class.c | ||