android/android_kernel_samsung_sm8650
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c55fc098fd
android_kernel_samsung_sm8650/drivers
History
Qu Huang 6c1b3d89a2 drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL 
[ Upstream commit 5104fdf50d326db2c1a994f8b35dcd46e63ae4ad ]

In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL. Below are the steps to reproduce this issue and the corresponding exception log:

1. Navigate to the directory: /sys/kernel/debug/dri/0
2. Execute command: cat amdgpu_regs_smc
3. Exception Log::
[4005007.702554] BUG: kernel NULL pointer dereference, address: 0000000000000000
[4005007.702562] #PF: supervisor instruction fetch in kernel mode
[4005007.702567] #PF: error_code(0x0010) - not-present page
[4005007.702570] PGD 0 P4D 0
[4005007.702576] Oops: 0010 [#1] SMP NOPTI
[4005007.702581] CPU: 4 PID: 62563 Comm: cat Tainted: G           OE     5.15.0-43-generic #46-Ubunt       u
[4005007.702590] RIP: 0010:0x0
[4005007.702598] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
[4005007.702600] RSP: 0018:ffffa82b46d27da0 EFLAGS: 00010206
[4005007.702605] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffa82b46d27e68
[4005007.702609] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff9940656e0000
[4005007.702612] RBP: ffffa82b46d27dd8 R08: 0000000000000000 R09: ffff994060c07980
[4005007.702615] R10: 0000000000020000 R11: 0000000000000000 R12: 00007f5e06753000
[4005007.702618] R13: ffff9940656e0000 R14: ffffa82b46d27e68 R15: 00007f5e06753000
[4005007.702622] FS:  00007f5e0755b740(0000) GS:ffff99479d300000(0000) knlGS:0000000000000000
[4005007.702626] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[4005007.702629] CR2: ffffffffffffffd6 CR3: 00000003253fc000 CR4: 00000000003506e0
[4005007.702633] Call Trace:
[4005007.702636]  <TASK>
[4005007.702640]  amdgpu_debugfs_regs_smc_read+0xb0/0x120 [amdgpu]
[4005007.703002]  full_proxy_read+0x5c/0x80
[4005007.703011]  vfs_read+0x9f/0x1a0
[4005007.703019]  ksys_read+0x67/0xe0
[4005007.703023]  __x64_sys_read+0x19/0x20
[4005007.703028]  do_syscall_64+0x5c/0xc0
[4005007.703034]  ? do_user_addr_fault+0x1e3/0x670
[4005007.703040]  ? exit_to_user_mode_prepare+0x37/0xb0
[4005007.703047]  ? irqentry_exit_to_user_mode+0x9/0x20
[4005007.703052]  ? irqentry_exit+0x19/0x30
[4005007.703057]  ? exc_page_fault+0x89/0x160
[4005007.703062]  ? asm_exc_page_fault+0x8/0x30
[4005007.703068]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[4005007.703075] RIP: 0033:0x7f5e07672992
[4005007.703079] Code: c0 e9 b2 fe ff ff 50 48 8d 3d fa b2 0c 00 e8 c5 1d 02 00 0f 1f 44 00 00 f3 0f        1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 e       c 28 48 89 54 24
[4005007.703083] RSP: 002b:00007ffe03097898 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[4005007.703088] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5e07672992
[4005007.703091] RDX: 0000000000020000 RSI: 00007f5e06753000 RDI: 0000000000000003
[4005007.703094] RBP: 00007f5e06753000 R08: 00007f5e06752010 R09: 00007f5e06752010
[4005007.703096] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000022000
[4005007.703099] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000
[4005007.703105]  </TASK>
[4005007.703107] Modules linked in: nf_tables libcrc32c nfnetlink algif_hash af_alg binfmt_misc nls_       iso8859_1 ipmi_ssif ast intel_rapl_msr intel_rapl_common drm_vram_helper drm_ttm_helper amd64_edac t       tm edac_mce_amd kvm_amd ccp mac_hid k10temp kvm acpi_ipmi ipmi_si rapl sch_fq_codel ipmi_devintf ipm       i_msghandler msr parport_pc ppdev lp parport mtd pstore_blk efi_pstore ramoops pstore_zone reed_solo       mon ip_tables x_tables autofs4 ib_uverbs ib_core amdgpu(OE) amddrm_ttm_helper(OE) amdttm(OE) iommu_v       2 amd_sched(OE) amdkcl(OE) drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops cec rc_core        drm igb ahci xhci_pci libahci i2c_piix4 i2c_algo_bit xhci_pci_renesas dca
[4005007.703184] CR2: 0000000000000000
[4005007.703188] ---[ end trace ac65a538d240da39 ]---
[4005007.800865] RIP: 0010:0x0
[4005007.800871] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
[4005007.800874] RSP: 0018:ffffa82b46d27da0 EFLAGS: 00010206
[4005007.800878] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffa82b46d27e68
[4005007.800881] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff9940656e0000
[4005007.800883] RBP: ffffa82b46d27dd8 R08: 0000000000000000 R09: ffff994060c07980
[4005007.800886] R10: 0000000000020000 R11: 0000000000000000 R12: 00007f5e06753000
[4005007.800888] R13: ffff9940656e0000 R14: ffffa82b46d27e68 R15: 00007f5e06753000
[4005007.800891] FS:  00007f5e0755b740(0000) GS:ffff99479d300000(0000) knlGS:0000000000000000
[4005007.800895] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[4005007.800898] CR2: ffffffffffffffd6 CR3: 00000003253fc000 CR4: 00000000003506e0

Signed-off-by: Qu Huang <qu.huang@linux.dev>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-11-28 17:06:58 +00:00
..
accessibility
acpi ACPI: EC: Add quirk for HP 250 G7 Notebook PC 2023-11-28 17:06:56 +00:00
amba amba: bus: fix refcount leak 2023-09-13 09:42:56 +02:00
android binder: fix memory leak in binder_init() 2023-08-16 18:27:24 +02:00
ata scsi: sd: Introduce manage_shutdown device flag 2023-11-02 09:35:29 +01:00
atm
auxdisplay
base regmap: prevent noinc writes from clobbering cache 2023-11-20 11:52:15 +01:00
bcma
block nbd: fix uaf in nbd_open 2023-11-20 11:52:17 +01:00
bluetooth Bluetooth: btusb: Add date->evt_skb is NULL check 2023-11-28 17:06:56 +00:00
bus bus: ti-sysc: Fix SYSC_QUIRK_SWSUP_SIDLE_ACT handling for uart wake-up 2023-10-06 14:56:48 +02:00
cdrom
char hwrng: geode - fix accessing registers 2023-11-20 11:52:04 +01:00
clk clk: scmi: Free scmi_clk allocated when the clocks with invalid info are skipped 2023-11-20 11:52:03 +01:00
clocksource clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware 2023-11-28 17:06:55 +00:00
comedi
connector
counter counter: microchip-tcb-capture: Fix the use of internal GCLK logic 2023-10-19 23:08:58 +02:00
cpufreq cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug 2023-09-13 09:43:04 +02:00
cpuidle powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT 2023-09-13 09:42:48 +02:00
crypto crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL 2023-11-20 11:52:13 +01:00
cxl cxl/mem: Fix shutdown order 2023-11-20 11:52:13 +01:00
dax dax/kmem: Pass valid argument to memory_group_register_static 2023-07-19 16:21:43 +02:00
dca
devfreq PM / devfreq: rockchip-dfi: Make pmu regmap mandatory 2023-11-20 11:51:54 +01:00
dio
dma dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() 2023-11-20 11:52:10 +01:00
dma-buf dma-buf: add dma_fence_timestamp helper 2023-10-19 23:08:57 +02:00
edac EDAC/igen6: Fix the issue of no error events 2023-09-13 09:42:45 +02:00
eisa
extcon extcon: cht_wc: add POWER_SUPPLY dependency 2023-09-13 09:42:53 +02:00
firewire scsi: sd: Introduce manage_shutdown device flag 2023-11-02 09:35:29 +01:00
firmware firmware: arm_ffa: Allow the FF-A drivers to use 32bit mode of messaging 2023-11-20 11:52:03 +01:00
fpga fpga: bridge: fix kernel-doc parameter description 2023-05-11 23:03:27 +09:00
fsi fsi: aspeed: Reset master errors after CFAM reset 2023-09-13 09:42:54 +02:00
gnss
gpio gpio: vf610: mask the gpio irq in system suspend and support wakeup 2023-10-25 12:03:16 +02:00
gpu drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL 2023-11-28 17:06:58 +00:00
greybus
hid HID: logitech-hidpp: Move get_wireless_feature_index() check to hidpp_connect_event() 2023-11-20 11:52:07 +01:00
hsi
hte hte: tegra: Fix missing error code in tegra_hte_test_probe() 2023-11-20 11:51:58 +01:00
hv Drivers: hv: vmbus: Don't dereference ACPI root object handle 2023-09-13 09:42:59 +02:00
hwmon hwmon: (sch5627) Disallow write access if virtual registers are locked 2023-11-20 11:51:58 +01:00
hwspinlock hwspinlock: qcom: add missing regmap config for SFPB MMIO implementation 2023-09-19 12:28:05 +02:00
hwtracing coresight: tmc-etr: Disable warnings for allocation failures 2023-11-08 14:10:57 +01:00
i2c i2c: iproc: handle invalid slave state 2023-11-20 11:52:17 +01:00
i3c i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs 2023-11-20 11:52:13 +01:00
idle intel_idle: add Emerald Rapids Xeon support 2023-10-10 22:00:44 +02:00
iio iio: frequency: adf4350: Use device managed functions and fix power down issue. 2023-11-20 11:52:09 +01:00
infiniband IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF 2023-11-20 11:52:08 +01:00
input Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() 2023-11-20 11:52:15 +01:00
interconnect interconnect: qcom: sm8350: Set ACV enable_mask 2023-11-20 11:52:12 +01:00
iommu iommu/mediatek: Fix share pgtable for iova over 4GB 2023-10-10 22:00:41 +02:00
ipack
irqchip irqchip/stm32-exti: add missing DT IRQ flag translation 2023-11-08 14:10:57 +01:00
isdn mISDN: Update parameter type of dsp_cmx_send() 2023-08-16 18:27:26 +02:00
leds leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu' 2023-11-20 11:52:08 +01:00
macintosh macintosh: via-pmu-led: requires ATA to be set 2023-05-11 23:03:31 +09:00
mailbox mailbox: qcom-ipcc: fix incorrect num_chans counting 2023-09-19 12:27:58 +02:00
mcb mcb-lpc: Reallocate memory region to avoid memory overlapping 2023-11-02 09:35:22 +01:00
md dm zoned: free dmz->ddev array in dmz_put_zoned_devices 2023-10-10 22:00:44 +02:00
media media: cec: meson: always include meson sub-directory in Makefile 2023-11-20 11:52:15 +01:00
memory memory: brcmstb_dpfe: fix testing array offset after use 2023-07-19 16:21:24 +02:00
memstick memstick r592: make memstick_debug_get_tpc_name() static 2023-07-19 16:21:08 +02:00
message scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition 2023-05-24 17:32:37 +01:00
mfd mfd: arizona-spi: Set pdata.hpdet_channel for ACPI enumerated devs 2023-11-20 11:52:08 +01:00
misc misc: st_core: Do not call kfree_skb() under spin_lock_irqsave() 2023-11-20 11:52:10 +01:00
mmc Revert "mmc: core: Capture correct oemid-bits for eMMC cards" 2023-11-20 11:52:18 +01:00
most
mtd mtd: physmap-core: Restore map_rom fallback 2023-10-25 12:03:13 +02:00
mux
net tsnep: Fix tsnep_request_irq() format-overflow warning 2023-11-28 17:06:56 +00:00
nfc nfcsim.c: Fix error checking for debugfs_create_dir 2023-06-28 11:12:36 +02:00
ntb ntb: Fix calculation ntb_transport_tx_free_entry() 2023-09-13 09:43:02 +02:00
nubus nubus: Partially revert proc_create_single_data() conversion 2023-07-05 18:27:37 +01:00
nvdimm nd_btt: Make BTT lanes preemptible 2023-11-20 11:52:05 +01:00
nvme nvme: fix error-handling for io_uring nvme-passthrough 2023-11-20 11:52:17 +01:00
nvmem nvmem: imx: correct nregs for i.MX6UL 2023-11-02 09:35:31 +01:00
of of: dynamic: Fix potential memory leak in of_changeset_action() 2023-10-10 22:00:44 +02:00
opp OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd() 2023-09-13 09:42:28 +02:00
parisc parisc: iosapic.c: Fix sparse warnings 2023-10-06 14:56:51 +02:00
parport
pci PCI: vmd: Correct PCI Header Type Register's multi-function check 2023-11-20 11:52:05 +01:00
pcmcia pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() 2023-11-20 11:52:13 +01:00
peci
perf perf: hisi: Fix use-after-free when register pmu fails 2023-11-20 11:52:01 +01:00
phy phy: mapphone-mdm6600: Fix pinctrl_pm handling for sleep pins 2023-10-25 12:03:16 +02:00
pinctrl pinctrl: renesas: rzg2l: Make reverse order of enable() for disable() 2023-11-20 11:52:10 +01:00
platform platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e 2023-11-28 17:06:56 +00:00
pnp
power power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint 2023-11-08 14:11:02 +01:00
powercap powercap: RAPL: Fix CONFIG_IOSF_MBI dependency 2023-07-19 16:21:00 +02:00
pps
ps3
ptp ptp: ocp: Fix error handling in ptp_ocp_device_init 2023-10-10 22:00:42 +02:00
pwm pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume 2023-11-20 11:52:15 +01:00
rapidio
ras
regulator regulator: mt6358: Fail probe on unknown chip ID 2023-11-20 11:51:56 +01:00
remoteproc remoteproc: imx_dsp_rproc: Fix kernel test robot sparse warning 2023-05-24 17:32:53 +01:00
reset
rpmsg rpmsg: glink: Add check for kstrdup 2023-09-13 09:42:58 +02:00
rtc rtc: pcf85363: fix wrong mask/val parameters in regmap_update_bits call 2023-11-20 11:52:13 +01:00
s390 s390/cio: fix a memleak in css_alloc_subchannel 2023-10-25 12:03:15 +02:00
sbus
scsi scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall return code 2023-11-20 11:52:05 +01:00
sh
siox
slimbus
soc soc: qcom: llcc: Handle a second device without data corruption 2023-11-20 11:52:02 +01:00
soundwire soundwire: fix enumeration completion 2023-08-03 10:24:15 +02:00
spi spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies 2023-11-20 11:52:18 +01:00
spmi spmi: Add a check for remove callback when removing a SPMI driver 2023-05-11 23:03:31 +09:00
ssb
staging media: cedrus: Fix clock/reset sequence 2023-11-20 11:52:14 +01:00
target scsi: target: core: Fix deadlock due to recursive locking 2023-10-10 22:00:41 +02:00
tc
tee tee: amdtee: fix use-after-free vulnerability in amdtee_close_session 2023-10-19 23:08:57 +02:00
thermal thermal: core: prevent potential string overflow 2023-11-20 11:51:54 +01:00
thunderbolt thunderbolt: Restart XDomain discovery handshake after failure 2023-10-19 23:08:56 +02:00
tty tty: tty_jobctrl: fix pid memleak in disassociate_ctty() 2023-11-20 11:52:09 +01:00
ufs scsi: ufs: core: Leave space for '\0' in utf8 desc string 2023-11-20 11:52:07 +01:00
uio
usb usb: host: xhci-plat: fix possible kernel oops while resuming 2023-11-20 11:52:12 +01:00
vdpa vdpa: Enable strict validation for netlinks ops 2023-08-23 17:52:31 +02:00
vfio vfio/mdev: Fix a null-ptr-deref bug for mdev_unregister_parent() 2023-10-06 14:56:45 +02:00
vhost virtio/vsock: replace virtio_vsock_pkt with sk_buff 2023-11-20 11:52:17 +01:00
video fbdev: fsl-diu-fb: mark wr_reg_wa() static 2023-11-20 11:52:18 +01:00
virt virt: sevguest: Fix passing a stack buffer as a scatterlist target 2023-11-20 11:52:13 +01:00
virtio virtio_pci: fix the common cfg map size 2023-11-02 09:35:23 +01:00
vlynq
w1 w1: fix loop in w1_fini() 2023-07-19 16:21:48 +02:00
watchdog watchdog: ixp4xx: Make sure restart always works 2023-11-20 11:52:15 +01:00
xen xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled 2023-11-20 11:52:01 +01:00
zorro
Kconfig
Makefile