greybus-dev

greybus-dev@lists.linaro.org

4 participants
548 discussions

[PATCH] staging: greybus: remove unnecessary parentheses

by Will Walsh

Unnecessary parentheses in boolean comparisons make it harder to read. Removed the extra parentheses on line 305 for code readability. Signed-off-by: Will Walsh <iron.will.walsh(a)gmail.com> --- drivers/staging/greybus/audio_codec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/greybus/audio_codec.c b/drivers/staging/greybus/audio_codec.c index 2f05e761fb9a..dfb5322964de 100644 --- a/drivers/staging/greybus/audio_codec.c +++ b/drivers/staging/greybus/audio_codec.c @@ -305,7 +305,7 @@ int gbaudio_module_update(struct gbaudio_codec_info *codec, dev_dbg(module->dev, "%s:Module update %s sequence\n", w->name, enable ? "Enable" : "Disable"); - if ((w->id != snd_soc_dapm_aif_in) && (w->id != snd_soc_dapm_aif_out)) { + if (w->id != snd_soc_dapm_aif_in && w->id != snd_soc_dapm_aif_out) { dev_dbg(codec->dev, "No action required for %s\n", w->name); return 0; } -- 2.45.2

4 days, 10 hours

[PATCH] staging: greybus: Remove module from list before freeing in gb_audio_module_release

by Atharva Tiwari

Previously,the module was freed without detaching it from the list which could lead to memory leak this patch uses list_del to safely remove the module from the list Signed-off-by: Atharva Tiwari <evepolonium(a)gmail.com> --- drivers/staging/greybus/audio_manager_module.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/staging/greybus/audio_manager_module.c b/drivers/staging/greybus/audio_manager_module.c index 4a4dfb42f50f..7e52c3f95692 100644 --- a/drivers/staging/greybus/audio_manager_module.c +++ b/drivers/staging/greybus/audio_manager_module.c @@ -69,7 +69,8 @@ static void gb_audio_module_release(struct kobject *kobj) struct gb_audio_manager_module *module = to_gb_audio_module(kobj); pr_info("Destroying audio module #%d\n", module->id); - /* TODO -> delete from list */ + if (module->list.prev && module->list.next) + list_del(&module->list); kfree(module); } -- 2.39.5

1 week

[PATCH v3] staging: greybus: uart: Fix atomicity violation in get_serial_info()

by Qiu-ji Chen

Our static checker found a bug where set_serial_info() uses a mutex, but get_serial_info() does not. Fortunately, the impact of this is relatively minor. It doesn't cause a crash or any other serious issues. However, if a race condition occurs between set_serial_info() and get_serial_info(), there is a chance that the data returned by get_serial_info() will be meaningless. Signed-off-by: Qiu-ji Chen <chenqiuji666(a)gmail.com> Fixes: 0aad5ad563c8 ("greybus/uart: switch to ->[sg]et_serial()") --- V2: Modified the patch description to make it more concise and easier to understand. Changed the fix code to ensure the logic is correct. Thanks to Johan Hovold and Dan Carpenter for helpful suggestion. V3: Used the correct patch prefix. Thanks Johan Hovold, Dan Carpenter, Alex Elder and Greg KH for helpful suggestion. --- drivers/staging/greybus/uart.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/staging/greybus/uart.c b/drivers/staging/greybus/uart.c index cdf4ebb93b10..8eab94cb06fa 100644 --- a/drivers/staging/greybus/uart.c +++ b/drivers/staging/greybus/uart.c @@ -596,11 +596,13 @@ static int get_serial_info(struct tty_struct *tty, struct gb_tty *gb_tty = tty->driver_data; ss->line = gb_tty->minor; + mutex_lock(&gb_tty->port.mutex); ss->close_delay = jiffies_to_msecs(gb_tty->port.close_delay) / 10; ss->closing_wait = gb_tty->port.closing_wait == ASYNC_CLOSING_WAIT_NONE ? ASYNC_CLOSING_WAIT_NONE : jiffies_to_msecs(gb_tty->port.closing_wait) / 10; + mutex_unlock(&gb_tty->port.mutex); return 0; } -- 2.34.1

2 months

[PATCH v2] greybus/uart: Fix atomicity violation in get_serial_info()

by Qiu-ji Chen

Our static checker found a bug where set_serial_info() uses a mutex, but get_serial_info() does not. Fortunately, the impact of this is relatively minor. It doesn't cause a crash or any other serious issues. However, if a race condition occurs between set_serial_info() and get_serial_info(), there is a chance that the data returned by get_serial_info() will be meaningless. Signed-off-by: Qiu-ji Chen <chenqiuji666(a)gmail.com> Fixes: 0aad5ad563c8 ("greybus/uart: switch to ->[sg]et_serial()") --- V2: Modified the patch description to make it more concise and easier to understand. Changed the fix code to ensure the logic is correct. Thanks to Johan Hovold and Dan Carpenter for helpful suggestion. --- drivers/staging/greybus/uart.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/staging/greybus/uart.c b/drivers/staging/greybus/uart.c index cdf4ebb93b10..8eab94cb06fa 100644 --- a/drivers/staging/greybus/uart.c +++ b/drivers/staging/greybus/uart.c @@ -596,11 +596,13 @@ static int get_serial_info(struct tty_struct *tty, struct gb_tty *gb_tty = tty->driver_data; ss->line = gb_tty->minor; + mutex_lock(&gb_tty->port.mutex); ss->close_delay = jiffies_to_msecs(gb_tty->port.close_delay) / 10; ss->closing_wait = gb_tty->port.closing_wait == ASYNC_CLOSING_WAIT_NONE ? ASYNC_CLOSING_WAIT_NONE : jiffies_to_msecs(gb_tty->port.closing_wait) / 10; + mutex_unlock(&gb_tty->port.mutex); return 0; } -- 2.34.1

2 months, 1 week

[PATCH] greybus: Fix a typo

by Christophe JAILLET

s/interfce/interface/ A 'a' is missing. Add it. Signed-off-by: Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> --- drivers/greybus/interface.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/greybus/interface.c b/drivers/greybus/interface.c index d022bfb5e95d..a0f3e9422721 100644 --- a/drivers/greybus/interface.c +++ b/drivers/greybus/interface.c @@ -780,7 +780,7 @@ const struct device_type greybus_interface_type = { * The position of interface within the Endo is encoded in "interface_id" * argument. * - * Returns a pointer to the new interfce or a null pointer if a + * Returns a pointer to the new interface or a null pointer if a * failure occurs due to memory exhaustion. */ struct gb_interface *gb_interface_create(struct gb_module *module, -- 2.47.0

2 months, 1 week

[PATCH] staging: greybus: fix possible null-ptr-deref in gb_audio_manager_get_module()

by Yi Yang

The gb_audio_manager_get_module() is EXPORT_SYMBOL, and will return NULL when incoming parameter id < 0, fix possible null-ptr-deref by add check for return value. Fixes: 8db00736d365 ("greybus: audio: Add Audio Manager") Signed-off-by: Yi Yang <yiyang13(a)huawei.com> --- drivers/staging/greybus/audio_manager.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/staging/greybus/audio_manager.c b/drivers/staging/greybus/audio_manager.c index 27ca5f796c5f..1da8804e61ca 100644 --- a/drivers/staging/greybus/audio_manager.c +++ b/drivers/staging/greybus/audio_manager.c @@ -111,7 +111,8 @@ struct gb_audio_manager_module *gb_audio_manager_get_module(int id) down_read(&modules_rwsem); module = gb_audio_manager_get_locked(id); - kobject_get(&module->kobj); + if (module) + kobject_get(&module->kobj); up_read(&modules_rwsem); return module; } -- 2.25.1

2 months, 2 weeks

[PATCH] greybus: Fix null pointer dereference in gb_operation_response_send()

by Suraj Sonawane

Fix an issue detected by the Smatch static tool: drivers/greybus/operation.c:852 gb_operation_response_send() error: we previously assumed 'operation->response' could be null (see line 829) The issue occurs because 'operation->response' may be null if the response allocation fails at line 829. However, the code tries to access 'operation->response->header' at line 852 without checking if it was successfully allocated. This can cause a crash if 'response' is null. To fix this, add a check to ensure 'operation->response' is not null before accessing its header. If the response is null, log an error message and return -ENOMEM to stop further processing, preventing any crashes or undefined behavior. Signed-off-by: Suraj Sonawane <surajsonawane0215(a)gmail.com> --- drivers/greybus/operation.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/greybus/operation.c b/drivers/greybus/operation.c index 8459e9bc0..521899fbc 100644 --- a/drivers/greybus/operation.c +++ b/drivers/greybus/operation.c @@ -849,7 +849,13 @@ static int gb_operation_response_send(struct gb_operation *operation, goto err_put; /* Fill in the response header and send it */ - operation->response->header->result = gb_operation_errno_map(errno); + if (operation->response) { + operation->response->header->result = gb_operation_errno_map(errno); + } else { + dev_err(&connection->hd->dev, "failed to allocate response\n"); + ret = -ENOMEM; + goto err_put_active; + } ret = gb_message_send(operation->response, GFP_KERNEL); if (ret) -- 2.34.1

2 months, 2 weeks

[PATCH] staging: greybus: gpio: use gpiochip_get_data

by Rosen Penev

Instead of container_of, we can populate gpiochip_add_data 's last parameter and use gpiochip_get_data. It seems to be the standard. Signed-off-by: Rosen Penev <rosenp(a)gmail.com> --- drivers/staging/greybus/gpio.c | 33 ++++++++++++++------------------- 1 file changed, 14 insertions(+), 19 deletions(-) diff --git a/drivers/staging/greybus/gpio.c b/drivers/staging/greybus/gpio.c index 9b26e148d40f..16bcf7fc8158 100644 --- a/drivers/staging/greybus/gpio.c +++ b/drivers/staging/greybus/gpio.c @@ -42,11 +42,6 @@ struct gb_gpio_controller { struct mutex irq_lock; }; -static inline struct gb_gpio_controller *gpio_chip_to_gb_gpio_controller(struct gpio_chip *chip) -{ - return container_of(chip, struct gb_gpio_controller, chip); -} - static struct gpio_chip *irq_data_to_gpio_chip(struct irq_data *d) { return d->domain->host_data; @@ -278,7 +273,7 @@ static void _gb_gpio_irq_set_type(struct gb_gpio_controller *ggc, static void gb_gpio_irq_mask(struct irq_data *d) { struct gpio_chip *chip = irq_data_to_gpio_chip(d); - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); struct gb_gpio_line *line = &ggc->lines[d->hwirq]; line->masked = true; @@ -288,7 +283,7 @@ static void gb_gpio_irq_mask(struct irq_data *d) static void gb_gpio_irq_unmask(struct irq_data *d) { struct gpio_chip *chip = irq_data_to_gpio_chip(d); - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); struct gb_gpio_line *line = &ggc->lines[d->hwirq]; line->masked = false; @@ -298,7 +293,7 @@ static void gb_gpio_irq_unmask(struct irq_data *d) static int gb_gpio_irq_set_type(struct irq_data *d, unsigned int type) { struct gpio_chip *chip = irq_data_to_gpio_chip(d); - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); struct gb_gpio_line *line = &ggc->lines[d->hwirq]; struct device *dev = &ggc->gbphy_dev->dev; u8 irq_type; @@ -336,7 +331,7 @@ static int gb_gpio_irq_set_type(struct irq_data *d, unsigned int type) static void gb_gpio_irq_bus_lock(struct irq_data *d) { struct gpio_chip *chip = irq_data_to_gpio_chip(d); - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); mutex_lock(&ggc->irq_lock); } @@ -344,7 +339,7 @@ static void gb_gpio_irq_bus_lock(struct irq_data *d) static void gb_gpio_irq_bus_sync_unlock(struct irq_data *d) { struct gpio_chip *chip = irq_data_to_gpio_chip(d); - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); struct gb_gpio_line *line = &ggc->lines[d->hwirq]; if (line->irq_type_pending) { @@ -407,21 +402,21 @@ static int gb_gpio_request_handler(struct gb_operation *op) static int gb_gpio_request(struct gpio_chip *chip, unsigned int offset) { - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); return gb_gpio_activate_operation(ggc, (u8)offset); } static void gb_gpio_free(struct gpio_chip *chip, unsigned int offset) { - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); gb_gpio_deactivate_operation(ggc, (u8)offset); } static int gb_gpio_get_direction(struct gpio_chip *chip, unsigned int offset) { - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); u8 which; int ret; @@ -435,7 +430,7 @@ static int gb_gpio_get_direction(struct gpio_chip *chip, unsigned int offset) static int gb_gpio_direction_input(struct gpio_chip *chip, unsigned int offset) { - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); return gb_gpio_direction_in_operation(ggc, (u8)offset); } @@ -443,14 +438,14 @@ static int gb_gpio_direction_input(struct gpio_chip *chip, unsigned int offset) static int gb_gpio_direction_output(struct gpio_chip *chip, unsigned int offset, int value) { - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); return gb_gpio_direction_out_operation(ggc, (u8)offset, !!value); } static int gb_gpio_get(struct gpio_chip *chip, unsigned int offset) { - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); u8 which; int ret; @@ -464,7 +459,7 @@ static int gb_gpio_get(struct gpio_chip *chip, unsigned int offset) static void gb_gpio_set(struct gpio_chip *chip, unsigned int offset, int value) { - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); gb_gpio_set_value_operation(ggc, (u8)offset, !!value); } @@ -472,7 +467,7 @@ static void gb_gpio_set(struct gpio_chip *chip, unsigned int offset, int value) static int gb_gpio_set_config(struct gpio_chip *chip, unsigned int offset, unsigned long config) { - struct gb_gpio_controller *ggc = gpio_chip_to_gb_gpio_controller(chip); + struct gb_gpio_controller *ggc = gpiochip_get_data(chip); u32 debounce; if (pinconf_to_config_param(config) != PIN_CONFIG_INPUT_DEBOUNCE) @@ -579,7 +574,7 @@ static int gb_gpio_probe(struct gbphy_device *gbphy_dev, if (ret) goto exit_line_free; - ret = gpiochip_add_data(gpio, NULL); + ret = gpiochip_add_data(gpio, ggc); if (ret) { dev_err(&gbphy_dev->dev, "failed to add gpio chip: %d\n", ret); goto exit_line_free; -- 2.47.0

2 months, 3 weeks

[PATCH 00/51] treewide: Switch to __pm_runtime_put_autosuspend()

by Sakari Ailus

Hello everyone, This set will switch the users of pm_runtime_put_autosuspend() to __pm_runtime_put_autosuspend() while the former will soon be re-purposed to include a call to pm_runtime_mark_last_busy(). The two are almost always used together, apart from bugs which are likely common. Going forward, most new users should be using pm_runtime_put_autosuspend(). Once this conversion is done and pm_runtime_put_autosuspend() re-purposed, I'll post another set to merge the calls to __pm_runtime_put_autosuspend() and pm_runtime_mark_last_busy(). The diff in these patches have been generated using the following Coccinelle script (besides a manual change in drivers/iio/magnetometer/af8133j.c): ----------8<------------------- @@ expression E1; @@ - pm_runtime_put_autosuspend(E1) + __pm_runtime_put_autosuspend(E1) ----------8<------------------- These patches are on top of today's linux-next (i.e. next-20241004). Sakari Ailus (51): accel/ivpu: Switch to __pm_runtime_put_autosuspend() bluetooth: Switch to __pm_runtime_put_autosuspend() bus: sunxi-rsb: Switch to __pm_runtime_put_autosuspend() hwrng: Switch to __pm_runtime_put_autosuspend() clk: Switch to __pm_runtime_put_autosuspend() crypto: Switch to __pm_runtime_put_autosuspend() dmaengine: Switch to __pm_runtime_put_autosuspend() gpio: Switch to __pm_runtime_put_autosuspend() drm/amd: Switch to __pm_runtime_put_autosuspend() drm/nouveau: Switch to __pm_runtime_put_autosuspend() drm/radeon: Switch to __pm_runtime_put_autosuspend() drm/panfrost: Switch to __pm_runtime_put_autosuspend() drivers: drm: Switch to __pm_runtime_put_autosuspend() HSI: omap_ssi_port: Switch to __pm_runtime_put_autosuspend() stm class: Switch to __pm_runtime_put_autosuspend() i2c: Switch to __pm_runtime_put_autosuspend() i3c: master: svc: Switch to __pm_runtime_put_autosuspend() i3c: dw: Switch to __pm_runtime_put_autosuspend() iio: Switch to __pm_runtime_put_autosuspend() Input: omap4-keypad: Switch to __pm_runtime_put_autosuspend() Input: cs40l50: Switch to __pm_runtime_put_autosuspend() iommu/arm-smmu: Switch to __pm_runtime_put_autosuspend() irqchip/imx-irqsteer: Switch to __pm_runtime_put_autosuspend() mailbox: mtk-cmdq-mailbox: Switch to __pm_runtime_put_autosuspend() media: Switch to __pm_runtime_put_autosuspend() mfd: Switch to __pm_runtime_put_autosuspend() mei: Switch to __pm_runtime_put_autosuspend() mmc: Switch to __pm_runtime_put_autosuspend() mtd: rawnand: gpmi: Switch to __pm_runtime_put_autosuspend() net: Switch to __pm_runtime_put_autosuspend() nfc: trf7970a: Switch to __pm_runtime_put_autosuspend() PCI/portdrv: Switch to __pm_runtime_put_autosuspend() phy: motorola: phy-mapphone-mdm6600: Switch to __pm_runtime_put_autosuspend() phy: ti: phy-twl4030-usb: Switch to __pm_runtime_put_autosuspend() power: Switch to __pm_runtime_put_autosuspend() pwm: img: Switch to __pm_runtime_put_autosuspend() regulator: stm32-vrefbuf: Switch to __pm_runtime_put_autosuspend() remoteproc: omap: Switch to __pm_runtime_put_autosuspend() slimbus: Switch to __pm_runtime_put_autosuspend() soundwire: Switch to __pm_runtime_put_autosuspend() spi: Switch to __pm_runtime_put_autosuspend() staging: Switch to __pm_runtime_put_autosuspend() thunderbolt: Switch to __pm_runtime_put_autosuspend() serial: Switch to __pm_runtime_put_autosuspend() usb: Switch to __pm_runtime_put_autosuspend() w1: omap-hdq: Switch to __pm_runtime_put_autosuspend() staging: greybus: Switch to __pm_runtime_put_autosuspend() ALSA: hda: Switch to __pm_runtime_put_autosuspend() ASoC: Switch to __pm_runtime_put_autosuspend() ALSA: intel_hdmi: Switch to __pm_runtime_put_autosuspend() soc: apple: mailbox: Switch to __pm_runtime_put_autosuspend() drivers/accel/ivpu/ivpu_drv.c | 2 +- drivers/accel/ivpu/ivpu_pm.c | 8 +- drivers/bluetooth/btmtksdio.c | 2 +- drivers/bluetooth/hci_bcm.c | 6 +- drivers/bluetooth/hci_h5.c | 4 +- drivers/bluetooth/hci_intel.c | 6 +- drivers/bus/sunxi-rsb.c | 4 +- drivers/char/hw_random/cctrng.c | 2 +- drivers/char/hw_random/omap3-rom-rng.c | 2 +- drivers/clk/imx/clk-imx8qxp-lpcg.c | 2 +- drivers/clk/imx/clk-scu.c | 2 +- drivers/clk/qcom/lpassaudiocc-sc7280.c | 4 +- drivers/clk/qcom/lpasscorecc-sc7180.c | 4 +- drivers/crypto/ccree/cc_pm.c | 2 +- drivers/crypto/hisilicon/qm.c | 2 +- drivers/crypto/omap-aes-gcm.c | 2 +- drivers/crypto/omap-aes.c | 2 +- drivers/crypto/omap-des.c | 2 +- drivers/crypto/omap-sham.c | 2 +- drivers/crypto/rockchip/rk3288_crypto_ahash.c | 2 +- .../crypto/rockchip/rk3288_crypto_skcipher.c | 2 +- drivers/crypto/stm32/stm32-crc32.c | 4 +- drivers/crypto/stm32/stm32-cryp.c | 2 +- drivers/crypto/stm32/stm32-hash.c | 2 +- drivers/dma/at_xdmac.c | 24 +-- drivers/dma/pl330.c | 14 +- drivers/dma/qcom/bam_dma.c | 10 +- drivers/dma/qcom/hidma.c | 18 +- drivers/dma/qcom/hidma_dbg.c | 2 +- drivers/dma/qcom/hidma_mgmt.c | 4 +- drivers/dma/ste_dma40.c | 16 +- drivers/dma/ti/cppi41.c | 10 +- drivers/dma/xilinx/zynqmp_dma.c | 2 +- drivers/gpio/gpio-arizona.c | 10 +- drivers/gpio/gpio-mxc.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c | 2 +- .../gpu/drm/amd/amdgpu/amdgpu_connectors.c | 16 +- drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 120 ++++++------ drivers/gpu/drm/amd/amdgpu/amdgpu_display.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 6 +- drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c | 6 +- drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_rap.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c | 2 +- .../gpu/drm/amd/amdgpu/amdgpu_securedisplay.c | 4 +- drivers/gpu/drm/amd/amdkfd/kfd_process.c | 4 +- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 2 +- drivers/gpu/drm/amd/pm/amdgpu_pm.c | 178 +++++++++--------- .../drm/bridge/analogix/analogix_dp_core.c | 2 +- drivers/gpu/drm/bridge/analogix/anx7625.c | 4 +- drivers/gpu/drm/bridge/parade-ps8640.c | 4 +- drivers/gpu/drm/bridge/ti-sn65dsi86.c | 14 +- drivers/gpu/drm/etnaviv/etnaviv_gpu.c | 12 +- drivers/gpu/drm/exynos/exynos_drm_fimc.c | 4 +- drivers/gpu/drm/exynos/exynos_drm_g2d.c | 4 +- drivers/gpu/drm/exynos/exynos_drm_gsc.c | 6 +- drivers/gpu/drm/exynos/exynos_drm_rotator.c | 2 +- drivers/gpu/drm/exynos/exynos_drm_scaler.c | 2 +- drivers/gpu/drm/i915/intel_runtime_pm.c | 4 +- drivers/gpu/drm/imx/dcss/dcss-crtc.c | 2 +- drivers/gpu/drm/lima/lima_sched.c | 2 +- drivers/gpu/drm/msm/adreno/adreno_device.c | 2 +- drivers/gpu/drm/msm/adreno/adreno_gpu.c | 2 +- drivers/gpu/drm/msm/msm_gpu.c | 2 +- drivers/gpu/drm/msm/msm_iommu.c | 4 +- drivers/gpu/drm/msm/msm_submitqueue.c | 2 +- drivers/gpu/drm/nouveau/dispnv50/disp.c | 10 +- drivers/gpu/drm/nouveau/nouveau_connector.c | 4 +- drivers/gpu/drm/nouveau/nouveau_debugfs.c | 8 +- drivers/gpu/drm/nouveau/nouveau_display.c | 4 +- drivers/gpu/drm/nouveau/nouveau_drm.c | 10 +- drivers/gpu/drm/nouveau/nouveau_gem.c | 10 +- drivers/gpu/drm/panel/panel-edp.c | 8 +- .../gpu/drm/panel/panel-samsung-atna33xc20.c | 6 +- drivers/gpu/drm/panel/panel-simple.c | 6 +- drivers/gpu/drm/panfrost/panfrost_job.c | 4 +- drivers/gpu/drm/panfrost/panfrost_mmu.c | 4 +- drivers/gpu/drm/panfrost/panfrost_perfcnt.c | 4 +- drivers/gpu/drm/panthor/panthor_device.c | 2 +- drivers/gpu/drm/panthor/panthor_sched.c | 6 +- drivers/gpu/drm/radeon/radeon_acpi.c | 2 +- drivers/gpu/drm/radeon/radeon_connectors.c | 20 +- drivers/gpu/drm/radeon/radeon_display.c | 6 +- drivers/gpu/drm/radeon/radeon_drv.c | 4 +- drivers/gpu/drm/radeon/radeon_fbdev.c | 4 +- drivers/gpu/drm/radeon/radeon_kms.c | 10 +- drivers/gpu/drm/tegra/submit.c | 2 +- drivers/gpu/drm/tidss/tidss_drv.c | 2 +- drivers/gpu/drm/vc4/vc4_v3d.c | 2 +- drivers/hsi/controllers/omap_ssi_port.c | 42 ++--- drivers/hwtracing/stm/core.c | 8 +- drivers/i2c/busses/i2c-amd-mp2-pci.c | 2 +- drivers/i2c/busses/i2c-amd-mp2.h | 2 +- drivers/i2c/busses/i2c-at91-master.c | 2 +- drivers/i2c/busses/i2c-cadence.c | 2 +- drivers/i2c/busses/i2c-davinci.c | 4 +- drivers/i2c/busses/i2c-designware-master.c | 2 +- drivers/i2c/busses/i2c-designware-pcidrv.c | 2 +- drivers/i2c/busses/i2c-hix5hd2.c | 2 +- drivers/i2c/busses/i2c-i801.c | 4 +- drivers/i2c/busses/i2c-img-scb.c | 6 +- drivers/i2c/busses/i2c-imx-lpi2c.c | 6 +- drivers/i2c/busses/i2c-imx.c | 4 +- drivers/i2c/busses/i2c-mv64xxx.c | 2 +- drivers/i2c/busses/i2c-nvidia-gpu.c | 4 +- drivers/i2c/busses/i2c-omap.c | 6 +- drivers/i2c/busses/i2c-qcom-cci.c | 2 +- drivers/i2c/busses/i2c-qcom-geni.c | 2 +- drivers/i2c/busses/i2c-qup.c | 4 +- drivers/i2c/busses/i2c-riic.c | 4 +- drivers/i2c/busses/i2c-rzv2m.c | 2 +- drivers/i2c/busses/i2c-sprd.c | 4 +- drivers/i2c/busses/i2c-stm32f7.c | 10 +- drivers/i2c/busses/i2c-xiic.c | 2 +- drivers/i3c/master/dw-i3c-master.c | 16 +- drivers/i3c/master/svc-i3c-master.c | 16 +- drivers/iio/accel/bmc150-accel-core.c | 2 +- drivers/iio/accel/bmi088-accel-core.c | 6 +- drivers/iio/accel/fxls8962af-core.c | 2 +- drivers/iio/accel/kxcjk-1013.c | 2 +- drivers/iio/accel/kxsd9.c | 6 +- drivers/iio/accel/mma8452.c | 2 +- drivers/iio/accel/mma9551_core.c | 2 +- drivers/iio/accel/msa311.c | 12 +- drivers/iio/adc/ab8500-gpadc.c | 2 +- drivers/iio/adc/at91-sama5d2_adc.c | 20 +- drivers/iio/adc/rcar-gyroadc.c | 2 +- drivers/iio/adc/stm32-adc-core.c | 2 +- drivers/iio/adc/stm32-adc.c | 12 +- drivers/iio/adc/sun4i-gpadc-iio.c | 4 +- drivers/iio/adc/ti-ads1015.c | 2 +- drivers/iio/adc/ti-ads1100.c | 2 +- drivers/iio/adc/ti-ads1119.c | 4 +- drivers/iio/chemical/atlas-sensor.c | 4 +- .../common/hid-sensors/hid-sensor-trigger.c | 2 +- drivers/iio/dac/stm32-dac.c | 6 +- drivers/iio/gyro/bmg160_core.c | 2 +- drivers/iio/gyro/fxas21002c_core.c | 2 +- drivers/iio/gyro/mpu3050-core.c | 6 +- drivers/iio/gyro/mpu3050-i2c.c | 2 +- .../iio/imu/inv_icm42600/inv_icm42600_accel.c | 10 +- .../imu/inv_icm42600/inv_icm42600_buffer.c | 2 +- .../iio/imu/inv_icm42600/inv_icm42600_gyro.c | 10 +- .../iio/imu/inv_icm42600/inv_icm42600_temp.c | 2 +- drivers/iio/imu/inv_mpu6050/inv_mpu_core.c | 14 +- drivers/iio/imu/inv_mpu6050/inv_mpu_trigger.c | 4 +- drivers/iio/imu/kmx61.c | 2 +- drivers/iio/light/apds9306.c | 6 +- drivers/iio/light/apds9960.c | 4 +- drivers/iio/light/bh1780.c | 2 +- drivers/iio/light/gp2ap002.c | 4 +- drivers/iio/light/isl29028.c | 2 +- drivers/iio/light/ltrf216a.c | 2 +- drivers/iio/light/pa12203001.c | 2 +- drivers/iio/light/rpr0521.c | 2 +- drivers/iio/light/tsl2583.c | 2 +- drivers/iio/light/tsl2591.c | 4 +- drivers/iio/light/us5182d.c | 2 +- drivers/iio/light/vcnl4000.c | 2 +- drivers/iio/light/vcnl4035.c | 2 +- drivers/iio/magnetometer/af8133j.c | 4 +- drivers/iio/magnetometer/ak8974.c | 4 +- drivers/iio/magnetometer/ak8975.c | 2 +- drivers/iio/magnetometer/bmc150_magn.c | 2 +- drivers/iio/magnetometer/tmag5273.c | 4 +- drivers/iio/magnetometer/yamaha-yas530.c | 4 +- drivers/iio/pressure/bmp280-core.c | 10 +- drivers/iio/pressure/icp10100.c | 2 +- drivers/iio/pressure/mpl115.c | 4 +- drivers/iio/pressure/zpa2326.c | 4 +- .../iio/proximity/pulsedlight-lidar-lite-v2.c | 2 +- drivers/iio/proximity/srf04.c | 2 +- drivers/iio/temperature/mlx90614.c | 4 +- drivers/iio/temperature/mlx90632.c | 4 +- drivers/iio/temperature/mlx90635.c | 4 +- drivers/input/keyboard/omap4-keypad.c | 8 +- drivers/input/misc/cs40l50-vibra.c | 8 +- drivers/iommu/arm/arm-smmu/arm-smmu.c | 2 +- drivers/irqchip/irq-imx-irqsteer.c | 2 +- drivers/mailbox/mtk-cmdq-mailbox.c | 10 +- drivers/media/i2c/alvium-csi2.c | 2 +- drivers/media/i2c/ccs/ccs-core.c | 10 +- drivers/media/i2c/dw9719.c | 2 +- drivers/media/i2c/gc0308.c | 6 +- drivers/media/i2c/gc2145.c | 8 +- drivers/media/i2c/imx283.c | 6 +- drivers/media/i2c/imx290.c | 6 +- drivers/media/i2c/imx296.c | 4 +- drivers/media/i2c/imx415.c | 4 +- drivers/media/i2c/mt9m114.c | 12 +- drivers/media/i2c/ov2680.c | 2 +- drivers/media/i2c/ov4689.c | 6 +- drivers/media/i2c/ov5640.c | 8 +- drivers/media/i2c/ov5645.c | 6 +- drivers/media/i2c/ov5693.c | 2 +- drivers/media/i2c/ov64a40.c | 8 +- drivers/media/i2c/ov7251.c | 2 +- drivers/media/i2c/ov8858.c | 4 +- drivers/media/i2c/thp7312.c | 8 +- drivers/media/i2c/video-i2c.c | 8 +- .../media/platform/nvidia/tegra-vde/h264.c | 4 +- drivers/media/platform/qcom/venus/vdec.c | 4 +- drivers/media/platform/qcom/venus/venc.c | 4 +- .../platform/raspberrypi/pisp_be/pisp_be.c | 4 +- .../media/platform/st/sti/delta/delta-v4l2.c | 4 +- drivers/media/platform/st/sti/hva/hva-hw.c | 8 +- .../media/platform/verisilicon/hantro_drv.c | 2 +- drivers/media/rc/gpio-ir-recv.c | 2 +- drivers/mfd/arizona-irq.c | 2 +- drivers/mfd/cs40l50-core.c | 2 +- drivers/mfd/cs42l43.c | 2 +- drivers/misc/mei/client.c | 14 +- drivers/mmc/core/core.c | 4 +- drivers/mmc/host/atmel-mci.c | 4 +- drivers/mmc/host/dw_mmc-rockchip.c | 2 +- drivers/mmc/host/dw_mmc.c | 2 +- drivers/mmc/host/mmci.c | 2 +- drivers/mmc/host/omap_hsmmc.c | 6 +- drivers/mmc/host/sdhci-msm.c | 2 +- drivers/mmc/host/sdhci-of-at91.c | 2 +- drivers/mmc/host/sdhci-omap.c | 4 +- drivers/mmc/host/sdhci-pci-core.c | 2 +- drivers/mmc/host/sdhci-pxav3.c | 6 +- drivers/mmc/host/sdhci-sprd.c | 2 +- drivers/mmc/host/sdhci-xenon.c | 2 +- drivers/mmc/host/sdhci_am654.c | 2 +- drivers/mmc/host/tmio_mmc_core.c | 2 +- drivers/mtd/nand/raw/gpmi-nand/gpmi-nand.c | 10 +- drivers/net/ethernet/cadence/macb_main.c | 10 +- drivers/net/ethernet/freescale/fec_main.c | 16 +- drivers/net/ethernet/renesas/ravb_main.c | 8 +- drivers/net/ethernet/ti/davinci_mdio.c | 14 +- drivers/net/ipa/ipa_interrupt.c | 2 +- drivers/net/ipa/ipa_main.c | 2 +- drivers/net/ipa/ipa_modem.c | 8 +- drivers/net/ipa/ipa_smp2p.c | 4 +- drivers/net/ipa/ipa_uc.c | 4 +- drivers/net/wireless/ath/wil6210/pm.c | 2 +- drivers/net/wireless/ti/wl18xx/debugfs.c | 6 +- drivers/net/wireless/ti/wlcore/cmd.c | 2 +- drivers/net/wireless/ti/wlcore/debugfs.c | 22 +-- drivers/net/wireless/ti/wlcore/main.c | 72 +++---- drivers/net/wireless/ti/wlcore/scan.c | 2 +- drivers/net/wireless/ti/wlcore/sysfs.c | 2 +- drivers/net/wireless/ti/wlcore/testmode.c | 4 +- drivers/net/wireless/ti/wlcore/tx.c | 2 +- drivers/net/wireless/ti/wlcore/vendor_cmd.c | 6 +- drivers/net/wwan/qcom_bam_dmux.c | 4 +- drivers/net/wwan/t7xx/t7xx_hif_cldma.c | 6 +- drivers/net/wwan/t7xx/t7xx_hif_dpmaif_rx.c | 6 +- drivers/net/wwan/t7xx/t7xx_hif_dpmaif_tx.c | 4 +- drivers/nfc/trf7970a.c | 2 +- drivers/pci/pcie/portdrv.c | 2 +- drivers/phy/motorola/phy-mapphone-mdm6600.c | 4 +- drivers/phy/ti/phy-twl4030-usb.c | 8 +- drivers/power/supply/bq24190_charger.c | 28 +-- drivers/power/supply/twl4030_charger.c | 2 +- drivers/pwm/pwm-img.c | 4 +- drivers/regulator/stm32-vrefbuf.c | 12 +- drivers/remoteproc/omap_remoteproc.c | 6 +- drivers/slimbus/core.c | 2 +- drivers/slimbus/messaging.c | 4 +- drivers/soc/apple/mailbox.c | 2 +- drivers/soundwire/bus.c | 2 +- drivers/soundwire/cadence_master.c | 2 +- drivers/soundwire/qcom.c | 6 +- drivers/spi/atmel-quadspi.c | 10 +- drivers/spi/spi-cadence-quadspi.c | 4 +- drivers/spi/spi-cadence.c | 2 +- drivers/spi/spi-dw-pci.c | 2 +- drivers/spi/spi-fsl-espi.c | 4 +- drivers/spi/spi-fsl-lpspi.c | 4 +- drivers/spi/spi-imx.c | 6 +- drivers/spi/spi-mtk-nor.c | 2 +- drivers/spi/spi-omap2-mcspi.c | 6 +- drivers/spi/spi-pxa2xx-pci.c | 2 +- drivers/spi/spi-s3c64xx.c | 6 +- drivers/spi/spi-sprd.c | 2 +- drivers/spi/spi-stm32-qspi.c | 14 +- drivers/spi/spi-stm32.c | 4 +- drivers/spi/spi-ti-qspi.c | 4 +- drivers/spi/spi-zynqmp-gqspi.c | 2 +- drivers/spi/spi.c | 6 +- drivers/staging/greybus/gbphy.h | 2 +- drivers/staging/media/rkvdec/rkvdec.c | 2 +- drivers/thunderbolt/debugfs.c | 22 +-- drivers/thunderbolt/domain.c | 4 +- drivers/thunderbolt/icm.c | 14 +- drivers/thunderbolt/nhi.c | 2 +- drivers/thunderbolt/retimer.c | 4 +- drivers/thunderbolt/switch.c | 6 +- drivers/thunderbolt/tb.c | 18 +- drivers/thunderbolt/usb4_port.c | 4 +- drivers/tty/serial/8250/8250_omap.c | 18 +- drivers/tty/serial/8250/8250_port.c | 4 +- drivers/tty/serial/fsl_lpuart.c | 2 +- drivers/tty/serial/serial_core.c | 2 +- drivers/tty/serial/uartlite.c | 4 +- drivers/tty/serial/xilinx_uartps.c | 2 +- drivers/usb/cdns3/cdns3-gadget.c | 2 +- drivers/usb/cdns3/cdnsp-gadget.c | 2 +- drivers/usb/chipidea/core.c | 2 +- drivers/usb/chipidea/otg_fsm.c | 2 +- drivers/usb/dwc3/core.c | 2 +- drivers/usb/dwc3/dwc3-am62.c | 2 +- drivers/usb/dwc3/dwc3-imx8mp.c | 2 +- drivers/usb/gadget/udc/cdns2/cdns2-gadget.c | 2 +- drivers/usb/host/xhci-mtk.c | 2 +- drivers/usb/misc/apple-mfi-fastcharge.c | 2 +- drivers/usb/mtu3/mtu3_plat.c | 2 +- drivers/usb/musb/musb_core.c | 10 +- drivers/usb/musb/musb_debugfs.c | 10 +- drivers/usb/musb/musb_dsps.c | 2 +- drivers/usb/musb/musb_gadget.c | 8 +- drivers/usb/musb/omap2430.c | 2 +- drivers/w1/masters/omap_hdq.c | 10 +- include/linux/greybus/bundle.h | 2 +- sound/hda/hdac_device.c | 2 +- sound/pci/hda/cs35l41_hda.c | 8 +- sound/pci/hda/cs35l56_hda.c | 2 +- sound/pci/hda/hda_intel.c | 2 +- sound/pci/hda/tas2781_hda_i2c.c | 6 +- sound/soc/atmel/mchp-spdifrx.c | 12 +- sound/soc/codecs/arizona-jack.c | 12 +- sound/soc/codecs/arizona.c | 2 +- sound/soc/codecs/cs35l41.c | 4 +- sound/soc/codecs/cs35l45.c | 2 +- sound/soc/codecs/cs35l56-sdw.c | 4 +- sound/soc/codecs/cs35l56-shared.c | 2 +- sound/soc/codecs/cs35l56.c | 2 +- sound/soc/codecs/cs42l42-sdw.c | 2 +- sound/soc/codecs/cs42l42.c | 4 +- sound/soc/codecs/cs42l43-jack.c | 10 +- sound/soc/codecs/cs42l43.c | 4 +- sound/soc/codecs/hda.c | 6 +- sound/soc/codecs/madera.c | 6 +- sound/soc/codecs/max98363.c | 2 +- sound/soc/codecs/max98373-sdw.c | 2 +- sound/soc/codecs/rt1017-sdca-sdw.c | 2 +- sound/soc/codecs/rt1308-sdw.c | 2 +- sound/soc/codecs/rt1316-sdw.c | 2 +- sound/soc/codecs/rt1318-sdw.c | 2 +- sound/soc/codecs/rt1320-sdw.c | 2 +- sound/soc/codecs/rt5682-sdw.c | 2 +- sound/soc/codecs/rt700.c | 4 +- sound/soc/codecs/rt711-sdca.c | 4 +- sound/soc/codecs/rt711.c | 4 +- sound/soc/codecs/rt712-sdca-dmic.c | 2 +- sound/soc/codecs/rt712-sdca.c | 4 +- sound/soc/codecs/rt715-sdca.c | 2 +- sound/soc/codecs/rt715.c | 2 +- sound/soc/codecs/rt722-sdca.c | 4 +- sound/soc/codecs/wcd-mbhc-v2.c | 4 +- sound/soc/codecs/wsa881x.c | 2 +- sound/soc/codecs/wsa884x.c | 2 +- sound/soc/intel/atom/sst/sst_pvt.c | 2 +- sound/soc/intel/avs/core.c | 2 +- sound/soc/intel/avs/debugfs.c | 4 +- sound/soc/intel/avs/pcm.c | 2 +- sound/soc/intel/catpt/pcm.c | 12 +- sound/soc/intel/catpt/sysfs.c | 2 +- sound/soc/soc-component.c | 2 +- sound/soc/sof/control.c | 2 +- sound/soc/sof/debug.c | 2 +- sound/soc/sof/ipc3-dtrace.c | 2 +- sound/soc/sof/ipc4-loader.c | 2 +- sound/soc/sof/pcm.c | 2 +- sound/soc/sof/sof-client-ipc-flood-test.c | 2 +- .../soc/sof/sof-client-ipc-kernel-injector.c | 2 +- sound/soc/sof/sof-client-ipc-msg-injector.c | 2 +- sound/soc/sof/sof-client-probes.c | 6 +- sound/x86/intel_hdmi_audio.c | 6 +- 373 files changed, 1076 insertions(+), 1076 deletions(-) -- 2.39.5

3 months

[PATCH] staging: Fix atomicity violation in get_serial_info()

by Qiu-ji Chen

Atomicity violation occurs during consecutive reads of the members of gb_tty. Consider a scenario where, because the consecutive reads of gb_tty members are not protected by a lock, the value of gb_tty may still be changing during the read process. gb_tty->port.close_delay and gb_tty->port.closing_wait are updated together, such as in the set_serial_info() function. If during the read process, gb_tty->port.close_delay and gb_tty->port.closing_wait are still being updated, it is possible that gb_tty->port.close_delay is updated while gb_tty->port.closing_wait is not. In this case, the code first reads gb_tty->port.close_delay and then gb_tty->port.closing_wait. A new gb_tty->port.close_delay and an old gb_tty->port.closing_wait could be read. Such values, whether before or after the update, should not coexist as they represent an intermediate state. This could result in a mismatch of the values read for gb_tty->minor, gb_tty->port.close_delay, and gb_tty->port.closing_wait, which in turn could cause ss->close_delay and ss->closing_wait to be mismatched. To address this issue, we have enclosed all sequential read operations of the gb_tty variable within a lock. This ensures that the value of gb_tty remains unchanged throughout the process, guaranteeing its validity. This possible bug is found by an experimental static analysis tool developed by our team. This tool analyzes the locking APIs to extract function pairs that can be concurrently executed, and then analyzes the instructions in the paired functions to identify possible concurrency bugs including data races and atomicity violations. Fixes: b71e571adaa5 ("staging: greybus: uart: fix TIOCSSERIAL jiffies conversions") Cc: stable(a)vger.kernel.org Signed-off-by: Qiu-ji Chen <chenqiuji666(a)gmail.com> --- drivers/staging/greybus/uart.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/staging/greybus/uart.c b/drivers/staging/greybus/uart.c index cdf4ebb93b10..8cc18590d97b 100644 --- a/drivers/staging/greybus/uart.c +++ b/drivers/staging/greybus/uart.c @@ -595,12 +595,14 @@ static int get_serial_info(struct tty_struct *tty, { struct gb_tty *gb_tty = tty->driver_data; + mutex_lock(&gb_tty->port.mutex); ss->line = gb_tty->minor; ss->close_delay = jiffies_to_msecs(gb_tty->port.close_delay) / 10; ss->closing_wait = gb_tty->port.closing_wait == ASYNC_CLOSING_WAIT_NONE ? ASYNC_CLOSING_WAIT_NONE : jiffies_to_msecs(gb_tty->port.closing_wait) / 10; + mutex_unlock(&gb_tty->port.mutex); return 0; } -- 2.34.1

3 months, 2 weeks

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

greybus-dev