Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-25 05:32:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
8a62d44588
linux/drivers/soc/qcom
History
Bjorn Andersson c158ceb826 soc: qcom: pd-mapper: Fix singleton refcount 
The Qualcomm pd-mapper is a refcounted singleton, but the refcount is
never incremented, which means the as soon as any remoteproc instance
stops the count will hit 0.

At this point the pd-mapper QMI service is stopped, leaving firmware
without access to the PD information. Stopping any other remoteproc
instances will result in a use-after-free, which best case manifest
itself as a refcount underflow:

  refcount_t: underflow; use-after-free.
  WARNING: CPU: 1 PID: 354 at lib/refcount.c:87 refcount_dec_and_mutex_lock+0xc4/0x148
  ...
  Call trace:
   refcount_dec_and_mutex_lock+0xc4/0x148
   qcom_pdm_remove+0x40/0x118 [qcom_pd_mapper]
   ...

Fix this by incrementing the refcount, so that the pd-mapper is only
torn down when the last remoteproc stops, as intended.

Fixes: 1ebcde047c ("soc: qcom: add pd-mapper implementation")
Signed-off-by: Bjorn Andersson <quic_bjorande@quicinc.com>
Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Link: https://lore.kernel.org/r/20240820-pd-mapper-refcount-fix-v1-1-03ea65c0309b@quicinc.com
Signed-off-by: Bjorn Andersson <andersson@kernel.org>
2024-08-21 09:50:48 -05:00
..
apr.c driver core: have match() callback in struct bus_type take a const * 2024-07-03 15:16:54 +02:00
cmd-db.c soc: qcom: cmd-db: Map shared memory as WC, not WB 2024-07-28 21:59:45 -05:00
icc-bwmon.c soc: qcom: icc-bwmon: Allow for interrupts to be shared across instances 2024-06-25 23:22:43 -05:00
ice.c soc: qcom: Explicitly include correct DT includes 2023-07-14 14:05:06 -07:00
Kconfig soc: qcom: pd-mapper: Depend on ARCH_QCOM || COMPILE_TEST 2024-07-28 21:37:00 -05:00
kryo-l2-accessors.c soc: qcom: Switch to EXPORT_SYMBOL_GPL() 2023-09-27 16:08:38 -07:00
llcc-qcom.c soc: qcom: llcc: simplify with cleanup.h 2024-07-06 12:56:49 -05:00
Makefile soc: qcom: add pd-mapper implementation 2024-06-24 17:32:07 -05:00
mdt_loader.c soc: qcom: mdt_loader: simplify with cleanup.h 2024-07-06 12:56:50 -05:00
ocmem.c soc: qcom: ocmem: simplify with cleanup.h 2024-07-06 12:56:50 -05:00
pdr_interface.c soc: qcom: pdr: simplify with cleanup.h 2024-07-06 12:56:50 -05:00
pdr_internal.h soc: qcom: add pd-mapper implementation 2024-06-24 17:32:07 -05:00
pmic_glink_altmode.c soc: qcom: pmic_glink: Fix race during initialization 2024-08-21 08:37:30 -05:00
pmic_glink.c soc: qcom: pmic_glink: Actually communicate when remote goes down 2024-08-21 08:37:37 -05:00
pmic_pdcharger_ulog.c soc: qcom: mention intentionally broken module autoloading 2024-04-21 11:22:11 -05:00
pmic_pdcharger_ulog.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
qcom_aoss.c soc: qcom: aoss: add missing kerneldoc for qmp members 2024-03-03 20:01:51 -08:00
qcom_gsbi.c soc: qcom: qcom_gsbi: Convert to platform remove callback returning void 2023-10-02 11:30:19 -07:00
qcom_pd_mapper.c soc: qcom: pd-mapper: Fix singleton refcount 2024-08-21 09:50:48 -05:00
qcom_pdr_msg.c soc: qcom: add pd-mapper implementation 2024-06-24 17:32:07 -05:00
qcom_stats.c soc: qcom: qcom_stats: Add DSPs and apss subsystem stats 2024-03-17 22:19:08 -05:00
qcom-geni-se.c soc: qcom: geni-se: drop unused kerneldoc struct geni_wrapper param 2024-03-03 20:01:51 -08:00
qcom-pbs.c soc: qcom: add QCOM PBS driver 2024-02-01 16:26:55 -06:00
qmi_encdec.c soc: qcom: Switch to EXPORT_SYMBOL_GPL() 2023-09-27 16:08:38 -07:00
qmi_interface.c soc: qcom: Switch to EXPORT_SYMBOL_GPL() 2023-09-27 16:08:38 -07:00
ramp_controller.c ARM: SoC drivers for 6.5 2023-06-29 15:22:19 -07:00
rmtfs_mem.c soc: qcom: rmtfs_mem: Convert to platform remove callback returning void 2023-10-02 11:30:26 -07:00
rpm_master_stats.c soc: qcom: mention intentionally broken module autoloading 2024-04-21 11:22:11 -05:00
rpm-proc.c soc: qcom: Add RPM processor/subsystem driver 2023-07-13 22:18:57 -07:00
rpmh-internal.h soc: qcom: rpmh-rsc: Avoid unnecessary checks on irq-done response 2022-12-05 15:12:17 -06:00
rpmh-rsc.c soc: qcom: rpmh-rsc: Ensure irqs aren't disabled by rpmh_rsc_send_data() callers 2024-05-27 11:50:09 -05:00
rpmh.c soc: qcom: rpmh-rsc: Ensure irqs aren't disabled by rpmh_rsc_send_data() callers 2024-05-27 11:50:09 -05:00
smd-rpm.c soc: qcom: Switch to EXPORT_SYMBOL_GPL() 2023-09-27 16:08:38 -07:00
smem_state.c soc: qcom: smem_state: Add refcounting for the 'state->of_node' 2022-08-18 14:13:46 -05:00
smem.c remoteproc updates for v6.11 2024-07-23 13:36:51 -07:00
smp2p.c soc: qcom: smp2p: Use devname for interrupt descriptions 2024-07-01 22:31:14 -05:00
smsm.c soc: qcom: smsm: Support using mailbox interface 2024-06-12 23:09:25 -05:00
socinfo.c soc: qcom: socinfo: Add PM6350 PMIC 2024-07-06 12:55:32 -05:00
spm.c soc: qcom: spm: add missing MODULE_DESCRIPTION() 2024-06-05 22:02:16 -05:00
trace-aoss.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
trace-rpmh.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
wcnss_ctrl.c soc: qcom: wcnss: simplify with cleanup.h 2024-07-06 12:56:50 -05:00