make linux_main.c error #1
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jcmvbkbc
added a commit
that referenced
this pull request
Oct 3, 2019
On x86 android both OF and ACPI may be enabled, but only ACPI configuration may be provided by the system, resulting in NULL pointer returned from of_match_device and subsequent crash on attempt to extract of_device_id::data. Don't continue OF initialization when no match is found. This fixes the following crash on x86 android: BUG: unable to handle kernel NULL pointer dereference at 00000000b85849e0 IP: xrp_probe+0x26/0x3e PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI Modules linked in: CPU: 1 PID: 1 Comm: swapper/0 Not tainted 4.14.112+ #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.11.1-0-g0551a4be2c-prebuilt.qemu-project.org 04/01/2014 task: 0000000058347fc4 task.stack: 00000000ee3e845e RIP: 0010:xrp_probe+0x26/0x3e RSP: 0000:ffffb1438000bd40 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff95f42ef11000 RCX: 0000000000000000 RDX: ffffffff85aa0a40 RSI: 0000000000000000 RDI: ffff95f42ef11000 RBP: ffffb1438000bd48 R08: ffff95f42ecc0000 R09: ffff95f42eda5010 R10: ffff95f42eda7840 R11: 0000000000000044 R12: ffffffff85e93348 R13: 0000000000000000 R14: ffffffff85e93348 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff95f43fd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000c0 CR3: 000000001fe0e000 CR4: 00000000000006a0 Call Trace: platform_drv_probe+0x4a/0x8d driver_probe_device+0x121/0x27d __driver_attach+0x6a/0x8c ? driver_probe_device+0x27d/0x27d bus_for_each_dev+0x74/0xa2 driver_attach+0x19/0x1b bus_add_driver+0xee/0x1d5 ? set_debug_rodata+0x12/0x12 driver_register+0x83/0xba ? goldfish_address_space_driver_init+0x1b/0x1b __platform_driver_register+0x31/0x33 xrp_driver_init+0x12/0x14 do_one_initcall+0x9a/0x151 ? loglevel+0x42/0x54 ? set_debug_rodata+0x12/0x12 kernel_init_freeable+0x163/0x1eb ? rest_init+0xc1/0xc1 kernel_init+0x9/0xeb ret_from_fork+0x1f/0x30 Code: c3 83 e0 01 c3 55 48 8d 77 10 48 89 e5 53 48 89 fb 48 c7 c7 20 07 aa 85 e8 ce 89 10 00 31 c9 48 c7 c2 40 0a aa 85 31 f6 48 89 df <ff> 90 c0 00 00 00 ba 00 00 00 00 5b 48 3d 00 f0 ff ff 5d 48 0f RIP: xrp_probe+0x26/0x3e RSP: ffffb1438000bd40 CR2: 00000000000000c0 Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
jcmvbkbc
added a commit
that referenced
this pull request
Nov 3, 2020
xrp_acpi_init_v[01] are defined with single parameter, but invoked through a pointer to xrp_init_function which has 4 parameters. On android with control flow integrity enabled this results in a crash when either of these functions is called: xrp: no symbol version for module_layout invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 1 PID: 1832 Comm: insmod Tainted: G O 5.4.47-01061-g22e35a1de440 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.11.1-0-g0551a4be2c-prebuilt.qemu-project.org 04/01/2014 RIP: 0010:__cfi_check_fail+0x10/0x20 [xrp] Code: 48 89 de e8 02 91 b4 f8 eb b0 55 48 89 e5 e8 07 ce ff ff 31 c0 5d c3 cc cc cc 55 48 89 e5 48 85 ff 74 07 80 3f 05 72 02 5d c3 <0f> 0b cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 48 89 e5 41 57 RSP: 0018:ffff9f6240793910 EFLAGS: 00010246 RAX: ffffffffc01e3440 RBX: ffffffffc01e3000 RCX: 1ffffffffffffff3 RDX: 0000000000000000 RSI: ffffffffc01e33d8 RDI: 0000000000000000 RBP: ffff9f6240793910 R08: 0000000000000000 R09: 000000000002cfc0 R10: 0000000000000000 R11: ffffffffc01e3000 R12: ffffffffc01e3000 R13: ffffffffc01e33d8 R14: 0000000000000000 R15: 237204e0dc49a9d8 FS: 0000701cdc49dff8(0000) GS:ffff9355ffd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005e849acc42e0 CR3: 0000000064ea0000 CR4: 00000000000006e0 Call Trace: __cfi_check+0x2f5/0x320 [xrp] ? __cfi_slowpath+0x97/0x100 ? xrp_acpi_init_v1+0x8/0x8 [xrp] xrp_probe+0xae/0xb0 [xrp] ? xrp_remove+0x8/0x8 [xrp] platform_drv_probe+0xa9/0xf0 ? sd_suspend_runtime+0x8/0x8 really_probe+0x32b/0x790 driver_probe_device+0x54/0xf0 device_driver_attach+0x6a/0xb0 ? cpu_subsys_match+0x8/0x8 ? target_block+0x8/0x8 __driver_attach+0xe8/0x190 ? target_block+0x8/0x8 bus_for_each_dev+0xc0/0x110 driver_attach+0x19/0x20 bus_add_driver+0x119/0x200 ? cleanup_module.cfi_jt+0x10/0x10 [xrp] driver_register+0x85/0x120 __platform_driver_register+0x31/0x40 init_module+0x17/0x1000 [xrp] do_one_initcall+0x1d8/0x3a0 do_init_module+0x5b/0x210 load_module+0x4223/0x4520 ? kernel_read_file+0x160/0x1e0 __x64_sys_finit_module+0xd1/0x100 ? __x64_sys_rmdir.cfi_jt+0x8/0x8 do_syscall_64+0x6d/0xb0 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Fix it by defining xrp_acpi_init_v[01] according to the xrp_init_function type. Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.