| Message ID | 20191119105118.54285-5-hverkuil-cisco@xs4all.nl (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | input: rmi4/synaptics fixes | expand |
Hi Hans, On Di, 2019-11-19 at 11:51 +0100, Hans Verkuil wrote: > The irq_find_mapping() function can return 0 when called in the > rmi_process_interrupt_requests() function. > > This causes a kernel crash. Check for a 0 value and skip calling > handle_nested_irq() in that case. > > This was tested with the F54 function enabled on a Lenovo X1 Carbon. > > Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl> > Fixes: 24d28e4f1271 ("Input: synaptics-rmi4 - convert irq distribution to irq_domain") This is already fixed upstream by 549766ac2ac1 "Input: synaptics-rmi4 - clear IRQ enables for F54" Regards, Lucas > --- > drivers/input/rmi4/rmi_driver.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > diff --git a/drivers/input/rmi4/rmi_driver.c b/drivers/input/rmi4/rmi_driver.c > index 772493b1f665..6085ec424a84 100644 > --- a/drivers/input/rmi4/rmi_driver.c > +++ b/drivers/input/rmi4/rmi_driver.c > @@ -154,8 +154,12 @@ static int rmi_process_interrupt_requests(struct rmi_device *rmi_dev) > */ > mutex_unlock(&data->irq_mutex); > > - for_each_set_bit(i, data->irq_status, data->irq_count) > - handle_nested_irq(irq_find_mapping(data->irqdomain, i)); > + for_each_set_bit(i, data->irq_status, data->irq_count) { > + unsigned int irq = irq_find_mapping(data->irqdomain, i); > + > + if (irq) > + handle_nested_irq(irq); > + } > > if (data->input) > input_sync(data->input);
On 11/19/19 12:38 PM, Lucas Stach wrote: > Hi Hans, > > On Di, 2019-11-19 at 11:51 +0100, Hans Verkuil wrote: >> The irq_find_mapping() function can return 0 when called in the >> rmi_process_interrupt_requests() function. >> >> This causes a kernel crash. Check for a 0 value and skip calling >> handle_nested_irq() in that case. >> >> This was tested with the F54 function enabled on a Lenovo X1 Carbon. >> >> Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl> >> Fixes: 24d28e4f1271 ("Input: synaptics-rmi4 - convert irq distribution to irq_domain") > > This is already fixed upstream by 549766ac2ac1 > "Input: synaptics-rmi4 - clear IRQ enables for F54" Good news. I'm not subscribed to the linux-input ML, so I never saw that. Ah, I now see that I'm missing a whole bunch of patches that were added after v5.4-rc1. I'll test this again next week (I don't have access to my Lenovo at the moment). Regards, Hans > > Regards, > Lucas > >> --- >> drivers/input/rmi4/rmi_driver.c | 8 ++++++-- >> 1 file changed, 6 insertions(+), 2 deletions(-) >> >> diff --git a/drivers/input/rmi4/rmi_driver.c b/drivers/input/rmi4/rmi_driver.c >> index 772493b1f665..6085ec424a84 100644 >> --- a/drivers/input/rmi4/rmi_driver.c >> +++ b/drivers/input/rmi4/rmi_driver.c >> @@ -154,8 +154,12 @@ static int rmi_process_interrupt_requests(struct rmi_device *rmi_dev) >> */ >> mutex_unlock(&data->irq_mutex); >> >> - for_each_set_bit(i, data->irq_status, data->irq_count) >> - handle_nested_irq(irq_find_mapping(data->irqdomain, i)); >> + for_each_set_bit(i, data->irq_status, data->irq_count) { >> + unsigned int irq = irq_find_mapping(data->irqdomain, i); >> + >> + if (irq) >> + handle_nested_irq(irq); >> + } >> >> if (data->input) >> input_sync(data->input); >
On 11/19/19 12:43 PM, Hans Verkuil wrote: > On 11/19/19 12:38 PM, Lucas Stach wrote: >> Hi Hans, >> >> On Di, 2019-11-19 at 11:51 +0100, Hans Verkuil wrote: >>> The irq_find_mapping() function can return 0 when called in the >>> rmi_process_interrupt_requests() function. >>> >>> This causes a kernel crash. Check for a 0 value and skip calling >>> handle_nested_irq() in that case. >>> >>> This was tested with the F54 function enabled on a Lenovo X1 Carbon. >>> >>> Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl> >>> Fixes: 24d28e4f1271 ("Input: synaptics-rmi4 - convert irq distribution to irq_domain") >> >> This is already fixed upstream by 549766ac2ac1 >> "Input: synaptics-rmi4 - clear IRQ enables for F54" > > Good news. I'm not subscribed to the linux-input ML, so I never saw that. > > Ah, I now see that I'm missing a whole bunch of patches that were added > after v5.4-rc1. I'll test this again next week (I don't have access to my > Lenovo at the moment). Tested with v5.4-rc8 and I can confirm that this patch is not needed anymore and can be dropped. Regards, Hans > > Regards, > > Hans > >> >> Regards, >> Lucas >> >>> --- >>> drivers/input/rmi4/rmi_driver.c | 8 ++++++-- >>> 1 file changed, 6 insertions(+), 2 deletions(-) >>> >>> diff --git a/drivers/input/rmi4/rmi_driver.c b/drivers/input/rmi4/rmi_driver.c >>> index 772493b1f665..6085ec424a84 100644 >>> --- a/drivers/input/rmi4/rmi_driver.c >>> +++ b/drivers/input/rmi4/rmi_driver.c >>> @@ -154,8 +154,12 @@ static int rmi_process_interrupt_requests(struct rmi_device *rmi_dev) >>> */ >>> mutex_unlock(&data->irq_mutex); >>> >>> - for_each_set_bit(i, data->irq_status, data->irq_count) >>> - handle_nested_irq(irq_find_mapping(data->irqdomain, i)); >>> + for_each_set_bit(i, data->irq_status, data->irq_count) { >>> + unsigned int irq = irq_find_mapping(data->irqdomain, i); >>> + >>> + if (irq) >>> + handle_nested_irq(irq); >>> + } >>> >>> if (data->input) >>> input_sync(data->input); >> >
diff --git a/drivers/input/rmi4/rmi_driver.c b/drivers/input/rmi4/rmi_driver.c index 772493b1f665..6085ec424a84 100644 --- a/drivers/input/rmi4/rmi_driver.c +++ b/drivers/input/rmi4/rmi_driver.c @@ -154,8 +154,12 @@ static int rmi_process_interrupt_requests(struct rmi_device *rmi_dev) */ mutex_unlock(&data->irq_mutex); - for_each_set_bit(i, data->irq_status, data->irq_count) - handle_nested_irq(irq_find_mapping(data->irqdomain, i)); + for_each_set_bit(i, data->irq_status, data->irq_count) { + unsigned int irq = irq_find_mapping(data->irqdomain, i); + + if (irq) + handle_nested_irq(irq); + } if (data->input) input_sync(data->input);
The irq_find_mapping() function can return 0 when called in the rmi_process_interrupt_requests() function. This causes a kernel crash. Check for a 0 value and skip calling handle_nested_irq() in that case. This was tested with the F54 function enabled on a Lenovo X1 Carbon. Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl> Fixes: 24d28e4f1271 ("Input: synaptics-rmi4 - convert irq distribution to irq_domain") --- drivers/input/rmi4/rmi_driver.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-)