| Message ID | 20210814235514.403426-1-linus.walleij@linaro.org (mailing list archive) |
|---|---|
| State | Accepted, archived |
| Headers | show |
| Series | clk: kirkwood: Fix a clocking boot regression | expand |
On Sun, Aug 15, 2021 at 01:55:14AM +0200, Linus Walleij wrote: > Since a few kernel releases the Pogoplug 4 has crashed like this > during boot: > > Unable to handle kernel NULL pointer dereference at virtual address 00000002 > (...) > [<c04116ec>] (strlen) from [<c00ead80>] (kstrdup+0x1c/0x4c) > [<c00ead80>] (kstrdup) from [<c04591d8>] (__clk_register+0x44/0x37c) > [<c04591d8>] (__clk_register) from [<c04595ec>] (clk_hw_register+0x20/0x44) > [<c04595ec>] (clk_hw_register) from [<c045bfa8>] (__clk_hw_register_mux+0x198/0x1e4) > [<c045bfa8>] (__clk_hw_register_mux) from [<c045c050>] (clk_register_mux_table+0x5c/0x6c) > [<c045c050>] (clk_register_mux_table) from [<c0acf3e0>] (kirkwood_clk_muxing_setup.constprop.0+0x13c/0x1ac) > [<c0acf3e0>] (kirkwood_clk_muxing_setup.constprop.0) from [<c0aceae0>] (of_clk_init+0x12c/0x214) > [<c0aceae0>] (of_clk_init) from [<c0ab576c>] (time_init+0x20/0x2c) > [<c0ab576c>] (time_init) from [<c0ab3d18>] (start_kernel+0x3dc/0x56c) > [<c0ab3d18>] (start_kernel) from [<00000000>] (0x0) > Code: e3130020 1afffffb e12fff1e c08a1078 (e5d03000) > > This is because the "powersave" mux clock 0 was provided in an unterminated > array, which is required by the loop in the driver: > > /* Count, allocate, and register clock muxes */ > for (n = 0; desc[n].name;) > n++; > > Here n will go out of bounds and then call clk_register_mux() on random > memory contents after the mux clock. > > Fix this by terminating the array with a blank entry. > > Fixes: 105299381d87 ("cpufreq: kirkwood: use the powersave multiplexer") > Cc: stable@vger.kernel.org > Cc: Andrew Lunn <andrew@lunn.ch> > Cc: Chris Packham <chris.packham@alliedtelesis.co.nz> > Cc: Gregory CLEMENT <gregory.clement@bootlin.com> > Cc: Sebastian Hesselbarth <sebastian.hesselbarth@gmail.com> > Signed-off-by: Linus Walleij <linus.walleij@linaro.org> Thanks Linus Reviewed-by: Andrew Lunn <andrew@lunn.ch> Andrew
Quoting Linus Walleij (2021-08-14 16:55:14) > Since a few kernel releases the Pogoplug 4 has crashed like this > during boot: > > Unable to handle kernel NULL pointer dereference at virtual address 00000002 > (...) > [<c04116ec>] (strlen) from [<c00ead80>] (kstrdup+0x1c/0x4c) > [<c00ead80>] (kstrdup) from [<c04591d8>] (__clk_register+0x44/0x37c) > [<c04591d8>] (__clk_register) from [<c04595ec>] (clk_hw_register+0x20/0x44) > [<c04595ec>] (clk_hw_register) from [<c045bfa8>] (__clk_hw_register_mux+0x198/0x1e4) > [<c045bfa8>] (__clk_hw_register_mux) from [<c045c050>] (clk_register_mux_table+0x5c/0x6c) > [<c045c050>] (clk_register_mux_table) from [<c0acf3e0>] (kirkwood_clk_muxing_setup.constprop.0+0x13c/0x1ac) > [<c0acf3e0>] (kirkwood_clk_muxing_setup.constprop.0) from [<c0aceae0>] (of_clk_init+0x12c/0x214) > [<c0aceae0>] (of_clk_init) from [<c0ab576c>] (time_init+0x20/0x2c) > [<c0ab576c>] (time_init) from [<c0ab3d18>] (start_kernel+0x3dc/0x56c) > [<c0ab3d18>] (start_kernel) from [<00000000>] (0x0) > Code: e3130020 1afffffb e12fff1e c08a1078 (e5d03000) > > This is because the "powersave" mux clock 0 was provided in an unterminated > array, which is required by the loop in the driver: > > /* Count, allocate, and register clock muxes */ > for (n = 0; desc[n].name;) > n++; > > Here n will go out of bounds and then call clk_register_mux() on random > memory contents after the mux clock. > > Fix this by terminating the array with a blank entry. > > Fixes: 105299381d87 ("cpufreq: kirkwood: use the powersave multiplexer") > Cc: stable@vger.kernel.org > Cc: Andrew Lunn <andrew@lunn.ch> > Cc: Chris Packham <chris.packham@alliedtelesis.co.nz> > Cc: Gregory CLEMENT <gregory.clement@bootlin.com> > Cc: Sebastian Hesselbarth <sebastian.hesselbarth@gmail.com> > Signed-off-by: Linus Walleij <linus.walleij@linaro.org> > --- Applied to clk-next
diff --git a/drivers/clk/mvebu/kirkwood.c b/drivers/clk/mvebu/kirkwood.c index 47680237d0be..43b31af3a2ce 100644 --- a/drivers/clk/mvebu/kirkwood.c +++ b/drivers/clk/mvebu/kirkwood.c @@ -265,6 +265,7 @@ static const char *powersave_parents[] = { static const struct clk_muxing_soc_desc kirkwood_mux_desc[] __initconst = { { "powersave", powersave_parents, ARRAY_SIZE(powersave_parents), 11, 1, 0 }, + { }, }; static struct clk *clk_muxing_get_src(
Since a few kernel releases the Pogoplug 4 has crashed like this during boot: Unable to handle kernel NULL pointer dereference at virtual address 00000002 (...) [<c04116ec>] (strlen) from [<c00ead80>] (kstrdup+0x1c/0x4c) [<c00ead80>] (kstrdup) from [<c04591d8>] (__clk_register+0x44/0x37c) [<c04591d8>] (__clk_register) from [<c04595ec>] (clk_hw_register+0x20/0x44) [<c04595ec>] (clk_hw_register) from [<c045bfa8>] (__clk_hw_register_mux+0x198/0x1e4) [<c045bfa8>] (__clk_hw_register_mux) from [<c045c050>] (clk_register_mux_table+0x5c/0x6c) [<c045c050>] (clk_register_mux_table) from [<c0acf3e0>] (kirkwood_clk_muxing_setup.constprop.0+0x13c/0x1ac) [<c0acf3e0>] (kirkwood_clk_muxing_setup.constprop.0) from [<c0aceae0>] (of_clk_init+0x12c/0x214) [<c0aceae0>] (of_clk_init) from [<c0ab576c>] (time_init+0x20/0x2c) [<c0ab576c>] (time_init) from [<c0ab3d18>] (start_kernel+0x3dc/0x56c) [<c0ab3d18>] (start_kernel) from [<00000000>] (0x0) Code: e3130020 1afffffb e12fff1e c08a1078 (e5d03000) This is because the "powersave" mux clock 0 was provided in an unterminated array, which is required by the loop in the driver: /* Count, allocate, and register clock muxes */ for (n = 0; desc[n].name;) n++; Here n will go out of bounds and then call clk_register_mux() on random memory contents after the mux clock. Fix this by terminating the array with a blank entry. Fixes: 105299381d87 ("cpufreq: kirkwood: use the powersave multiplexer") Cc: stable@vger.kernel.org Cc: Andrew Lunn <andrew@lunn.ch> Cc: Chris Packham <chris.packham@alliedtelesis.co.nz> Cc: Gregory CLEMENT <gregory.clement@bootlin.com> Cc: Sebastian Hesselbarth <sebastian.hesselbarth@gmail.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org> --- drivers/clk/mvebu/kirkwood.c | 1 + 1 file changed, 1 insertion(+)