In Linux-4.16, drivers/video/fbdev/broadsheetfb.c,
158. static void broadsheet_mmio_send_cmdargs(...) { ...... 163. par->board->mmio_write(...); ...... 166. par->board->mmio_write(...); 167. }
For x86 kernel configuration, I find that there is no assignment of the function pointer ".mmio_write" in the kernel code. So calling the function pointer in lines 163 and 166 may cause a null pointer dereference.
In this file, there are many calls to this function pointer...
Best wishes, Jia-Ju Bai
On Thursday, July 26, 2018 10:17:44 PM bai wrote:
In Linux-4.16, drivers/video/fbdev/broadsheetfb.c,
- static void broadsheet_mmio_send_cmdargs(...) { ......
par->board->mmio_write(...); ......par->board->mmio_write(...);- }
For x86 kernel configuration, I find that there is no assignment of the function pointer ".mmio_write" in the kernel code. So calling the function pointer in lines 163 and 166 may cause a null pointer dereference.
In this file, there are many calls to this function pointer...
This is a platform driver and it won't be used on x86 (actually it is used only by single ARM PXA board). The dependency for FB_BROADSHEET in Kconfig file could be improved to i.e.
depends on FB && (ARCH_PXA || COMPILE_TEST)
but there is no bug there.
Best regards, -- Bartlomiej Zolnierkiewicz Samsung R&D Institute Poland Samsung Electronics
On 2018/7/26 22:34, Bartlomiej Zolnierkiewicz wrote:
On Thursday, July 26, 2018 10:17:44 PM bai wrote:
In Linux-4.16, drivers/video/fbdev/broadsheetfb.c,
- static void broadsheet_mmio_send_cmdargs(...) { ......
par->board->mmio_write(...); ......par->board->mmio_write(...);- }
For x86 kernel configuration, I find that there is no assignment of the function pointer ".mmio_write" in the kernel code. So calling the function pointer in lines 163 and 166 may cause a null pointer dereference.
In this file, there are many calls to this function pointer...
This is a platform driver and it won't be used on x86 (actually it is used only by single ARM PXA board). The dependency for FB_BROADSHEET in Kconfig file could be improved to i.e.
depends on FB && (ARCH_PXA || COMPILE_TEST)
but there is no bug there.
Thanks for the reply :) So I want to submit a patch of updating Kconfig in drivers/video/fbdev/Kconfig:
config FB_BROADSHEET tristate "E-Ink Broadsheet/Epson S1D13521 controller support" - depends on FB + depends on FB && (ARCH_PXA || COMPILE_TEST) select FB_SYS_FILLRECT select FB_SYS_COPYAREA select FB_SYS_IMAGEBLIT select FB_SYS_FOPS select FB_DEFERRED_IO
Do you think it is okay?
Best wishes, Jia-Ju Bai
On Friday, July 27, 2018 09:49:41 AM Jia-Ju Bai wrote:
On 2018/7/26 22:34, Bartlomiej Zolnierkiewicz wrote:
On Thursday, July 26, 2018 10:17:44 PM bai wrote:
In Linux-4.16, drivers/video/fbdev/broadsheetfb.c,
- static void broadsheet_mmio_send_cmdargs(...) { ......
par->board->mmio_write(...); ......par->board->mmio_write(...);- }
For x86 kernel configuration, I find that there is no assignment of the function pointer ".mmio_write" in the kernel code. So calling the function pointer in lines 163 and 166 may cause a null pointer dereference.
In this file, there are many calls to this function pointer...
This is a platform driver and it won't be used on x86 (actually it is used only by single ARM PXA board). The dependency for FB_BROADSHEET in Kconfig file could be improved to i.e.
depends on FB && (ARCH_PXA || COMPILE_TEST)
but there is no bug there.
Thanks for the reply :) So I want to submit a patch of updating Kconfig in drivers/video/fbdev/Kconfig:
config FB_BROADSHEET tristate "E-Ink Broadsheet/Epson S1D13521 controller support"
- depends on FB
- depends on FB && (ARCH_PXA || COMPILE_TEST) select FB_SYS_FILLRECT select FB_SYS_COPYAREA select FB_SYS_IMAGEBLIT select FB_SYS_FOPS select FB_DEFERRED_IO
Do you think it is okay?
Please read Documentation/process/submitting-patches.rst.
Best regards, -- Bartlomiej Zolnierkiewicz Samsung R&D Institute Poland Samsung Electronics
dri-devel@lists.freedesktop.org
-
bai -
Bartlomiej Zolnierkiewicz -
Jia-Ju Bai