[PATCH 3.14 032/158] s390/cio: fix driver callback initialization for ccw consoles

From: Greg Kroah-Hartman
Date: Sun May 04 2014 - 12:54:59 EST

Next message: Greg Kroah-Hartman: "[PATCH 3.14 033/158] KVM: s390: Optimize ucontrol path"
Previous message: Greg Kroah-Hartman: "[PATCH 3.14 031/158] spi: dw: Dont call kfree for memory allocated by devm_kzalloc"
In reply to: Greg Kroah-Hartman: "[PATCH 3.14 031/158] spi: dw: Dont call kfree for memory allocated by devm_kzalloc"
Next in thread: Greg Kroah-Hartman: "[PATCH 3.14 033/158] KVM: s390: Optimize ucontrol path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.14-stable review patch. If anyone has any objections, please let me know.

------------------

From: Sebastian Ott <sebott@xxxxxxxxxxxxxxxxxx>

commit 2253e8d79237c69086ded391e6767afe16972527 upstream.

ccw consoles are in use before they can be properly registered with
the driver core. For devices which are in use by a device driver we
rely on the ccw_device's pointer to the driver callbacks to be valid.
For ccw consoles this pointer is NULL until they are registered later
during boot and we dereferenced this pointer. This worked by
chance on 64 bit builds (cdev->drv was NULL but the optional callback
cdev->drv->path_event was also NULL by coincidence) and was unnoticed
until we received reports about boot failures on 31 bit systems.
Fix it by initializing the driver pointer for ccw consoles.

Reported-by: Mike Frysinger <vapier@xxxxxxxxxx>
Reported-by: Heiko Carstens <heiko.carstens@xxxxxxxxxx>
Reviewed-by: Peter Oberparleiter <oberpar@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Sebastian Ott <sebott@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Martin Schwidefsky <schwidefsky@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
arch/s390/include/asm/ccwdev.h | 2 +-
drivers/s390/char/con3215.c | 2 +-
drivers/s390/char/con3270.c | 6 +-----
drivers/s390/char/raw3270.c | 10 +++++++++-
drivers/s390/char/raw3270.h | 2 +-
drivers/s390/cio/device.c | 3 ++-
6 files changed, 15 insertions(+), 10 deletions(-)

--- a/arch/s390/include/asm/ccwdev.h
+++ b/arch/s390/include/asm/ccwdev.h
@@ -219,7 +219,7 @@ extern void ccw_device_get_id(struct ccw
#define to_ccwdev(n) container_of(n, struct ccw_device, dev)
#define to_ccwdrv(n) container_of(n, struct ccw_driver, driver)

-extern struct ccw_device *ccw_device_probe_console(void);
+extern struct ccw_device *ccw_device_probe_console(struct ccw_driver *);
extern void ccw_device_wait_idle(struct ccw_device *);
extern int ccw_device_force_console(struct ccw_device *);

--- a/drivers/s390/char/con3215.c
+++ b/drivers/s390/char/con3215.c
@@ -922,7 +922,7 @@ static int __init con3215_init(void)
raw3215_freelist = req;
}

- cdev = ccw_device_probe_console();
+ cdev = ccw_device_probe_console(&raw3215_ccw_driver);
if (IS_ERR(cdev))
return -ENODEV;

--- a/drivers/s390/char/con3270.c
+++ b/drivers/s390/char/con3270.c
@@ -576,7 +576,6 @@ static struct console con3270 = {
static int __init
con3270_init(void)
{
- struct ccw_device *cdev;
struct raw3270 *rp;
void *cbuf;
int i;
@@ -591,10 +590,7 @@ con3270_init(void)
cpcmd("TERM AUTOCR OFF", NULL, 0, NULL);
}

- cdev = ccw_device_probe_console();
- if (IS_ERR(cdev))
- return -ENODEV;
- rp = raw3270_setup_console(cdev);
+ rp = raw3270_setup_console();
if (IS_ERR(rp))
return PTR_ERR(rp);

--- a/drivers/s390/char/raw3270.c
+++ b/drivers/s390/char/raw3270.c
@@ -776,16 +776,24 @@ raw3270_setup_device(struct ccw_device *
}

#ifdef CONFIG_TN3270_CONSOLE
+/* Tentative definition - see below for actual definition. */
+static struct ccw_driver raw3270_ccw_driver;
+
/*
* Setup 3270 device configured as console.
*/
-struct raw3270 __init *raw3270_setup_console(struct ccw_device *cdev)
+struct raw3270 __init *raw3270_setup_console(void)
{
+ struct ccw_device *cdev;
unsigned long flags;
struct raw3270 *rp;
char *ascebc;
int rc;

+ cdev = ccw_device_probe_console(&raw3270_ccw_driver);
+ if (IS_ERR(cdev))
+ return ERR_CAST(cdev);
+
rp = kzalloc(sizeof(struct raw3270), GFP_KERNEL | GFP_DMA);
ascebc = kzalloc(256, GFP_KERNEL);
rc = raw3270_setup_device(cdev, rp, ascebc);
--- a/drivers/s390/char/raw3270.h
+++ b/drivers/s390/char/raw3270.h
@@ -190,7 +190,7 @@ raw3270_put_view(struct raw3270_view *vi
wake_up(&raw3270_wait_queue);
}

-struct raw3270 *raw3270_setup_console(struct ccw_device *cdev);
+struct raw3270 *raw3270_setup_console(void);
void raw3270_wait_cons_dev(struct raw3270 *);

/* Notifier for device addition/removal */
--- a/drivers/s390/cio/device.c
+++ b/drivers/s390/cio/device.c
@@ -1609,7 +1609,7 @@ out_unlock:
return rc;
}

-struct ccw_device *ccw_device_probe_console(void)
+struct ccw_device *ccw_device_probe_console(struct ccw_driver *drv)
{
struct io_subchannel_private *io_priv;
struct ccw_device *cdev;
@@ -1631,6 +1631,7 @@ struct ccw_device *ccw_device_probe_cons
kfree(io_priv);
return cdev;
}
+ cdev->drv = drv;
set_io_private(sch, io_priv);
ret = ccw_device_console_enable(cdev, sch);
if (ret) {

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg Kroah-Hartman: "[PATCH 3.14 033/158] KVM: s390: Optimize ucontrol path"
Previous message: Greg Kroah-Hartman: "[PATCH 3.14 031/158] spi: dw: Dont call kfree for memory allocated by devm_kzalloc"
In reply to: Greg Kroah-Hartman: "[PATCH 3.14 031/158] spi: dw: Dont call kfree for memory allocated by devm_kzalloc"
Next in thread: Greg Kroah-Hartman: "[PATCH 3.14 033/158] KVM: s390: Optimize ucontrol path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]