e10554738cab4224e097c2f9d975ea781a4fcde4 |
|
04-Nov-2014 |
Lars-Peter Clausen <lars@metafoo.de> |
staging:iio:ade7758: Fix NULL pointer deref when enabling buffer In older versions of the IIO framework it was possible to pass a completely different set of channels to iio_buffer_register() as the one that is assigned to the IIO device. Commit 959d2952d124 ("staging:iio: make iio_sw_buffer_preenable much more general.") introduced a restriction that requires that the set of channels that is passed to iio_buffer_register() is a subset of the channels assigned to the IIO device as the IIO core will use the list of channels that is assigned to the device to lookup a channel by scan index in iio_compute_scan_bytes(). If it can not find the channel the function will crash. This patch fixes the issue by making sure that the same set of channels is assigned to the IIO device and passed to iio_buffer_register(). Note that we need to remove the IIO_CHAN_INFO_RAW and IIO_CHAN_INFO_SCALE info attributes from the channels since we don't actually want those to be registered. Fixes the following crash: Unable to handle kernel NULL pointer dereference at virtual address 00000016 pgd = d2094000 [00000016] *pgd=16e39831, *pte=00000000, *ppte=00000000 Internal error: Oops: 17 [#1] PREEMPT SMP ARM Modules linked in: CPU: 1 PID: 1695 Comm: bash Not tainted 3.17.0-06329-g29461ee #9686 task: d7768040 ti: d5bd4000 task.ti: d5bd4000 PC is at iio_compute_scan_bytes+0x38/0xc0 LR is at iio_compute_scan_bytes+0x34/0xc0 pc : [<c0316de8>] lr : [<c0316de4>] psr: 60070013 sp : d5bd5ec0 ip : 00000000 fp : 00000000 r10: d769f934 r9 : 00000000 r8 : 00000001 r7 : 00000000 r6 : c8fc6240 r5 : d769f800 r4 : 00000000 r3 : d769f800 r2 : 00000000 r1 : ffffffff r0 : 00000000 Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user Control: 18c5387d Table: 1209404a DAC: 00000015 Process bash (pid: 1695, stack limit = 0xd5bd4240) Stack: (0xd5bd5ec0 to 0xd5bd6000) 5ec0: d769f800 d7435640 c8fc6240 d769f984 00000000 c03175a4 d7435690 d7435640 5ee0: d769f990 00000002 00000000 d769f800 d5bd4000 00000000 000b43a8 c03177f4 5f00: d769f810 0162b8c8 00000002 c8fc7e00 d77f1d08 d77f1da8 c8fc7e00 c01faf1c 5f20: 00000002 c010694c c010690c d5bd5f88 00000002 c8fc6840 c8fc684c c0105e08 5f40: 00000000 00000000 d20d1580 00000002 000af408 d5bd5f88 c000de84 c00b76d4 5f60: d20d1580 000af408 00000002 d20d1580 d20d1580 00000002 000af408 c000de84 5f80: 00000000 c00b7a44 00000000 00000000 00000002 b6ebea78 00000002 000af408 5fa0: 00000004 c000dd00 b6ebea78 00000002 00000001 000af408 00000002 00000000 5fc0: b6ebea78 00000002 000af408 00000004 bee96a4c 000a6094 00000000 000b43a8 5fe0: 00000000 bee969cc b6e2eb77 b6e6525c 40070010 00000001 00000000 00000000 [<c0316de8>] (iio_compute_scan_bytes) from [<c03175a4>] (__iio_update_buffers+0x248/0x438) [<c03175a4>] (__iio_update_buffers) from [<c03177f4>] (iio_buffer_store_enable+0x60/0x7c) [<c03177f4>] (iio_buffer_store_enable) from [<c01faf1c>] (dev_attr_store+0x18/0x24) [<c01faf1c>] (dev_attr_store) from [<c010694c>] (sysfs_kf_write+0x40/0x4c) [<c010694c>] (sysfs_kf_write) from [<c0105e08>] (kernfs_fop_write+0x110/0x154) [<c0105e08>] (kernfs_fop_write) from [<c00b76d4>] (vfs_write+0xbc/0x170) [<c00b76d4>] (vfs_write) from [<c00b7a44>] (SyS_write+0x40/0x78) [<c00b7a44>] (SyS_write) from [<c000dd00>] (ret_fast_syscall+0x0/0x30) Fixes: 959d2952d124 ("staging:iio: make iio_sw_buffer_preenable much more general.") Signed-off-by: Lars-Peter Clausen <lars@metafoo.de> Cc: <stable@vger.kernel.org> Signed-off-by: Jonathan Cameron <jic23@kernel.org>
|
48edf8eb53daf98b1fc4498ac54b27c08b955248 |
|
04-Oct-2012 |
Lars-Peter Clausen <lars@metafoo.de> |
staging:iio: Remove unused DRIVER_NAME defines Some drivers define a DRIVER_NAME, but never use the define. This patch removes defines. Signed-off-by: Lars-Peter Clausen <lars@metafoo.de> Signed-off-by: Jonathan Cameron <jic23@kernel.org>
|
f4e4b9558bc696cc89de460e754d3fecb50b13cb |
|
09-Aug-2012 |
Lars-Peter Clausen <lars@metafoo.de> |
staging:iio: Constify static iio_chan_spec arrays The per driver iio_chan_spec arrays are usually shared between multiple device instances. So a single device instance may not modify the iio_chan_spec array since this would also affect the other device instances. To make this restriction explicit mark the per driver iio_chan_spec arrays as const. Conversion was done automatically using the following coccinelle semantic patch: // <smpl> @disable optional_qualifier@ identifier channels; @@ static +const struct iio_chan_spec channels[] = ...; // </smpl> Signed-off-by: Lars-Peter Clausen <lars@metafoo.de> Signed-off-by: Jonathan Cameron <jic23@kernel.org>
|
ee0312a05ddceb0fc871f39b8f56b4cabc5176aa |
|
09-Jul-2012 |
Lars-Peter Clausen <lars@metafoo.de> |
staging:iio:ade7758: Use iio_validate_scan_mask_onehot Only one of the channels of the ade7758 may be sampled at a time. Use the new validate_scan_mask callback and the iio_validate_scan_mask_onehot function to implement this restriction. Previously this was implemented using available_scan_masks, but this requires a individual scan mask for each channel. Signed-off-by: Lars-Peter Clausen <lars@metafoo.de> Signed-off-by: Jonathan Cameron <jic23@kernel.org>
|
f2a96245baccc07f770d5993f6a523e84e44336f |
|
21-Sep-2011 |
Jonathan Cameron <jic23@cam.ac.uk> |
staging:iio: tree wide IIO_RING_BUFFER config symbol to IIO_BUFFER Functionality is generic, so name is missleading. Signed-off-by: Jonathan Cameron <jic23@cam.ac.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
32b5eecab0f2d6f66f2e237e161d58d5916f8b13 |
|
02-Sep-2011 |
Jonathan Cameron <jic23@cam.ac.uk> |
staging:iio: Switch the channel masks to bitmaps so as to allow for more channels. This is as light as possible on changes to current drivers. Some drivers make assumptions that their masks fit in a single long. Given they were previously working this is clearly valid if not tidy. The max1363 is an example where there should be no such assumptions. V2: Add the new ad5933 Signed-off-by: Jonathan Cameron <jic23@cam.ac.uk> Acked-by: Michael Hennerich <Michael.Hennerich@analog.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
1aa042783251c27a93e31929c24647729db326d4 |
|
30-Aug-2011 |
Jonathan Cameron <jic23@cam.ac.uk> |
staging: iio: push the main buffer chrdev down to the top level. Sorry all, this one is very invasive, though the driver changes are just trivial interface fixes. Not all done yet. V2 - bring the sca3000 with us. V3 - fix ade7758 bugs in conversion. V4 - add ad5933 Signed-off-by: Jonathan Cameron <jic23@cam.ac.uk> Acked-by: Michael Hennerich <michael.hennerich@analog.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
a3f02370c9fa6d85fbee2c11649ebc9c84bae919 |
|
18-May-2011 |
Michael Hennerich <michael.hennerich@analog.com> |
staging:iio:meter:ade7758: Use private data space from iio_allocate_device Use private data space from iio_allocate_device. Drop dev_data in favor of iio_priv(). Fix indention issues from previous patches. Signed-off-by: Michael Hennerich <michael.hennerich@analog.com> Acked-by: Jonathan Cameron <jic23@cam.ac.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
8a27a023f8f66a8361c5e3d8160a690f480479ec |
|
18-May-2011 |
Michael Hennerich <michael.hennerich@analog.com> |
staging:iio:meter:ade7758: Use iio channel spec and miscellaneous other changes. Use iio channel spec for the ring buffer channels. Add/update file comment/license headers. Use available_scan_masks to prevent that multiple channels are enabled. Remove wavefrom type attributes. (no handled directly by the scan_elements) Use SPI_MODE_1. Move ade7758_initial_setup() before ade7758_probe_trigger() to ensure the ADE7758 interrupt is disabled when the host interrupt get's enabled. Add spi_device_id. Update ring buffer setup. Some backporting needed to ensure driver builds all the way through core changes. Signed-off-by: Michael Hennerich <michael.hennerich@analog.com> Signed-off-by: Jonathan Cameron <jic23@cam.ac.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
3f00ca47fcfa79673ee960afaccc7fcbfbcb5946 |
|
18-May-2011 |
Jonathan Cameron <jic23@cam.ac.uk> |
staging:iio:meter:ade7758 move to irqchip based trigger handling. Untested Signed-off-by: Jonathan Cameron <jic23@cam.ac.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
25985edcedea6396277003854657b5f3cb31a628 |
|
31-Mar-2011 |
Lucas De Marchi <lucas.demarchi@profusion.mobi> |
Fix common misspellings Fixes generated by 'codespell' and manually reviewed. Signed-off-by: Lucas De Marchi <lucas.demarchi@profusion.mobi>
|
8210cfe9bd99fd63fae0b60c40fa793b8454e381 |
|
28-Oct-2010 |
Barry Song <barry.song@analog.com> |
staging: iio: meter: new driver for ADE7758 devices Signed-off-by: Barry Song <barry.song@analog.com> Signed-off-by: Michael Hennerich <michael.hennerich@analog.com> Acked-by: Jonathan Cameron <jic23@cam.ac.uk> Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|