<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/drivers/tty/serial, branch linux-3.18.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>serial: uartps: console_setup() can't be placed to init section</title>
<updated>2019-04-27T07:30:28+00:00</updated>
<author>
<name>Michal Simek</name>
<email>michal.simek@xilinx.com</email>
</author>
<published>2018-09-03T13:10:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=e8672b3c86907297481658730367022ede2c9dfe'/>
<id>e8672b3c86907297481658730367022ede2c9dfe</id>
<content type='text'>
[ Upstream commit 4bb1ce2350a598502b23088b169e16b43d4bc639 ]

When console device is rebinded, console_setup() is called again.
But marking it as __init means that function will be clear after boot is
complete. If console device is binded again console_setup() is not found
and error "Unable to handle kernel paging request at virtual address"
is reported.

Signed-off-by: Michal Simek &lt;michal.simek@xilinx.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 4bb1ce2350a598502b23088b169e16b43d4bc639 ]

When console device is rebinded, console_setup() is called again.
But marking it as __init means that function will be clear after boot is
complete. If console device is binded again console_setup() is not found
and error "Unable to handle kernel paging request at virtual address"
is reported.

Signed-off-by: Michal Simek &lt;michal.simek@xilinx.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc</title>
<updated>2019-04-03T04:22:14+00:00</updated>
<author>
<name>Wentao Wang</name>
<email>witallwang@gmail.com</email>
</author>
<published>2019-03-20T15:30:39+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=69c9fdb685b70bab53a36752de9277f8e78d7d60'/>
<id>69c9fdb685b70bab53a36752de9277f8e78d7d60</id>
<content type='text'>
commit 3ec8002951ea173e24b466df1ea98c56b7920e63 upstream.

Echo "" to /sys/module/kgdboc/parameters/kgdboc will fail with "No such
device” error.

This is caused by function "configure_kgdboc" who init err to ENODEV
when the config is empty (legal input) the code go out with ENODEV
returned.

Fixes: 2dd453168643 ("kgdboc: Fix restrict error")
Signed-off-by: Wentao Wang &lt;witallwang@gmail.com&gt;
Cc: stable &lt;stable@vger.kernel.org&gt;
Acked-by: Daniel Thompson &lt;daniel.thompson@linaro.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 3ec8002951ea173e24b466df1ea98c56b7920e63 upstream.

Echo "" to /sys/module/kgdboc/parameters/kgdboc will fail with "No such
device” error.

This is caused by function "configure_kgdboc" who init err to ENODEV
when the config is empty (legal input) the code go out with ENODEV
returned.

Fixes: 2dd453168643 ("kgdboc: Fix restrict error")
Signed-off-by: Wentao Wang &lt;witallwang@gmail.com&gt;
Cc: stable &lt;stable@vger.kernel.org&gt;
Acked-by: Daniel Thompson &lt;daniel.thompson@linaro.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>serial: max310x: Fix to avoid potential NULL pointer dereference</title>
<updated>2019-04-03T04:22:14+00:00</updated>
<author>
<name>Aditya Pakki</name>
<email>pakki001@umn.edu</email>
</author>
<published>2019-03-18T23:44:14+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=cdae8c6fc96efd376c5c7c1bfcf47a664d13f009'/>
<id>cdae8c6fc96efd376c5c7c1bfcf47a664d13f009</id>
<content type='text'>
commit 3a10e3dd52e80b9a97a3346020024d17b2c272d6 upstream.

of_match_device can return a NULL pointer when matching device is not
found. This patch avoids a scenario causing NULL pointer derefernce.

Signed-off-by: Aditya Pakki &lt;pakki001@umn.edu&gt;
Cc: stable &lt;stable@vger.kernel.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 3a10e3dd52e80b9a97a3346020024d17b2c272d6 upstream.

of_match_device can return a NULL pointer when matching device is not
found. This patch avoids a scenario causing NULL pointer derefernce.

Signed-off-by: Aditya Pakki &lt;pakki001@umn.edu&gt;
Cc: stable &lt;stable@vger.kernel.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling</title>
<updated>2019-03-23T07:18:53+00:00</updated>
<author>
<name>Tomonori Sakita</name>
<email>tomonori.sakita@sord.co.jp</email>
</author>
<published>2019-01-21T08:34:16+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=e3fa9f464464ea5fc3f39912951c009f063c3607'/>
<id>e3fa9f464464ea5fc3f39912951c009f063c3607</id>
<content type='text'>
[ Upstream commit 815d835b7ba46685c316b000013367dacb2b461b ]

Using over-sampling ratio, lpuart can accept baud rate upto uartclk / 4.

Signed-off-by: Tomonori Sakita &lt;tomonori.sakita@sord.co.jp&gt;
Signed-off-by: Atsushi Nemoto &lt;atsushi.nemoto@sord.co.jp&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 815d835b7ba46685c316b000013367dacb2b461b ]

Using over-sampling ratio, lpuart can accept baud rate upto uartclk / 4.

Signed-off-by: Tomonori Sakita &lt;tomonori.sakita@sord.co.jp&gt;
Signed-off-by: Atsushi Nemoto &lt;atsushi.nemoto@sord.co.jp&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>serial: fsl_lpuart: clear parity enable bit when disable parity</title>
<updated>2019-02-20T09:08:56+00:00</updated>
<author>
<name>Andy Duan</name>
<email>fugang.duan@nxp.com</email>
</author>
<published>2018-10-16T07:32:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=62d61e6320c3fad039d8c20a9c1a3299c3cbb688'/>
<id>62d61e6320c3fad039d8c20a9c1a3299c3cbb688</id>
<content type='text'>
[ Upstream commit 397bd9211fe014b347ca8f95a8f4e1017bac1aeb ]

Current driver only enable parity enable bit and never clear it
when user set the termios. The fix clear the parity enable bit when
PARENB flag is not set in termios-&gt;c_cflag.

Cc: Lukas Wunner &lt;lukas@wunner.de&gt;
Signed-off-by: Andy Duan &lt;fugang.duan@nxp.com&gt;
Reviewed-by: Fabio Estevam &lt;festevam@gmail.com&gt;
Acked-by: Uwe Kleine-König &lt;u.kleine-koenig@pengutronix.de&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 397bd9211fe014b347ca8f95a8f4e1017bac1aeb ]

Current driver only enable parity enable bit and never clear it
when user set the termios. The fix clear the parity enable bit when
PARENB flag is not set in termios-&gt;c_cflag.

Cc: Lukas Wunner &lt;lukas@wunner.de&gt;
Signed-off-by: Andy Duan &lt;fugang.duan@nxp.com&gt;
Reviewed-by: Fabio Estevam &lt;festevam@gmail.com&gt;
Acked-by: Uwe Kleine-König &lt;u.kleine-koenig@pengutronix.de&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>drivers/tty: add missing of_node_put()</title>
<updated>2018-12-21T13:08:48+00:00</updated>
<author>
<name>Yangtao Li</name>
<email>tiny.windzz@gmail.com</email>
</author>
<published>2018-11-21T15:22:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=62f93d30318b9324331dd0a93065d17732356a38'/>
<id>62f93d30318b9324331dd0a93065d17732356a38</id>
<content type='text'>
[ Upstream commit dac097c4546e4c5b16dd303a1e97c1d319c8ab3e ]

of_find_node_by_path() acquires a reference to the node
returned by it and that reference needs to be dropped by its caller.
This place is not doing this, so fix it.

Signed-off-by: Yangtao Li &lt;tiny.windzz@gmail.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit dac097c4546e4c5b16dd303a1e97c1d319c8ab3e ]

of_find_node_by_path() acquires a reference to the node
returned by it and that reference needs to be dropped by its caller.
This place is not doing this, so fix it.

Signed-off-by: Yangtao Li &lt;tiny.windzz@gmail.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var()</title>
<updated>2018-12-13T08:22:32+00:00</updated>
<author>
<name>Macpaul Lin</name>
<email>macpaul@gmail.com</email>
</author>
<published>2018-10-17T15:08:38+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=e0e93c095ff1580dd472972f6164943b64d08354'/>
<id>e0e93c095ff1580dd472972f6164943b64d08354</id>
<content type='text'>
commit dada6a43b0402eba438a17ac86fdc64ac56a4607 upstream.

This patch is trying to fix KE issue due to
"BUG: KASAN: global-out-of-bounds in param_set_kgdboc_var+0x194/0x198"
reported by Syzkaller scan."

[26364:syz-executor0][name:report8t]BUG: KASAN: global-out-of-bounds in param_set_kgdboc_var+0x194/0x198
[26364:syz-executor0][name:report&amp;]Read of size 1 at addr ffffff900e44f95f by task syz-executor0/26364
[26364:syz-executor0][name:report&amp;]
[26364:syz-executor0]CPU: 7 PID: 26364 Comm: syz-executor0 Tainted: G W 0
[26364:syz-executor0]Call trace:
[26364:syz-executor0][&lt;ffffff9008095cf8&gt;] dump_bacIctrace+Ox0/0x470
[26364:syz-executor0][&lt;ffffff9008096de0&gt;] show_stack+0x20/0x30
[26364:syz-executor0][&lt;ffffff90089cc9c8&gt;] dump_stack+Oxd8/0x128
[26364:syz-executor0][&lt;ffffff90084edb38&gt;] print_address_description +0x80/0x4a8
[26364:syz-executor0][&lt;ffffff90084ee270&gt;] kasan_report+Ox178/0x390
[26364:syz-executor0][&lt;ffffff90084ee4a0&gt;] _asan_report_loadi_noabort+Ox18/0x20
[26364:syz-executor0][&lt;ffffff9008b092ac&gt;] param_set_kgdboc_var+Ox194/0x198
[26364:syz-executor0][&lt;ffffff900813af64&gt;] param_attr_store+Ox14c/0x270
[26364:syz-executor0][&lt;ffffff90081394c8&gt;] module_attr_store+0x60/0x90
[26364:syz-executor0][&lt;ffffff90086690c0&gt;] sysfs_kl_write+Ox100/0x158
[26364:syz-executor0][&lt;ffffff9008666d84&gt;] kernfs_fop_write+0x27c/0x3a8
[26364:syz-executor0][&lt;ffffff9008508264&gt;] do_loop_readv_writev+0x114/0x1b0
[26364:syz-executor0][&lt;ffffff9008509ac8&gt;] do_readv_writev+0x4f8/0x5e0
[26364:syz-executor0][&lt;ffffff9008509ce4&gt;] vfs_writev+0x7c/Oxb8
[26364:syz-executor0][&lt;ffffff900850ba64&gt;] SyS_writev+Oxcc/0x208
[26364:syz-executor0][&lt;ffffff90080883f0&gt;] elO_svc_naked +0x24/0x28
[26364:syz-executor0][name:report&amp;]
[26364:syz-executor0][name:report&amp;]The buggy address belongs to the variable:
[26364:syz-executor0][name:report&amp;] kgdb_tty_line+Ox3f/0x40
[26364:syz-executor0][name:report&amp;]
[26364:syz-executor0][name:report&amp;]Memory state around the buggy address:
[26364:syz-executor0] ffffff900e44f800: 00 00 00 00 00 04 fa fa fa fa fa fa 00 fa fa fa
[26364:syz-executor0] ffffff900e44f880: fa fa fa fa 00 fa fa fa fa fa fa fa 00 fa fa fa
[26364:syz-executor0]&gt; ffffff900e44f900: fa fa fa fa 04 fa fa fa fa fa fa fa 00 00 00 00
[26364:syz-executor0][name:report&amp;]                                       ^
[26364:syz-executor0] ffffff900e44f980: 00 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa
[26364:syz-executor0] ffffff900e44fa00: 04 fa fa fa fa fa fa fa 00 fa fa fa fa fa fa fa
[26364:syz-executor0][name:report&amp;]
[26364:syz-executor0][name:panic&amp;]Disabling lock debugging due to kernel taint
[26364:syz-executor0]------------[cut here]------------

After checking the source code, we've found there might be an out-of-bounds
access to "config[len - 1]" array when the variable "len" is zero.

Signed-off-by: Macpaul Lin &lt;macpaul@gmail.com&gt;
Acked-by: Daniel Thompson &lt;daniel.thompson@linaro.org&gt;
Cc: stable &lt;stable@vger.kernel.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit dada6a43b0402eba438a17ac86fdc64ac56a4607 upstream.

This patch is trying to fix KE issue due to
"BUG: KASAN: global-out-of-bounds in param_set_kgdboc_var+0x194/0x198"
reported by Syzkaller scan."

[26364:syz-executor0][name:report8t]BUG: KASAN: global-out-of-bounds in param_set_kgdboc_var+0x194/0x198
[26364:syz-executor0][name:report&amp;]Read of size 1 at addr ffffff900e44f95f by task syz-executor0/26364
[26364:syz-executor0][name:report&amp;]
[26364:syz-executor0]CPU: 7 PID: 26364 Comm: syz-executor0 Tainted: G W 0
[26364:syz-executor0]Call trace:
[26364:syz-executor0][&lt;ffffff9008095cf8&gt;] dump_bacIctrace+Ox0/0x470
[26364:syz-executor0][&lt;ffffff9008096de0&gt;] show_stack+0x20/0x30
[26364:syz-executor0][&lt;ffffff90089cc9c8&gt;] dump_stack+Oxd8/0x128
[26364:syz-executor0][&lt;ffffff90084edb38&gt;] print_address_description +0x80/0x4a8
[26364:syz-executor0][&lt;ffffff90084ee270&gt;] kasan_report+Ox178/0x390
[26364:syz-executor0][&lt;ffffff90084ee4a0&gt;] _asan_report_loadi_noabort+Ox18/0x20
[26364:syz-executor0][&lt;ffffff9008b092ac&gt;] param_set_kgdboc_var+Ox194/0x198
[26364:syz-executor0][&lt;ffffff900813af64&gt;] param_attr_store+Ox14c/0x270
[26364:syz-executor0][&lt;ffffff90081394c8&gt;] module_attr_store+0x60/0x90
[26364:syz-executor0][&lt;ffffff90086690c0&gt;] sysfs_kl_write+Ox100/0x158
[26364:syz-executor0][&lt;ffffff9008666d84&gt;] kernfs_fop_write+0x27c/0x3a8
[26364:syz-executor0][&lt;ffffff9008508264&gt;] do_loop_readv_writev+0x114/0x1b0
[26364:syz-executor0][&lt;ffffff9008509ac8&gt;] do_readv_writev+0x4f8/0x5e0
[26364:syz-executor0][&lt;ffffff9008509ce4&gt;] vfs_writev+0x7c/Oxb8
[26364:syz-executor0][&lt;ffffff900850ba64&gt;] SyS_writev+Oxcc/0x208
[26364:syz-executor0][&lt;ffffff90080883f0&gt;] elO_svc_naked +0x24/0x28
[26364:syz-executor0][name:report&amp;]
[26364:syz-executor0][name:report&amp;]The buggy address belongs to the variable:
[26364:syz-executor0][name:report&amp;] kgdb_tty_line+Ox3f/0x40
[26364:syz-executor0][name:report&amp;]
[26364:syz-executor0][name:report&amp;]Memory state around the buggy address:
[26364:syz-executor0] ffffff900e44f800: 00 00 00 00 00 04 fa fa fa fa fa fa 00 fa fa fa
[26364:syz-executor0] ffffff900e44f880: fa fa fa fa 00 fa fa fa fa fa fa fa 00 fa fa fa
[26364:syz-executor0]&gt; ffffff900e44f900: fa fa fa fa 04 fa fa fa fa fa fa fa 00 00 00 00
[26364:syz-executor0][name:report&amp;]                                       ^
[26364:syz-executor0] ffffff900e44f980: 00 fa fa fa fa fa fa fa 04 fa fa fa fa fa fa fa
[26364:syz-executor0] ffffff900e44fa00: 04 fa fa fa fa fa fa fa 00 fa fa fa fa fa fa fa
[26364:syz-executor0][name:report&amp;]
[26364:syz-executor0][name:panic&amp;]Disabling lock debugging due to kernel taint
[26364:syz-executor0]------------[cut here]------------

After checking the source code, we've found there might be an out-of-bounds
access to "config[len - 1]" array when the variable "len" is zero.

Signed-off-by: Macpaul Lin &lt;macpaul@gmail.com&gt;
Acked-by: Daniel Thompson &lt;daniel.thompson@linaro.org&gt;
Cc: stable &lt;stable@vger.kernel.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>kgdboc: Fix warning with module build</title>
<updated>2018-12-13T08:22:30+00:00</updated>
<author>
<name>Laura Abbott</name>
<email>labbott@redhat.com</email>
</author>
<published>2018-09-20T01:59:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=d747e30339d4332240642d13697193268670be2f'/>
<id>d747e30339d4332240642d13697193268670be2f</id>
<content type='text'>
commit 1cd25cbb2fedbc777f3a8c3cb1ba69b645aeaa64 upstream.

After 2dd453168643 ("kgdboc: Fix restrict error"), kgdboc_option_setup is
now only used when built in, resulting in a warning when compiled as a
module:

drivers/tty/serial/kgdboc.c:134:12: warning: 'kgdboc_option_setup' defined but not used [-Wunused-function]
 static int kgdboc_option_setup(char *opt)
            ^~~~~~~~~~~~~~~~~~~

Move the function under the appropriate ifdef for builtin only.

Fixes: 2dd453168643 ("kgdboc: Fix restrict error")
Reported-by: Stephen Rothwell &lt;sfr@canb.auug.org.au&gt;
Signed-off-by: Laura Abbott &lt;labbott@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 1cd25cbb2fedbc777f3a8c3cb1ba69b645aeaa64 upstream.

After 2dd453168643 ("kgdboc: Fix restrict error"), kgdboc_option_setup is
now only used when built in, resulting in a warning when compiled as a
module:

drivers/tty/serial/kgdboc.c:134:12: warning: 'kgdboc_option_setup' defined but not used [-Wunused-function]
 static int kgdboc_option_setup(char *opt)
            ^~~~~~~~~~~~~~~~~~~

Move the function under the appropriate ifdef for builtin only.

Fixes: 2dd453168643 ("kgdboc: Fix restrict error")
Reported-by: Stephen Rothwell &lt;sfr@canb.auug.org.au&gt;
Signed-off-by: Laura Abbott &lt;labbott@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>kgdboc: Fix restrict error</title>
<updated>2018-12-13T08:22:30+00:00</updated>
<author>
<name>Laura Abbott</name>
<email>labbott@redhat.com</email>
</author>
<published>2018-09-10T23:20:14+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=5cd41dce77378296ab3c2a890c60ef22895ae4d7'/>
<id>5cd41dce77378296ab3c2a890c60ef22895ae4d7</id>
<content type='text'>
commit 2dd453168643d9475028cd867c57e65956a0f7f9 upstream.

There's an error when compiled with restrict:

drivers/tty/serial/kgdboc.c: In function ‘configure_kgdboc’:
drivers/tty/serial/kgdboc.c:137:2: error: ‘strcpy’ source argument is the same
as destination [-Werror=restrict]
  strcpy(config, opt);
  ^~~~~~~~~~~~~~~~~~~

As the error implies, this is from trying to use config as both source and
destination. Drop the call to the function where config is the argument
since nothing else happens in the function.

Signed-off-by: Laura Abbott &lt;labbott@redhat.com&gt;
Reviewed-by: Daniel Thompson &lt;daniel.thompson@linaro.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 2dd453168643d9475028cd867c57e65956a0f7f9 upstream.

There's an error when compiled with restrict:

drivers/tty/serial/kgdboc.c: In function ‘configure_kgdboc’:
drivers/tty/serial/kgdboc.c:137:2: error: ‘strcpy’ source argument is the same
as destination [-Werror=restrict]
  strcpy(config, opt);
  ^~~~~~~~~~~~~~~~~~~

As the error implies, this is from trying to use config as both source and
destination. Drop the call to the function where config is the argument
since nothing else happens in the function.

Signed-off-by: Laura Abbott &lt;labbott@redhat.com&gt;
Reviewed-by: Daniel Thompson &lt;daniel.thompson@linaro.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>kgdboc: Passing ekgdboc to command line causes panic</title>
<updated>2018-11-22T06:32:45+00:00</updated>
<author>
<name>He Zhe</name>
<email>zhe.he@windriver.com</email>
</author>
<published>2018-08-17T14:42:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=6680575d68545d50d74a98b60fcde2704e11ea40'/>
<id>6680575d68545d50d74a98b60fcde2704e11ea40</id>
<content type='text'>
commit 1bd54d851f50dea6af30c3e6ff4f3e9aab5558f9 upstream.

kgdboc_option_setup does not check input argument before passing it
to strlen. The argument would be a NULL pointer if "ekgdboc", without
its value, is set in command line and thus cause the following panic.

PANIC: early exception 0xe3 IP 10:ffffffff8fbbb620 error 0 cr2 0x0
[    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.18-rc8+ #1
[    0.000000] RIP: 0010:strlen+0x0/0x20
...
[    0.000000] Call Trace
[    0.000000]  ? kgdboc_option_setup+0x9/0xa0
[    0.000000]  ? kgdboc_early_init+0x6/0x1b
[    0.000000]  ? do_early_param+0x4d/0x82
[    0.000000]  ? parse_args+0x212/0x330
[    0.000000]  ? rdinit_setup+0x26/0x26
[    0.000000]  ? parse_early_options+0x20/0x23
[    0.000000]  ? rdinit_setup+0x26/0x26
[    0.000000]  ? parse_early_param+0x2d/0x39
[    0.000000]  ? setup_arch+0x2f7/0xbf4
[    0.000000]  ? start_kernel+0x5e/0x4c2
[    0.000000]  ? load_ucode_bsp+0x113/0x12f
[    0.000000]  ? secondary_startup_64+0xa5/0xb0

This patch adds a check to prevent the panic.

Cc: stable@vger.kernel.org
Cc: jason.wessel@windriver.com
Cc: gregkh@linuxfoundation.org
Cc: jslaby@suse.com
Signed-off-by: He Zhe &lt;zhe.he@windriver.com&gt;
Reviewed-by: Daniel Thompson &lt;daniel.thompson@linaro.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 1bd54d851f50dea6af30c3e6ff4f3e9aab5558f9 upstream.

kgdboc_option_setup does not check input argument before passing it
to strlen. The argument would be a NULL pointer if "ekgdboc", without
its value, is set in command line and thus cause the following panic.

PANIC: early exception 0xe3 IP 10:ffffffff8fbbb620 error 0 cr2 0x0
[    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.18-rc8+ #1
[    0.000000] RIP: 0010:strlen+0x0/0x20
...
[    0.000000] Call Trace
[    0.000000]  ? kgdboc_option_setup+0x9/0xa0
[    0.000000]  ? kgdboc_early_init+0x6/0x1b
[    0.000000]  ? do_early_param+0x4d/0x82
[    0.000000]  ? parse_args+0x212/0x330
[    0.000000]  ? rdinit_setup+0x26/0x26
[    0.000000]  ? parse_early_options+0x20/0x23
[    0.000000]  ? rdinit_setup+0x26/0x26
[    0.000000]  ? parse_early_param+0x2d/0x39
[    0.000000]  ? setup_arch+0x2f7/0xbf4
[    0.000000]  ? start_kernel+0x5e/0x4c2
[    0.000000]  ? load_ucode_bsp+0x113/0x12f
[    0.000000]  ? secondary_startup_64+0xa5/0xb0

This patch adds a check to prevent the panic.

Cc: stable@vger.kernel.org
Cc: jason.wessel@windriver.com
Cc: gregkh@linuxfoundation.org
Cc: jslaby@suse.com
Signed-off-by: He Zhe &lt;zhe.he@windriver.com&gt;
Reviewed-by: Daniel Thompson &lt;daniel.thompson@linaro.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
</feed>
