R0dn3yS/android_kernel_xiaomi_sm7250
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3a54b901fd
android_kernel_xiaomi_sm7250/drivers
History
Chris Wilson b93a3871ed drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() 
[ Upstream commit 119c53d2d4044c59c450c4f5a568d80b9d861856 ]

drm_gem_dumb_map_offset() now exists and does everything
vgem_gem_dump_map does and *ought* to do.

In particular, vgem_gem_dumb_map() was trying to reject mmapping an
imported dmabuf by checking the existence of obj->filp. Unfortunately,
we always allocated an obj->filp, even if unused for an imported dmabuf.
Instead, the drm_gem_dumb_map_offset(), since commit 90378e5891
("drm/gem: drm_gem_dumb_map_offset(): reject dma-buf"), uses the
obj->import_attach to reject such invalid mmaps.

This prevents vgem from allowing userspace mmapping the dumb handle and
attempting to incorrectly fault in remote pages belonging to another
device, where there may not even be a struct page.

v2: Use the default drm_gem_dumb_map_offset() callback

Fixes: af33a9190d ("drm/vgem: Enable dmabuf import interfaces")
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: <stable@vger.kernel.org> # v4.13+
Link: https://patchwork.freedesktop.org/patch/msgid/20200708154911.21236-1-chris@chris-wilson.co.uk
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-08-26 10:30:58 +02:00
..
accessibility
acpi ACPICA: Do not increment operation_region reference counts for field units 2020-08-19 08:14:53 +02:00
amba
android binder: Prevent context manager from incrementing ref 0 2020-08-11 15:32:31 +02:00
ata ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function 2020-06-30 23:17:13 -04:00
atm atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent 2020-08-11 15:32:33 +02:00
auxdisplay
base driver core: Avoid binding drivers to dead devices 2020-08-21 11:05:32 +02:00
bcma
block loop: be paranoid on exit and prevent new additions / removals 2020-08-19 08:14:50 +02:00
bluetooth Bluetooth: hci_serdev: Only unregister device if it was registered 2020-08-19 08:15:00 +02:00
bus
cdrom
char agp/intel: Fix a memory leak on module initialisation failure 2020-08-19 08:14:53 +02:00
clk clk: clk-atlas6: fix return value check in atlas6_clk_init() 2020-08-21 11:05:36 +02:00
clocksource clocksource: dw_apb_timer_of: Fix missing clockevent timers 2020-06-22 09:05:11 +02:00
connector
cpufreq cpufreq: dt: fix oops on armada37xx 2020-08-19 08:15:06 +02:00
cpuidle cpuidle: Fix three reference count leaks 2020-06-22 09:05:20 +02:00
crypto crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified 2020-08-19 08:15:05 +02:00
dax
dca
devfreq
dio
dma dmaengine: ioat setting ioat timeout as module parameter 2020-07-29 10:16:53 +02:00
dma-buf
edac EDAC: Fix reference count leaks 2020-08-19 08:14:48 +02:00
eisa
extcon extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' 2020-06-25 15:33:01 +02:00
firewire
firmware firmware: arm_scmi: Fix SCMI genpd domain probing 2020-08-19 08:14:48 +02:00
fmc
fpga fpga: dfl: fix bug in port reset handshake 2020-07-29 10:16:48 +02:00
fsi
gnss gnss: sirf: fix error return code in sirf_probe() 2020-06-22 09:05:28 +02:00
gpio gpio: arizona: put pm_runtime in case of failure 2020-07-29 10:16:44 +02:00
gpu drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset() 2020-08-26 10:30:58 +02:00
hid HID: input: Fix devices that return multiple bytes in battery report 2020-08-19 08:14:47 +02:00
hsi
hv Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23) 2020-08-11 15:32:33 +02:00
hwmon hwmon: (scmi) Fix potential buffer overflow in scmi_hwmon_probe() 2020-07-29 10:16:54 +02:00
hwspinlock
hwtracing coresight: tmc: Fix TMC mode read in tmc_read_unprepare_etb() 2020-08-19 08:14:58 +02:00
i2c i2c: rcar: avoid race when unregistering slave 2020-08-21 11:05:37 +02:00
ide
idle
iio iio: dac: ad5592r: fix unbalanced mutex unlocks in ad5592r_read_raw() 2020-08-21 11:05:31 +02:00
infiniband RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() 2020-08-21 11:05:34 +02:00
input Input: sentelic - fix error return when fsp_reg_write fails 2020-08-21 11:05:37 +02:00
iommu iommu/omap: Check for failure of a call to omap_iommu_dump_ctx 2020-08-21 11:05:36 +02:00
ipack
irqchip genirq/affinity: Make affinity setting if activated opt-in 2020-08-21 11:05:28 +02:00
isdn PCI: add USR vendor id and use it in r8169 and w6692 driver 2020-06-22 09:05:23 +02:00
leds leds: core: Flush scheduled work for system suspend 2020-08-19 08:14:56 +02:00
lightnvm
macintosh drivers/macintosh: Fix memleak in windfarm_pm112 driver 2020-06-22 09:05:29 +02:00
mailbox
mcb
md dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() 2020-08-21 11:05:35 +02:00
media media: rockchip: rga: Only set output CSC mode for RGB input 2020-08-21 11:05:35 +02:00
memory
memstick
message scsi: mptscsih: Fix read sense data size 2020-07-16 08:17:23 +02:00
mfd mfd: dln2: Run event handler loop under spinlock 2020-08-21 11:05:38 +02:00
misc cxl: Fix kobject memleak 2020-08-19 08:14:55 +02:00
mmc mmc: renesas_sdhi_internal_dmac: clean up the code for dma complete 2020-08-21 11:05:35 +02:00
mtd mtd: rawnand: qcom: avoid write to unavailable register 2020-08-19 08:15:07 +02:00
mux
net net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init 2020-08-21 11:05:37 +02:00
nfc nfc: s3fwrn5: add missing release on skb in s3fwrn5_recv_frame 2020-08-05 10:06:05 +02:00
ntb NTB: perf: Fix race condition when run with ntb_test 2020-06-25 15:33:03 +02:00
nubus
nvdimm
nvme nvme-rdma: assign completion vector correctly 2020-07-16 08:17:23 +02:00
nvmem
of of: of_mdio: Correct loop scanning logic 2020-07-22 09:32:03 +02:00
opp
oprofile
parisc parisc: mask out enable and reserved bits from sba imask 2020-08-19 08:15:07 +02:00
parport
pci PCI: Probe bridge window attributes once at enumeration-time 2020-08-21 11:05:29 +02:00
pcmcia
perf drivers/perf: hisi: Fix wrong value for all counters enable 2020-06-25 15:33:04 +02:00
phy phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY 2020-08-19 08:14:57 +02:00
pinctrl pinctrl-single: fix pcs_parse_pinconf() return value 2020-08-19 08:15:02 +02:00
platform platform/x86: intel-vbtn: Fix return value check in check_acpi_dev() 2020-08-19 08:14:49 +02:00
pnp
power power: supply: check if calc_soc succeeded in pm860x_init_battery 2020-08-19 08:14:59 +02:00
powercap
pps
ps3
ptp
pwm pwm: bcm-iproc: handle clk_get_rate() return 2020-08-21 11:05:36 +02:00
rapidio
ras
regulator regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 2020-06-30 23:17:10 -04:00
remoteproc remoteproc: qcom: q6v5: Update running state before requesting stop 2020-08-21 11:05:34 +02:00
reset
rpmsg
rtc
s390 s390/qeth: don't process empty bridge port events 2020-08-19 08:15:01 +02:00
sbus
scsi scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport 2020-08-21 11:05:37 +02:00
sfi
sh
siox
slimbus slimbus: core: Fix mismatch in of_node_get/put 2020-07-22 09:32:07 +02:00
sn
soc soc: qcom: rpmh-rsc: Set suppress_bind_attrs flag 2020-08-19 08:14:50 +02:00
soundwire
spi spi: spidev: Align buffers for DMA 2020-08-19 08:15:06 +02:00
spmi
ssb
staging staging: rtl8192u: fix a dubious looking mask before a shift 2020-08-19 08:14:58 +02:00
target scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd() 2020-06-25 15:32:59 +02:00
tc
tee
thermal thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor() 2020-08-19 08:14:58 +02:00
thunderbolt
tty vt: Reject zero-sized screen buffer size. 2020-07-29 10:16:56 +02:00
uio uio_pdrv_genirq: fix use without device tree and no interrupt 2020-07-22 09:32:11 +02:00
usb USB: serial: ftdi_sio: clean up receive processing 2020-08-21 11:05:35 +02:00
uwb
vfio vfio/mdev: Fix reference count leak in add_mdev_supported_type 2020-06-25 15:33:01 +02:00
vhost
video video: pxafb: Fix the function used to balance a 'dma_alloc_coherent()' call 2020-08-19 08:14:54 +02:00
virt virt: vbox: Fix guest capabilities mask check 2020-07-22 09:32:10 +02:00
virtio
visorbus
vlynq
vme
w1 w1: omap-hdq: cleanup to add missing newline for some dev_dbg 2020-06-22 09:05:30 +02:00
watchdog watchdog: initialize device before misc_register 2020-08-21 11:05:37 +02:00
xen xen/gntdev: Fix dmabuf import with non-zero sgt offset 2020-08-19 08:15:07 +02:00
zorro
Kconfig
Makefile