[Skiboot] [PATCH STABLE 2.1.1.1] hw/fsp/fsp-leds.c: use allocated buffer for FSP_CMD_GET_LED_LIST response
Vasant Hegde
hegdevasant at linux.vnet.ibm.com
Fri Oct 9 17:04:48 AEDT 2015
On 10/09/2015 11:12 AM, Stewart Smith wrote:
> This bug has originated since day 1 (of public release), what was going on
> was that we were incorrectly using PSI_DMA_LOC_COD_BUF as the *address*
> to write to for the FSP to read rather than using that purely as the
> TCE table.
>
> What we *should* have been doing (and this patch now does), is allocating
> some (aligned) memory and using it.
>
> With this patch, we no longer write over some poor random memory location
> that could be being used by the host OS for something important, for example,
> in the (internal) bug report of this, it was futex_hash_bucket in Linux
> being replaced with our structure for replying to FSP_CMD_GET_LED_LIST (which
> is around 4kb) and Linux doesn't like it when you replace a bunch of lock
> data structures with essentially garbage.
>
> Since this is FSP LED code specific, this only affects FSP based systems.
>
> Reported-by: Dionysius d. Bell <belldi at us.ibm.com>
Thanks for reporting this issue! I'm still wondering how we missed this one in
first place!
> Signed-off-by: Stewart Smith <stewart at linux.vnet.ibm.com>
As discussed, we will have trouble if we get multiple request simultaneously.
Spec doesn't seems to tell anything.. I will cross check with FW folks later.
Anyway this is much better than existing code :-)
Reviewed-by: Vasant Hegde <hegdevasant at linux.vnet.ibm.com>
-Vasant
More information about the Skiboot
mailing list