[Skiboot] [PATCH STABLE] hw/fsp/fsp-leds.c: use allocated buffer for FSP_CMD_GET_LED_LIST response

Vasant Hegde hegdevasant at linux.vnet.ibm.com
Fri Oct 9 17:04:48 AEDT 2015

On 10/09/2015 11:12 AM, Stewart Smith wrote:
> This bug has originated since day 1 (of public release), what was going on
> was that we were incorrectly using PSI_DMA_LOC_COD_BUF as the *address*
> to write to for the FSP to read rather than using that purely as the
> TCE table.
> What we *should* have been doing (and this patch now does), is allocating
> some (aligned) memory and using it.
> With this patch, we no longer write over some poor random memory location
> that could be being used by the host OS for something important, for example,
> in the (internal) bug report of this, it was futex_hash_bucket in Linux
> being replaced with our structure for replying to FSP_CMD_GET_LED_LIST (which
> is around 4kb) and Linux doesn't like it when you replace a bunch of lock
> data structures with essentially garbage.
> Since this is FSP LED code specific, this only affects FSP based systems.

> Reported-by: Dionysius d. Bell <belldi at us.ibm.com>

Thanks for reporting this issue! I'm still wondering how we missed this one in
first place!

> Signed-off-by: Stewart Smith <stewart at linux.vnet.ibm.com>

As discussed, we will have trouble if we get multiple request simultaneously.
Spec doesn't seems to tell anything.. I will cross check with FW folks later.

Anyway this is much better than existing code :-)

Reviewed-by: Vasant Hegde <hegdevasant at linux.vnet.ibm.com>


More information about the Skiboot mailing list