jidong xiao wrote:
> Fix up the NULL pointer deference issue in ohci_kdb_poll_char.
Hi Jason,
Thanks for the patch. I will apply it on next update.
Thanks,
- jay
>
> Without this fixup, we may encounter Oops while we invoke kdb via ohci
> usb keyboard. One of my colleagues encountered this while he is using
> RHEL update1 kernels with kdb patches applied.
>
> [EMAIL PROTECTED] ~]#
> Entering kdb (task 0xffff8101338e1100 pid 0) on cpu 1 due to Keyboard Entry
> [1]kdb> Unable to handle kernel NULL pointer dereference at 0000000000000084
> RIP:
> [<ffffffff88013c92>] :ohci_hcd:ohci_kdb_poll+0x75/0x18e
> PGD 1119d8067 PUD 111b5e067 PMD 0
> Oops: 0000 [1] SMP
> last sysfs file: /devices/pci0000:00/0000:00:01.0/irq
> kdb: Debugger re-entered on cpu 1, new reason = 5
> Not executing a kdb command
> Cannot recover, allowing event to proceed
>
> This issue occurs since ohci->hcca is dereferenced while it's NULL pointer.
>
> 1017 if (ohci->hcca->done_head) {
> 1018 dl_done_list_kdb (ohci, urb);
> 1019 ohci_writel (ohci, OHCI_INTR_WDH, ®s->intrstatus);
> 1020 // flush the pci write
> 1021 (void) ohci_readl (ohci, &ohci->regs->control);
> 1022
> 1023 return 0;
> 1024 }
>
> Obviously this issue still exists in the latest kdb patches. So I
> created a patch against 2.6.26-rc9 kernel/kdb patches.
>
> Signed-off-by: Jason Xiao ([EMAIL PROTECTED])
> Index: linux/drivers/usb/host/ohci-hcd.c
> ===================================================================
> --- linux-2.6.26.orig/drivers/usb/host/ohci-hcd.c 2008-08-05
> 21:53:16.000000000 +0800
> +++ linux-2.6.26/drivers/usb/host/ohci-hcd.c 2008-08-05
> 21:54:36.000000000 +0800
> @@ -978,7 +978,7 @@ ohci_kdb_poll_char(struct urb *urb)
> ohci = (struct ohci_hcd *) hcd_to_ohci(bus_to_hcd(urb->dev->bus));
>
> /* make sure */
> - if (!ohci)
> + if (!ohci || !ohci->hcca)
> return -1;
>
> if (!HC_IS_RUNNING (ohci_to_hcd(ohci)->state))
>
>
> Regards
> Jason
---------------------------
Use http://oss.sgi.com/ecartis to modify your settings or to unsubscribe.
