rpms/kernel/F-12 acpi-pci-fix-null-pointer-dereference-in-acpi-get-pci-dev.patch, NONE, 1.1 kernel.spec, 1.1870, 1.1871

Fri Oct 16 10:14:42 UTC 2009

Author: cebbert

Update of /cvs/pkgs/rpms/kernel/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9756

Modified Files:
	kernel.spec 
Added Files:
	acpi-pci-fix-null-pointer-dereference-in-acpi-get-pci-dev.patch 
Log Message:
Fix another ACPI boot hang (#513680)

acpi-pci-fix-null-pointer-dereference-in-acpi-get-pci-dev.patch:
 pci_root.c |   11 +++++++++++
 1 file changed, 11 insertions(+)

--- NEW FILE acpi-pci-fix-null-pointer-dereference-in-acpi-get-pci-dev.patch ---
From: Rafael J. Wysocki <rjw at sisk.pl>
Date: Mon, 12 Oct 2009 23:01:57 +0000 (+0200)
Subject: ACPI / PCI: Fix NULL pointer dereference in acpi_get_pci_dev() (rev. 2)
X-Git-Tag: v2.6.32-rc5~6^2~3^2
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=497fb54f578efd2b479727bc88d5ef942c0a1e2d

ACPI / PCI: Fix NULL pointer dereference in acpi_get_pci_dev() (rev. 2)

acpi_get_pci_dev() may be called for a non-PCI device, in which case
it should return NULL.  However, it assumes that every handle it
finds in the ACPI CA name space, between given device handle and the
PCI root bridge handle, corresponds to a PCI-to-PCI bridge with an
existing secondary bus.  For this reason, when it finds a struct
pci_dev object corresponding to one of them, it doesn't check if
its 'subordinate' field is a valid pointer.  This obviously leads to
a NULL pointer dereference if acpi_get_pci_dev() is called for a
non-PCI device with a PCI parent which is not a bridge.

To fix this issue make acpi_get_pci_dev() check if pdev->subordinate
is not NULL for every device it finds on the path between the root
bridge and the device it's supposed to get to and return NULL if the
"target" device cannot be found.

http://bugzilla.kernel.org/show_bug.cgi?id=14129
(worked in 2.6.30, regression in 2.6.31)

Signed-off-by: Rafael J. Wysocki <rjw at sisk.pl>
Reported-by: Danny Feng <dfeng at redhat.com>
Reviewed-by: Alex Chiang <achiang at hp.com>
Tested-by: chepioq <chepioq at gmail.com>
Signed-off-by: Len Brown <len.brown at intel.com>
---

diff --git a/drivers/acpi/pci_root.c b/drivers/acpi/pci_root.c
index 3112221..1af8081 100644
--- a/drivers/acpi/pci_root.c
+++ b/drivers/acpi/pci_root.c
@@ -389,6 +389,17 @@ struct pci_dev *acpi_get_pci_dev(acpi_handle handle)
 
 		pbus = pdev->subordinate;
 		pci_dev_put(pdev);
+
+		/*
+		 * This function may be called for a non-PCI device that has a
+		 * PCI parent (eg. a disk under a PCI SATA controller).  In that
+		 * case pdev->subordinate will be NULL for the parent.
+		 */
+		if (!pbus) {
+			dev_dbg(&pdev->dev, "Not a PCI-to-PCI bridge\n");
+			pdev = NULL;
+			break;
+		}
 	}
 out:
 	list_for_each_entry_safe(node, tmp, &device_list, node)


Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-12/kernel.spec,v
retrieving revision 1.1870
retrieving revision 1.1871
diff -u -p -r1.1870 -r1.1871
--- kernel.spec	16 Oct 2009 03:47:52 -0000	1.1870
+++ kernel.spec	16 Oct 2009 10:14:41 -0000	1.1871
@@ -752,6 +752,9 @@ Patch14200: acpi-revert-attach-device-to
 # disable 64-bit DMA on SB600 SATA controllers
 Patch14300: ahci-revert-restore-sb600-sata-controller-64-bit-dma.patch
 
+# fix ACPI boot hang/crash (#513680)
+Patch14400: acpi-pci-fix-null-pointer-dereference-in-acpi-get-pci-dev.patch
+
 %endif
 
 BuildRoot: %{_tmppath}/kernel-%{KVERREL}-root
@@ -1407,6 +1410,9 @@ ApplyPatch acpi-revert-attach-device-to-
 # disable 64-bit DMA on SB600 SATA controllers
 ApplyPatch ahci-revert-restore-sb600-sata-controller-64-bit-dma.patch
 
+# fix ACPI boot hang/crash (#513680)
+ApplyPatch acpi-pci-fix-null-pointer-dereference-in-acpi-get-pci-dev.patch
+
 # END OF PATCH APPLICATIONS
 
 %endif
@@ -2057,6 +2063,9 @@ fi
 # and build.
 
 %changelog
+* Fri Oct 16 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.31.4-85
+- Fix another ACPI boot hang (#513680)
+
 * Fri Oct 16 2009 Ben Skeggs <bskeggs at redhat.com> 2.6.31.4-84
 - nouveau: more vbios opcodes, minor fixes, hopeful fix for rh#529292
 


