This is a note to let you know that I've just added the patch titled
HID: battery: don't do DMA from stack
to the 3.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
hid-battery-don-t-do-dma-from-stack.patch
and it can be found in the queue-3.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 6c2794a2984f4c17a58117a68703cc7640f01c5a Mon Sep 17 00:00:00 2001
From: Jiri Kosina <jkosina@xxxxxxx>
Date: Mon, 2 Sep 2013 13:43:00 +0200
Subject: HID: battery: don't do DMA from stack
From: Jiri Kosina <jkosina@xxxxxxx>
commit 6c2794a2984f4c17a58117a68703cc7640f01c5a upstream.
Instead of using data from stack for DMA in hidinput_get_battery_property(),
allocate the buffer dynamically.
Reported-by: Richard Ryniker <ryniker@xxxxxxxxxxxx>
Reported-by: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Jiri Kosina <jkosina@xxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/hid/hid-input.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
--- a/drivers/hid/hid-input.c
+++ b/drivers/hid/hid-input.c
@@ -314,7 +314,7 @@ static int hidinput_get_battery_property
{
struct hid_device *dev = container_of(psy, struct hid_device, battery);
int ret = 0;
- __u8 buf[2] = {};
+ __u8 *buf;
switch (prop) {
case POWER_SUPPLY_PROP_PRESENT:
@@ -323,13 +323,20 @@ static int hidinput_get_battery_property
break;
case POWER_SUPPLY_PROP_CAPACITY:
+
+ buf = kmalloc(2 * sizeof(__u8), GFP_KERNEL);
+ if (!buf) {
+ ret = -ENOMEM;
+ break;
+ }
ret = dev->hid_get_raw_report(dev, dev->battery_report_id,
- buf, sizeof(buf),
+ buf, 2,
dev->battery_report_type);
if (ret != 2) {
if (ret >= 0)
ret = -EINVAL;
+ kfree(buf);
break;
}
@@ -338,6 +345,7 @@ static int hidinput_get_battery_property
buf[1] <= dev->battery_max)
val->intval = (100 * (buf[1] - dev->battery_min)) /
(dev->battery_max - dev->battery_min);
+ kfree(buf);
break;
case POWER_SUPPLY_PROP_MODEL_NAME:
Patches currently in stable-queue which might be from jkosina@xxxxxxx are
queue-3.4/hid-battery-don-t-do-dma-from-stack.patch
queue-3.4/hid-validate-hid-report-id-size.patch
queue-3.4/hid-fix-speedlink-vad-cezanne-support-for-some-devices.patch
queue-3.4/hid-pantherlord-validate-output-report-details.patch
queue-3.4/hid-usbhid-quirk-for-n-trig-duosense-touch-screen.patch
queue-3.4/hid-check-for-null-field-when-setting-values.patch
queue-3.4/hid-ntrig-validate-feature-report-details.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html