git.kernel.dk Git - linux-block.git/commit

author	Takashi Iwai <tiwai@suse.de>
	Sun, 29 Jan 2023 08:28:56 +0000 (09:28 +0100)
committer	Thomas Zimmermann <tzimmermann@suse.de>
	Fri, 10 Feb 2023 10:03:37 +0000 (11:03 +0100)
commit	3efc61d95259956db25347e2a9562c3e54546e20
tree	2b1f2ca1237cbe9ee041b7dbc73b6f281adb103f	tree \| snapshot
parent	247a631f9c0ffb37ed0786a94cb4c5f2b6fc7ab1	commit \| diff

fbdev: Fix invalid page access after closing deferred I/O devices

When a fbdev with deferred I/O is once opened and closed, the dirty
pages still remain queued in the pageref list, and eventually later
those may be processed in the delayed work. This may lead to a
corruption of pages, hitting an Oops.

This patch makes sure to cancel the delayed work and clean up the
pageref list at closing the device for addressing the bug. A part of
the cleanup code is factored out as a new helper function that is
called from the common fb_release().

Reviewed-by: Patrik Jakobsson <patrik.r.jakobsson@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Tested-by: Miko Larsson <mikoxyzzz@gmail.com>
Fixes: 56c134f7f1b5 ("fbdev: Track deferred-I/O pages in pageref struct")
Reviewed-by: Thomas Zimmermann <tzimmermann@suse.de>
Signed-off-by: Thomas Zimmermann <tzimmermann@suse.de>
Link: https://patchwork.freedesktop.org/patch/msgid/20230129082856.22113-1-tiwai@suse.de

drivers/video/fbdev/core/fb_defio.c		diff \| blob \| blame \| history
drivers/video/fbdev/core/fbmem.c		diff \| blob \| blame \| history
include/linux/fb.h		diff \| blob \| blame \| history