[PATCH 1/1] TTY: fix keyboard crash

From: Jiri Slaby
Date: Mon Mar 12 2012 - 11:23:31 EST

Next message: Ben Hutchings: "Re: [ 08/12] mac80211: zero initialize count field inieee80211_tx_rate"
Previous message: Matthew Garrett: "Re: [PATCH v2] platform/x86: Add driver for Apple gmux device"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I get this during bootup:
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<ffffffff81301a59>] vt_do_kdsk_ioctl+0x2b9/0x3b0
...
Call Trace:
[<ffffffff812fcbc0>] vt_ioctl+0xce0/0x12f0
[<ffffffff812f2b1c>] tty_ioctl+0x28c/0xbe0
...

It is due to mistake in commit "vt:tackle kbd_table". It moves the
allocation to be away from the atomic section, but omits to set
key_map to the new pointer properly.

So do it here and now.

Signed-off-by: Jiri Slaby <jslaby@xxxxxxx>
Cc: Alan Cox <alan@xxxxxxxxxxxxxxx>
---
drivers/tty/vt/keyboard.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/tty/vt/keyboard.c b/drivers/tty/vt/keyboard.c
index 70d0593..269c6c9 100644
--- a/drivers/tty/vt/keyboard.c
+++ b/drivers/tty/vt/keyboard.c
@@ -1862,7 +1862,7 @@ int vt_do_kdsk_ioctl(int cmd, struct kbentry __user *user_kbe, int perm,
kfree(new_map);
return -EPERM;
}
- key_maps[s] = new_map;
+ key_map = key_maps[s] = new_map;
key_map[0] = U(K_ALLOCATED);
for (j = 1; j < NR_KEYS; j++)
key_map[j] = U(K_HOLE);
--
1.7.9.2

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ben Hutchings: "Re: [ 08/12] mac80211: zero initialize count field inieee80211_tx_rate"
Previous message: Matthew Garrett: "Re: [PATCH v2] platform/x86: Add driver for Apple gmux device"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]