Re: [PATCH 002/190] Revert "media: st-delta: Fix reference count leak in delta_run_work"
From: Hans Verkuil
Date: Thu Apr 22 2021 - 04:02:43 EST
Hi Greg,
I re-reviewed all the patches in this series where I was CCed.
These are all good and fix real bugs and should be re-reverted:
[PATCH 002/190] Revert "media: st-delta: Fix reference count leak in delta_run_work"
[PATCH 003/190] Revert "media: sti: Fix reference count leaks"
[PATCH 004/190] Revert "media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync"
[PATCH 005/190] Revert "media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync"
[PATCH 006/190] Revert "media: exynos4-is: Fix a reference count leak"
[PATCH 008/190] Revert "media: stm32-dcmi: Fix a reference count leak"
[PATCH 009/190] Revert "media: s5p-mfc: Fix a reference count leak"
[PATCH 010/190] Revert "media: camss: Fix a reference count leak."
[PATCH 011/190] Revert "media: platform: fcp: Fix a reference count leak."
[PATCH 012/190] Revert "media: rockchip/rga: Fix a reference count leak."
[PATCH 013/190] Revert "media: rcar-vin: Fix a reference count leak."
[PATCH 014/190] Revert "media: rcar-vin: Fix a reference count leak."
[PATCH 052/190] Revert "media: media/saa7146: fix incorrect assertion in saa7146_buffer_finish"
[PATCH 056/190] Revert "media: davinci/vpfe_capture.c: Avoid BUG_ON for register failure"
[PATCH 057/190] Revert "media: saa7146: Avoid using BUG_ON as an assertion"
[PATCH 058/190] Revert "media: cx231xx: replace BUG_ON with recovery code"
[PATCH 102/190] Revert "media: video-mux: fix null pointer dereferences"
[PATCH 183/190] Revert "media: isif: fix a NULL pointer dereference bug"
This one can be dropped since it actually contains a bug, I'm fairly certain
that was unintentional:
[PATCH 007/190] Revert "media: ti-vpe: Fix a missing check and reference count leak"
I'll reply to that one separately.
This one can be dropped since it is not necessary:
[PATCH 073/190] Revert "media: rcar_drif: fix a memory disclosure"
The V4L2 core already zeroes this. Other drivers that use fmt.sdr also
memset this, but that should be dropped in those drivers as well. I'll
make a patch for that.
Regards,
Hans
On 21/04/2021 14:57, Greg Kroah-Hartman wrote:
> This reverts commit 57cc666d36adc7b45e37ba4cd7bc4e44ec4c43d7.
>
> Commits from @umn.edu addresses have been found to be submitted in "bad
> faith" to try to test the kernel community's ability to review "known
> malicious" changes. The result of these submissions can be found in a
> paper published at the 42nd IEEE Symposium on Security and Privacy
> entitled, "Open Source Insecurity: Stealthily Introducing
> Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University
> of Minnesota) and Kangjie Lu (University of Minnesota).
>
> Because of this, all submissions from this group must be reverted from
> the kernel tree and will need to be re-reviewed again to determine if
> they actually are a valid fix. Until that work is complete, remove this
> change to ensure that no problems are being introduced into the
> codebase.
>
> Cc: Aditya Pakki <pakki001@xxxxxxx>
> Cc: Hans Verkuil <hverkuil-cisco@xxxxxxxxx>
> Cc: Mauro Carvalho Chehab <mchehab+huawei@xxxxxxxxxx>
> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> ---
> drivers/media/platform/sti/delta/delta-v4l2.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/drivers/media/platform/sti/delta/delta-v4l2.c b/drivers/media/platform/sti/delta/delta-v4l2.c
> index c691b3d81549..2503224eeee5 100644
> --- a/drivers/media/platform/sti/delta/delta-v4l2.c
> +++ b/drivers/media/platform/sti/delta/delta-v4l2.c
> @@ -954,10 +954,8 @@ static void delta_run_work(struct work_struct *work)
> /* enable the hardware */
> if (!dec->pm) {
> ret = delta_get_sync(ctx);
> - if (ret) {
> - delta_put_autosuspend(ctx);
> + if (ret)
> goto err;
> - }
> }
>
> /* decode this access unit */
>