If any of OSD0, OSD1, VID1 windows are disabled via the kernel bootargs, an
illegal data access access is made in the davinfb_isr() to the disabled windows
data
(dm->{osd0,osd1,vid1}), rendering the kernel unbootable.
This commit adds an a check to make sure the dm->{osd0,osd1,vid1} variables are
non zero before the access is made. The check is not performed for dm->vid0
because, if VID0 window is disabled then all windows are disabled and the
davincifb_isr() is not registered itself.
---
drivers/video/davincifb.c | 46 +++++++++++++++++++++++++-------------------
1 files changed, 26 insertions(+), 20 deletions(-)
diff --git a/drivers/video/davincifb.c b/drivers/video/davincifb.c
index 1344be7..e890cbf 100644
--- a/drivers/video/davincifb.c
+++ b/drivers/video/davincifb.c
@@ -295,20 +295,24 @@ static irqreturn_t davincifb_isr(int irq, void *arg)
unsigned long addr=0;
if ((dispc_reg_in(VENC_VSTAT) & 0x00000010) == 0x10) {
- xchg(&addr, dm->osd0->sdram_address);
- if (addr) {
- set_sdram_params(dm->osd0->info.fix.id,
- dm->osd0->sdram_address,
- dm->osd0->info.fix.line_length);
- dm->osd0->sdram_address = 0;
+ if (dm->osd0) {
+ xchg(&addr, dm->osd0->sdram_address);
+ if (addr) {
+ set_sdram_params(dm->osd0->info.fix.id,
+ dm->osd0->sdram_address,
+
dm->osd0->info.fix.line_length);
+ dm->osd0->sdram_address = 0;
+ }
}
- addr = 0;
- xchg(&addr, dm->osd1->sdram_address);
- if (addr) {
- set_sdram_params(dm->osd1->info.fix.id,
- dm->osd1->sdram_address,
- dm->osd1->info.fix.line_length);
- dm->osd1->sdram_address = 0;
+ if (dm->osd1) {
+ addr = 0;
+ xchg(&addr, dm->osd1->sdram_address);
+ if (addr) {
+ set_sdram_params(dm->osd1->info.fix.id,
+ dm->osd1->sdram_address,
+
dm->osd1->info.fix.line_length);
+ dm->osd1->sdram_address = 0;
+ }
}
addr = 0;
xchg(&addr, dm->vid0->sdram_address);
@@ -318,13 +322,15 @@ static irqreturn_t davincifb_isr(int irq, void *arg)
dm->vid0->info.fix.line_length);
dm->vid0->sdram_address = 0;
}
- addr = 0;
- xchg(&addr, dm->vid1->sdram_address);
- if (addr) {
- set_sdram_params(dm->vid1->info.fix.id,
- dm->vid1->sdram_address,
- dm->vid1->info.fix.line_length);
- dm->vid1->sdram_address = 0;
+ if (dm->vid1) {
+ addr = 0;
+ xchg(&addr, dm->vid1->sdram_address);
+ if (addr) {
+ set_sdram_params(dm->vid1->info.fix.id,
+ dm->vid1->sdram_address,
+
dm->vid1->info.fix.line_length);
+ dm->vid1->sdram_address = 0;
+ }
}
return IRQ_HANDLED;
} else {
--
1.6.2.5
_______________________________________________
Davinci-linux-open-source mailing list
[email protected]
http://linux.davincidsp.com/mailman/listinfo/davinci-linux-open-source
