On 11/10/18 7:37 PM, Martin Kaiser wrote:
> The commit that added scu based pinctrl support introduced a regression
> for the mmio case. In the for-loop where the maps are initialized, we
> end up creating a partially initialized map in some cases. This causes a
> kernel panic when such a map is used at a later stage.
>
> Fixes: b96eea718bf6 ("pinctrl: fsl: add scu based pinctrl support")
> Cc: A.s. Dong <[email protected]>
> diff --git a/drivers/pinctrl/freescale/pinctrl-imx.c
> b/drivers/pinctrl/freescale/pinctrl-imx.c
> @@ -108,9 +108,6 @@ static int imx_dt_node_to_map(struct pinctrl_dev *pctldev,
> new_map++;
> for (i = j = 0; i < grp->num_pins; i++) {
> pin = &((struct imx_pin *)(grp->data))[i];
> - new_map[j].type = PIN_MAP_TYPE_CONFIGS_PIN;
> - new_map[j].data.configs.group_or_pin =
> - pin_get_name(pctldev, pin->pin);
>
> if (info->flags & IMX_USE_SCU) {
> /*
> @@ -126,7 +123,12 @@ static int imx_dt_node_to_map(struct pinctrl_dev
> *pctldev,
> new_map[j].data.configs.num_configs = 1;
> }
>
> - j++;
> + if (new_map[j].data.configs.num_configs) {
> + new_map[j].type = PIN_MAP_TYPE_CONFIGS_PIN;
> + new_map[j].data.configs.group_or_pin =
> + pin_get_name(pctldev, pin->pin);
> + j++;
> + }
Sorry but I don't think this is correct.
The new_map array is allocated with kmalloc_array so we can't rely on
new_map[j].data.configs.num_configs being initialized to zero unless
assigned to.
I was looking at the ssue before I saw your patch and posted an
different fix. I can't find a give link right now, it takes a while to
show up in public archives.
