--- /dev/null
+From d4548b14dd7e5c698f81ce23ce7b69a896373b45 Mon Sep 17 00:00:00 2001
+From: Vignesh Raghavendra <vigneshr@ti.com>
+Date: Wed, 11 Nov 2020 16:56:52 +0530
+Subject: serial: 8250: 8250_omap: Fix possible array out of bounds access
+
+From: Vignesh Raghavendra <vigneshr@ti.com>
+
+commit d4548b14dd7e5c698f81ce23ce7b69a896373b45 upstream.
+
+k3_soc_devices array is missing a sentinel entry which may result in out
+of bounds access as reported by kernel KASAN.
+
+Fix this by adding a sentinel entry.
+
+Fixes: 439c7183e5b9 ("serial: 8250: 8250_omap: Disable RX interrupt after DMA enable")
+Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org>
+Signed-off-by: Vignesh Raghavendra <vigneshr@ti.com>
+Link: https://lore.kernel.org/r/20201111112653.2710-1-vigneshr@ti.com
+Signed-off-by: Nobuhiro Iwamatsu (CIP) <nobuhiro1.iwamatsu@toshiba.co.jp>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/tty/serial/8250/8250_omap.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/drivers/tty/serial/8250/8250_omap.c
++++ b/drivers/tty/serial/8250/8250_omap.c
+@@ -1211,6 +1211,7 @@ static int omap8250_no_handle_irq(struct
+ static const struct soc_device_attribute k3_soc_devices[] = {
+ { .family = "AM65X", },
+ { .family = "J721E", .revision = "SR1.0" },
++ { /* sentinel */ }
+ };
+
+ static struct omap8250_dma_params am654_dma = {
alsa-hda-realtek-quirk-for-hp-spectre-x360-14-amp-setup.patch
alsa-hda-realtek-workaround-for-conflicting-ssid-on-asus-rog-strix-g17.patch
alsa-pcm-fix-divide-error-in-snd_pcm_lib_ioctl.patch
+serial-8250-8250_omap-fix-possible-array-out-of-bounds-access.patch
+spi-switch-to-signed-types-for-_native_cs-spi-controller-fields.patch
--- /dev/null
+From 35f3f8504c3b60a1ae5576e178b27fc0ddd6157d Mon Sep 17 00:00:00 2001
+From: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+Date: Mon, 10 May 2021 16:12:42 +0300
+Subject: spi: Switch to signed types for *_native_cs SPI controller fields
+
+From: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+
+commit 35f3f8504c3b60a1ae5576e178b27fc0ddd6157d upstream.
+
+While fixing undefined behaviour the commit f60d7270c8a3 ("spi: Avoid
+undefined behaviour when counting unused native CSs") missed the case
+when all CSs are GPIOs and thus unused_native_cs will be evaluated to
+-1 in unsigned representation. This will falsely trigger a condition
+in the spi_get_gpio_descs().
+
+Switch to signed types for *_native_cs SPI controller fields to fix above.
+
+Fixes: f60d7270c8a3 ("spi: Avoid undefined behaviour when counting unused native CSs")
+Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
+Link: https://lore.kernel.org/r/20210510131242.49455-1-andriy.shevchenko@linux.intel.com
+Signed-off-by: Mark Brown <broonie@kernel.org>
+Signed-off-by: Nobuhiro Iwamatsu (CIP) <nobuhiro1.iwamatsu@toshiba.co.jp>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/spi/spi.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/include/linux/spi/spi.h
++++ b/include/linux/spi/spi.h
+@@ -646,8 +646,8 @@ struct spi_controller {
+ int *cs_gpios;
+ struct gpio_desc **cs_gpiods;
+ bool use_gpio_descriptors;
+- u8 unused_native_cs;
+- u8 max_native_cs;
++ s8 unused_native_cs;
++ s8 max_native_cs;
+
+ /* statistics */
+ struct spi_statistics statistics;
projects / thirdparty / kernel / stable-queue.git / commitdiff
