Power count is coming from user space which can be modified due to
access to shared memory. This change scopes the data locally so
as to avoid vulnerability of count being modified by external
means while executing due to being in shared memory.
CRs-Fixed: 3691744.
Change-Id: I57d13435453195f8aab0c9aad4414d290274ff81
Signed-off-by: Shivi Mangal <quic_smangal@quicinc.com>
This change add name to dma_buf, it's difficult to debug kernel
dma_buf users as until now as we could not set it at kernel side.
dma_buf_set_name function is exported by Android kernel. So in future if
it is exported for any kernel version then based on that we need
to support.
CRs-Fixed: 3728228
Signed-off-by: Soumen Ghosh <quic_soumeng@quicinc.com>
Signed-off-by: Dharmender Sharma <quic_dharshar@quicinc.com>
Change-Id: I556992cb4fd4cbedb820dae5b976f3a77dd6022e
TFE disable WM client logic is broken due to ISP common framework
changes and last consume address changes in ISP common framework.
Fixed the logic to disable WM dynamically. This change add the
fix for invalid pointer access in last consume address logic
as well.
CRs-Fixed: 3696470
Signed-off-by: Alok Chauhan <quic_alokc@quicinc.com>
Change-Id: I31d06e0dfe17ef660e7ff023b41ada1d713ff92f
During deinitialization of camif lite resources,
potential dereference of NULL pointer can cause
stability issues.
This commit adds validity checks
before accessing the camif lite resource pointers.
CRs-Fixed: 3715678
Change-Id: Id13b09d35f6602fbf97d835fe3b574d70f68dad4
Signed-off-by: Vikram Sharma <quic_vikramsa@quicinc.com>
In init and deinit of a camera Hardware resources
parameters can be invalid/uninitialized which can
be NULL.
By adding NULL checks before dereferencing
will avoid error scenario.
CRs-Fixed: 3715918
Change-Id: I6dd28d5f27fc108b01a274aa2b6ea9988e612837
Signed-off-by: Vikram Sharma <quic_vikramsa@quicinc.com>
Un-clocked access of registers during dumping the registers while
handling the start failure.
Reason for the issue is that handle_reg_dump trying to read the hw
registers when HW clocks are disabled.
This commits adds a check to validate if the hw is initialized before
accessing the registers.
CRs-Fixed: 3668129
Change-Id: I98039af2382df7acce767422689992388210004f
Signed-off-by: Dharmender Sharma <quic_dharshar@quicinc.com>
Mutex unlock is missing if the packet size is not
equal to the packet header size during ICP packet
validation.
This commit add mutex unlock, which unlocks
the mutex to handle the above scenario.
CRs-Fixed: 3715702
Change-Id: Iafa94c1e6b3ee62cd7fd14ccfeb992c3c5c1c4c4
Signed-off-by: Vikram Sharma <quic_vikramsa@quicinc.com>
Null arguments in ISP and Sensor drivers during init
and deinit calls can result in invalid dereferences
impacting the stability.
This commit adds checks to
handle such invalid arguments.
CRs-Fixed: 3711570
Change-Id: I08727201f787af0d5bc5dbe85acea03bb4db247c
Signed-off-by: Sourabh Soni <quic_soursoni@quicinc.com>
Use spin_lock_irqsave utility to avoid preemtpion of process_cmd thread
in jpeg. This can come in rare conditions when IRQ is received on same
CPU which is handling the thread.
Such cases will result in deadlock conditions.
CRs-Fixed: 3712176
Change-Id: Ib0d9997495272ab49a75b0419eb1e0fd84b1962c
Signed-off-by: Dharmender Sharma <quic_dharshar@quicinc.com>
Use bubble packet for request reapply for all scenarios
irrespective of mode switch. Bubble packet carries exposure
updates as well.
CRs-Fixed: 3689201
Change-Id: If2170fd77ea7fe88155ed7101fc053d13bd592a8
Signed-off-by: Karthik Anantha Ram <quic_kartanan@quicinc.com>
(cherry picked from commit c0b8a1bad215c6ba71851897ad642611f085dfb3)
Fix buf done handling in tfe bus driver due to missing
handling for multiple out resource.
CRs-Fixed: 3696470
Signed-off-by: Alok Chauhan <quic_alokc@quicinc.com>
Change-Id: Ie5597b83d21368f921d232d242c82be671ab8080
Output port map structure is not defined for TFE.
This is causing null pointer dereference in add io
buffer api.
Add support for outport map structure in TFE driver.
CRs-Fixed: 3696470
Signed-off-by: Alok Chauhan <quic_alokc@quicinc.com>
Change-Id: I35fa1f36a65bb0ba3dfd896567b47549b6bebf9d
Flush all cmd release all request from CRE request list, once release
these request should not be access by other threads. This commit
add proper mutex lock and conditions to prevent use of released request
from CRE request list. Also change SW reset to HW reset in case of
flush all.
CRs-Fixed: 3583508
Change-Id: I35b38bf5b1771a26bb5a37d3404f6e577abcb66b
Signed-off-by: Ayush Kumar <quic_ayushkr@quicinc.com>
Mutex unlock was missing in CSID driver in case the drv clk rate
call fails. This can result in recursive locking situations.
This commit handles the error scenario.
Change-Id: Ie1e60006713f0a96831ec1174bec1b40ab460a1f
CRs-Fixed: 3712878
Signed-off-by: Gaurav Jindal <quic_gjindal@quicinc.com>
