From: qiaochong Date: Tue, 10 Aug 2010 00:21:23 +0000 (-0700) Subject: drivers/char/vt.c: fix vc->vc_origin on take_over_console() X-Git-Tag: v2.6.36-rc1~313 X-Git-Url: http://git.samba.org/samba.git/?p=sfrench%2Fcifs-2.6.git;a=commitdiff_plain;h=02f0777a0d6560eb995aade34a1b82f95c0452da drivers/char/vt.c: fix vc->vc_origin on take_over_console() kernel will die on some platform when switch from vga mode to framebuffer mode. The reason of this bug is that bind_con_driver reset vc->vc_origin to (unsigned long)vc->vc_screenbuf. On vgacon vc->vc_origin is not releated to vc->vc_screenbuf,if set vc->vc_origin to vc->vc_screenbuf,kernel will die on vc_do_resize. static int vc_do_resize(struct tty_struct *tty, struct tty_struct *real_tty, struct vc_data *vc, unsigned int cols, unsigned int lines) { unsigned long old_origin, new_origin, new_scr_end, rlth, rrem, err = 0; unsigned int old_cols, old_rows, old_row_size, old_screen_size; unsigned int new_cols, new_rows, new_row_size, new_screen_size; unsigned int end, user; ... end = (old_rows > new_rows) ? old_origin + (old_row_size * new_rows) : vc->vc_scr_end; ... /* here for a test from vgacon to framebuffer: old_origin=0x810814a0,end=0xb00b8fa0,vc->vc_origin=0x810814a0 the code bellow will copy memory from 0x810814a0 to 0xb00b8fa0, this will cover kernel code,kernel died here. */ while (old_origin < end) { scr_memcpyw((unsigned short *) new_origin, (unsigned short *) old_origin, rlth); if (rrem) scr_memsetw((void *)(new_origin + rlth), vc->vc_video_erase_char, rrem); old_origin += old_row_size; new_origin += new_row_size; } ... } [akpm@linux-foundation.org: coding-style fixes] Signed-off-by: qiaochong Cc: Greg KH Cc: Alan Cox Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/drivers/char/vt.c b/drivers/char/vt.c index 4a9eb3044e52..cff1d4bce21d 100644 --- a/drivers/char/vt.c +++ b/drivers/char/vt.c @@ -3065,7 +3065,8 @@ static int bind_con_driver(const struct consw *csw, int first, int last, old_was_color = vc->vc_can_do_color; vc->vc_sw->con_deinit(vc); - vc->vc_origin = (unsigned long)vc->vc_screenbuf; + if (!vc->vc_origin) + vc->vc_origin = (unsigned long)vc->vc_screenbuf; visual_init(vc, i, 0); set_origin(vc); update_attr(vc);