projects / platform / kernel / linux-starfive.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 189f856)
bus: mhi: ep: Only send -ENOTCONN status if client driver is available
authorManivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Wed, 28 Dec 2022 16:17:01 +0000 (21:47 +0530)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 10 Mar 2023 08:34:31 +0000 (09:34 +0100)
commit e6cebcc27519dcf1652e604c73b9fd4f416987c0 upstream.

For the STOP and RESET commands, only send the channel disconnect status
-ENOTCONN if client driver is available. Otherwise, it will result in
null pointer dereference.

Cc: <stable@vger.kernel.org> # 5.19
Fixes: e827569062a8 ("bus: mhi: ep: Add support for processing command rings")
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Reviewed-by: Jeffrey Hugo <quic_jhugo@quicinc.com>
Link: https://lore.kernel.org/r/20221228161704.255268-4-manivannan.sadhasivam@linaro.org
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/bus/mhi/ep/main.c patch | blob | history

diff --git a/drivers/bus/mhi/ep/main.c b/drivers/bus/mhi/ep/main.c
index 1dc8a35..2b3a3b5 100644 (file)
--- a/drivers/bus/mhi/ep/main.c
+++ b/drivers/bus/mhi/ep/main.c
@@ -196,9 +196,11 @@ static int mhi_ep_process_cmd_ring(struct mhi_ep_ring *ring, struct mhi_ring_ele
                mhi_ep_mmio_disable_chdb(mhi_cntrl, ch_id);
 
                /* Send channel disconnect status to client drivers */
-               result.transaction_status = -ENOTCONN;
-               result.bytes_xferd = 0;
-               mhi_chan->xfer_cb(mhi_chan->mhi_dev, &result);
+               if (mhi_chan->xfer_cb) {
+                       result.transaction_status = -ENOTCONN;
+                       result.bytes_xferd = 0;
+                       mhi_chan->xfer_cb(mhi_chan->mhi_dev, &result);
+               }
 
                /* Set channel state to STOP */
                mhi_chan->state = MHI_CH_STATE_STOP;
@@ -228,9 +230,11 @@ static int mhi_ep_process_cmd_ring(struct mhi_ep_ring *ring, struct mhi_ring_ele
                mhi_ep_ring_reset(mhi_cntrl, ch_ring);
 
                /* Send channel disconnect status to client driver */
-               result.transaction_status = -ENOTCONN;
-               result.bytes_xferd = 0;
-               mhi_chan->xfer_cb(mhi_chan->mhi_dev, &result);
+               if (mhi_chan->xfer_cb) {
+                       result.transaction_status = -ENOTCONN;
+                       result.bytes_xferd = 0;
+                       mhi_chan->xfer_cb(mhi_chan->mhi_dev, &result);
+               }
 
                /* Set channel state to DISABLED */
                mhi_chan->state = MHI_CH_STATE_DISABLED;
Domain: System / Kernel;