* [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
@ 2024-09-11 11:52 Johan Hovold
2024-09-11 11:52 ` [PATCH 1/4] " Johan Hovold
` (6 more replies)
0 siblings, 7 replies; 9+ messages in thread
From: Johan Hovold @ 2024-09-11 11:52 UTC (permalink / raw)
To: Vinod Koul, Kishon Vijay Abraham I
Cc: Dmitry Baryshkov, linux-arm-msm, linux-phy, linux-kernel,
Johan Hovold
When working on suspend support for Qualcomm platforms like x1e80100, I
ran into a NULL-pointer dereference in one of the QMP drivers. Turns out
this issue has since been reproduced in two more drivers.
Johan
Johan Hovold (4):
phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend
phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend
phy: qcom: qmp-usb: move driver data initialisation earlier
drivers/phy/qualcomm/phy-qcom-qmp-combo.c | 3 +--
drivers/phy/qualcomm/phy-qcom-qmp-usb-legacy.c | 1 +
drivers/phy/qualcomm/phy-qcom-qmp-usb.c | 1 +
drivers/phy/qualcomm/phy-qcom-qmp-usbc.c | 1 +
4 files changed, 4 insertions(+), 2 deletions(-)
--
2.44.2
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 1/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
2024-09-11 11:52 [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Johan Hovold
@ 2024-09-11 11:52 ` Johan Hovold
2024-09-11 11:52 ` [PATCH 2/4] phy: qcom: qmp-usb-legacy: " Johan Hovold
` (5 subsequent siblings)
6 siblings, 0 replies; 9+ messages in thread
From: Johan Hovold @ 2024-09-11 11:52 UTC (permalink / raw)
To: Vinod Koul, Kishon Vijay Abraham I
Cc: Dmitry Baryshkov, linux-arm-msm, linux-phy, linux-kernel,
Johan Hovold, stable
Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation")
removed most users of the platform device driver data, but mistakenly
also removed the initialisation despite the data still being used in the
runtime PM callbacks.
Restore the driver data initialisation at probe to avoid a NULL-pointer
dereference on runtime suspend.
Apparently no one uses runtime PM, which currently needs to be enabled
manually through sysfs, with this driver.
Fixes: 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation")
Cc: stable@vger.kernel.org # 6.2
Signed-off-by: Johan Hovold <johan+linaro@kernel.org>
---
drivers/phy/qualcomm/phy-qcom-qmp-usb.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/phy/qualcomm/phy-qcom-qmp-usb.c b/drivers/phy/qualcomm/phy-qcom-qmp-usb.c
index 49f4a53f9b2c..76068393e4ba 100644
--- a/drivers/phy/qualcomm/phy-qcom-qmp-usb.c
+++ b/drivers/phy/qualcomm/phy-qcom-qmp-usb.c
@@ -2191,6 +2191,7 @@ static int qmp_usb_probe(struct platform_device *pdev)
return -ENOMEM;
qmp->dev = dev;
+ dev_set_drvdata(dev, qmp);
qmp->cfg = of_device_get_match_data(dev);
if (!qmp->cfg)
--
2.44.2
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 2/4] phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend
2024-09-11 11:52 [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Johan Hovold
2024-09-11 11:52 ` [PATCH 1/4] " Johan Hovold
@ 2024-09-11 11:52 ` Johan Hovold
2024-09-11 11:52 ` [PATCH 3/4] phy: qcom: qmp-usbc: " Johan Hovold
` (4 subsequent siblings)
6 siblings, 0 replies; 9+ messages in thread
From: Johan Hovold @ 2024-09-11 11:52 UTC (permalink / raw)
To: Vinod Koul, Kishon Vijay Abraham I
Cc: Dmitry Baryshkov, linux-arm-msm, linux-phy, linux-kernel,
Johan Hovold, stable
Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation")
removed most users of the platform device driver data from the
qcom-qmp-usb driver, but mistakenly also removed the initialisation
despite the data still being used in the runtime PM callbacks. This bug
was later reproduced when the driver was copied to create the
qmp-usb-legacy driver.
Restore the driver data initialisation at probe to avoid a NULL-pointer
dereference on runtime suspend.
Apparently no one uses runtime PM, which currently needs to be enabled
manually through sysfs, with these drivers.
Fixes: e464a3180a43 ("phy: qcom-qmp-usb: split off the legacy USB+dp_com support")
Cc: stable@vger.kernel.org # 6.6
Signed-off-by: Johan Hovold <johan+linaro@kernel.org>
---
drivers/phy/qualcomm/phy-qcom-qmp-usb-legacy.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/phy/qualcomm/phy-qcom-qmp-usb-legacy.c b/drivers/phy/qualcomm/phy-qcom-qmp-usb-legacy.c
index 6d0ba39c1943..8bf951b0490c 100644
--- a/drivers/phy/qualcomm/phy-qcom-qmp-usb-legacy.c
+++ b/drivers/phy/qualcomm/phy-qcom-qmp-usb-legacy.c
@@ -1248,6 +1248,7 @@ static int qmp_usb_legacy_probe(struct platform_device *pdev)
return -ENOMEM;
qmp->dev = dev;
+ dev_set_drvdata(dev, qmp);
qmp->cfg = of_device_get_match_data(dev);
if (!qmp->cfg)
--
2.44.2
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 3/4] phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend
2024-09-11 11:52 [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Johan Hovold
2024-09-11 11:52 ` [PATCH 1/4] " Johan Hovold
2024-09-11 11:52 ` [PATCH 2/4] phy: qcom: qmp-usb-legacy: " Johan Hovold
@ 2024-09-11 11:52 ` Johan Hovold
2024-09-11 11:52 ` [PATCH 4/4] phy: qcom: qmp-usb: move driver data initialisation earlier Johan Hovold
` (3 subsequent siblings)
6 siblings, 0 replies; 9+ messages in thread
From: Johan Hovold @ 2024-09-11 11:52 UTC (permalink / raw)
To: Vinod Koul, Kishon Vijay Abraham I
Cc: Dmitry Baryshkov, linux-arm-msm, linux-phy, linux-kernel,
Johan Hovold, stable
Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation")
removed most users of the platform device driver data from the
qcom-qmp-usb driver, but mistakenly also removed the initialisation
despite the data still being used in the runtime PM callbacks. This bug
was later reproduced when the driver was copied to create the qmp-usbc
driver.
Restore the driver data initialisation at probe to avoid a NULL-pointer
dereference on runtime suspend.
Apparently no one uses runtime PM, which currently needs to be enabled
manually through sysfs, with these drivers.
Fixes: 19281571a4d5 ("phy: qcom: qmp-usb: split USB-C PHY driver")
Cc: stable@vger.kernel.org # 6.9
Signed-off-by: Johan Hovold <johan+linaro@kernel.org>
---
drivers/phy/qualcomm/phy-qcom-qmp-usbc.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/phy/qualcomm/phy-qcom-qmp-usbc.c b/drivers/phy/qualcomm/phy-qcom-qmp-usbc.c
index 5cbc5fd529eb..dea3456f88b1 100644
--- a/drivers/phy/qualcomm/phy-qcom-qmp-usbc.c
+++ b/drivers/phy/qualcomm/phy-qcom-qmp-usbc.c
@@ -1049,6 +1049,7 @@ static int qmp_usbc_probe(struct platform_device *pdev)
return -ENOMEM;
qmp->dev = dev;
+ dev_set_drvdata(dev, qmp);
qmp->orientation = TYPEC_ORIENTATION_NORMAL;
--
2.44.2
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 4/4] phy: qcom: qmp-usb: move driver data initialisation earlier
2024-09-11 11:52 [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Johan Hovold
` (2 preceding siblings ...)
2024-09-11 11:52 ` [PATCH 3/4] phy: qcom: qmp-usbc: " Johan Hovold
@ 2024-09-11 11:52 ` Johan Hovold
2024-09-11 11:57 ` Johan Hovold
2024-09-11 19:01 ` [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Dmitry Baryshkov
` (2 subsequent siblings)
6 siblings, 1 reply; 9+ messages in thread
From: Johan Hovold @ 2024-09-11 11:52 UTC (permalink / raw)
To: Vinod Koul, Kishon Vijay Abraham I
Cc: Dmitry Baryshkov, linux-arm-msm, linux-phy, linux-kernel,
Johan Hovold
Commit 44aff8e31080 ("phy: qcom-qmp-combo: clean up probe
initialisation") removed most users of the platform device driver data,
but mistakenly also removed the initialisation despite the data still
being used in the runtime PM callbacks.
The initialisation was soon after restored by commit 83a0bbe39b17 ("phy:
qcom-qmp-combo: add support for updated sc8280xp binding") but now
happens slightly later during probe. This should not cause any trouble
currently as runtime PM needs to be enabled manually through sysfs and
the platform device would not be suspended before the PHY has been
registered anyway.
Move the driver data initialisation to avoid a NULL-pointer dereference
on runtime suspend if runtime PM is ever enabled by default in this
driver.
Fixes: 44aff8e31080 ("phy: qcom-qmp-combo: clean up probe initialisation")
Signed-off-by: Johan Hovold <johan+linaro@kernel.org>
---
drivers/phy/qualcomm/phy-qcom-qmp-combo.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/phy/qualcomm/phy-qcom-qmp-combo.c b/drivers/phy/qualcomm/phy-qcom-qmp-combo.c
index c478bf74817a..ddecf34968fd 100644
--- a/drivers/phy/qualcomm/phy-qcom-qmp-combo.c
+++ b/drivers/phy/qualcomm/phy-qcom-qmp-combo.c
@@ -3649,6 +3649,7 @@ static int qmp_combo_probe(struct platform_device *pdev)
return -ENOMEM;
qmp->dev = dev;
+ dev_set_drvdata(dev, qmp);
qmp->orientation = TYPEC_ORIENTATION_NORMAL;
@@ -3725,8 +3726,6 @@ static int qmp_combo_probe(struct platform_device *pdev)
phy_set_drvdata(qmp->dp_phy, qmp);
- dev_set_drvdata(dev, qmp);
-
if (usb_np == dev->of_node)
phy_provider = devm_of_phy_provider_register(dev, qmp_combo_phy_xlate);
else
--
2.44.2
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 4/4] phy: qcom: qmp-usb: move driver data initialisation earlier
2024-09-11 11:52 ` [PATCH 4/4] phy: qcom: qmp-usb: move driver data initialisation earlier Johan Hovold
@ 2024-09-11 11:57 ` Johan Hovold
0 siblings, 0 replies; 9+ messages in thread
From: Johan Hovold @ 2024-09-11 11:57 UTC (permalink / raw)
To: Johan Hovold
Cc: Vinod Koul, Kishon Vijay Abraham I, Dmitry Baryshkov,
linux-arm-msm, linux-phy, linux-kernel
On Wed, Sep 11, 2024 at 01:52:53PM +0200, Johan Hovold wrote:
> Commit 44aff8e31080 ("phy: qcom-qmp-combo: clean up probe
> initialisation") removed most users of the platform device driver data,
> but mistakenly also removed the initialisation despite the data still
> being used in the runtime PM callbacks.
Perhaps the copy/paste error in Subject can be fixed when applying. The
summary was supposed to say:
phy: qcom: qmp-combo: move driver data initialisation earlier
and nothing else.
Johan
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
2024-09-11 11:52 [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Johan Hovold
` (3 preceding siblings ...)
2024-09-11 11:52 ` [PATCH 4/4] phy: qcom: qmp-usb: move driver data initialisation earlier Johan Hovold
@ 2024-09-11 19:01 ` Dmitry Baryshkov
2024-10-16 7:43 ` Johan Hovold
2024-10-17 15:31 ` Vinod Koul
6 siblings, 0 replies; 9+ messages in thread
From: Dmitry Baryshkov @ 2024-09-11 19:01 UTC (permalink / raw)
To: Johan Hovold
Cc: Vinod Koul, Kishon Vijay Abraham I, linux-arm-msm, linux-phy,
linux-kernel
On Wed, Sep 11, 2024 at 01:52:49PM GMT, Johan Hovold wrote:
> When working on suspend support for Qualcomm platforms like x1e80100, I
> ran into a NULL-pointer dereference in one of the QMP drivers. Turns out
> this issue has since been reproduced in two more drivers.
>
> Johan
For the series:
Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
--
With best wishes
Dmitry
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
2024-09-11 11:52 [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Johan Hovold
` (4 preceding siblings ...)
2024-09-11 19:01 ` [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Dmitry Baryshkov
@ 2024-10-16 7:43 ` Johan Hovold
2024-10-17 15:31 ` Vinod Koul
6 siblings, 0 replies; 9+ messages in thread
From: Johan Hovold @ 2024-10-16 7:43 UTC (permalink / raw)
To: Vinod Koul
Cc: Kishon Vijay Abraham I, Dmitry Baryshkov, linux-arm-msm,
linux-phy, linux-kernel
Hi Vinod,
On Wed, Sep 11, 2024 at 01:52:49PM +0200, Johan Hovold wrote:
> When working on suspend support for Qualcomm platforms like x1e80100, I
> ran into a NULL-pointer dereference in one of the QMP drivers. Turns out
> this issue has since been reproduced in two more drivers.
> Johan Hovold (4):
> phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
> phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend
> phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend
> phy: qcom: qmp-usb: move driver data initialisation earlier
It's been a month (and a merge window) so sending a reminder.
Could you pick these up for 6.12-rc?
Johan
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
2024-09-11 11:52 [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Johan Hovold
` (5 preceding siblings ...)
2024-10-16 7:43 ` Johan Hovold
@ 2024-10-17 15:31 ` Vinod Koul
6 siblings, 0 replies; 9+ messages in thread
From: Vinod Koul @ 2024-10-17 15:31 UTC (permalink / raw)
To: Kishon Vijay Abraham I, Johan Hovold
Cc: Dmitry Baryshkov, linux-arm-msm, linux-phy, linux-kernel
On Wed, 11 Sep 2024 13:52:49 +0200, Johan Hovold wrote:
> When working on suspend support for Qualcomm platforms like x1e80100, I
> ran into a NULL-pointer dereference in one of the QMP drivers. Turns out
> this issue has since been reproduced in two more drivers.
>
> Johan
>
>
> [...]
Applied, thanks!
[1/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
commit: bd9e4d4a3b127686efc60096271b0a44c3100061
[2/4] phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend
commit: 29240130ab77c80bea1464317ae2a5fd29c16a0c
[3/4] phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend
commit: 34c21f94fa1e147a19b54b6adf0c93a623b70dd8
[4/4] phy: qcom: qmp-usb: move driver data initialisation earlier
commit: 1dd196f9004848d0318e8831f962cc76255431d8
Best regards,
--
~Vinod
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2024-10-17 15:31 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-09-11 11:52 [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Johan Hovold
2024-09-11 11:52 ` [PATCH 1/4] " Johan Hovold
2024-09-11 11:52 ` [PATCH 2/4] phy: qcom: qmp-usb-legacy: " Johan Hovold
2024-09-11 11:52 ` [PATCH 3/4] phy: qcom: qmp-usbc: " Johan Hovold
2024-09-11 11:52 ` [PATCH 4/4] phy: qcom: qmp-usb: move driver data initialisation earlier Johan Hovold
2024-09-11 11:57 ` Johan Hovold
2024-09-11 19:01 ` [PATCH 0/4] phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Dmitry Baryshkov
2024-10-16 7:43 ` Johan Hovold
2024-10-17 15:31 ` Vinod Koul
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).