[PATCH] twl-core: fix oops while calling twl_i2c

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] twl-core: fix oops while calling twl_i2c_* for unbound driver
@ 2011-08-01 21:00 Ilya Yanok
  2011-11-09  0:24 ` Ilya Yanok
  0 siblings, 1 reply; 3+ messages in thread
From: Ilya Yanok @ 2011-08-01 21:00 UTC (permalink / raw)
  To: linux-kernel, Samuel Ortiz; +Cc: Ilya Yanok

Check inuse variable before trying to access twl_map to prevent
dereferencing of uninitialized variable.

Signed-off-by: Ilya Yanok <yanok@emcraft.com>
---
 drivers/mfd/twl-core.c |   16 ++++++++--------
 1 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/drivers/mfd/twl-core.c b/drivers/mfd/twl-core.c
index 01ecfee..c7bc222 100644
--- a/drivers/mfd/twl-core.c
+++ b/drivers/mfd/twl-core.c
@@ -362,13 +362,13 @@ int twl_i2c_write(u8 mod_no, u8 *value, u8 reg, unsigned num_bytes)
 		pr_err("%s: invalid module number %d\n", DRIVER_NAME, mod_no);
 		return -EPERM;
 	}
-	sid = twl_map[mod_no].sid;
-	twl = &twl_modules[sid];
-
 	if (unlikely(!inuse)) {
-		pr_err("%s: client %d is not initialized\n", DRIVER_NAME, sid);
+		pr_err("%s: not initialized\n", DRIVER_NAME);
 		return -EPERM;
 	}
+	sid = twl_map[mod_no].sid;
+	twl = &twl_modules[sid];
+
 	mutex_lock(&twl->xfer_lock);
 	/*
 	 * [MSG1]: fill the register address data
@@ -419,13 +419,13 @@ int twl_i2c_read(u8 mod_no, u8 *value, u8 reg, unsigned num_bytes)
 		pr_err("%s: invalid module number %d\n", DRIVER_NAME, mod_no);
 		return -EPERM;
 	}
-	sid = twl_map[mod_no].sid;
-	twl = &twl_modules[sid];
-
 	if (unlikely(!inuse)) {
-		pr_err("%s: client %d is not initialized\n", DRIVER_NAME, sid);
+		pr_err("%s: not initialized\n", DRIVER_NAME);
 		return -EPERM;
 	}
+	sid = twl_map[mod_no].sid;
+	twl = &twl_modules[sid];
+
 	mutex_lock(&twl->xfer_lock);
 	/* [MSG1] fill the register address data */
 	msg = &twl->xfer_msg[0];
-- 
1.7.6


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] twl-core: fix oops while calling twl_i2c_* for unbound driver
  2011-08-01 21:00 [PATCH] twl-core: fix oops while calling twl_i2c_* for unbound driver Ilya Yanok
@ 2011-11-09  0:24 ` Ilya Yanok
  2011-11-14  0:26   ` Samuel Ortiz
  0 siblings, 1 reply; 3+ messages in thread
From: Ilya Yanok @ 2011-11-09  0:24 UTC (permalink / raw)
  To: Ilya Yanok; +Cc: linux-kernel, Samuel Ortiz

Hi,

this is still unfixed. twl_i2c_{read,write} are exported and can be 
called before driver initialization so we have to check it before 
dereferencing twl_map.

Regards, Ilya.

02.08.2011 1:00, Ilya Yanok wrote:
> Check inuse variable before trying to access twl_map to prevent
> dereferencing of uninitialized variable.
>
> Signed-off-by: Ilya Yanok<yanok@emcraft.com>
> ---
>   drivers/mfd/twl-core.c |   16 ++++++++--------
>   1 files changed, 8 insertions(+), 8 deletions(-)
>
> diff --git a/drivers/mfd/twl-core.c b/drivers/mfd/twl-core.c
> index 01ecfee..c7bc222 100644
> --- a/drivers/mfd/twl-core.c
> +++ b/drivers/mfd/twl-core.c
> @@ -362,13 +362,13 @@ int twl_i2c_write(u8 mod_no, u8 *value, u8 reg, unsigned num_bytes)
>   		pr_err("%s: invalid module number %d\n", DRIVER_NAME, mod_no);
>   		return -EPERM;
>   	}
> -	sid = twl_map[mod_no].sid;
> -	twl =&twl_modules[sid];
> -
>   	if (unlikely(!inuse)) {
> -		pr_err("%s: client %d is not initialized\n", DRIVER_NAME, sid);
> +		pr_err("%s: not initialized\n", DRIVER_NAME);
>   		return -EPERM;
>   	}
> +	sid = twl_map[mod_no].sid;
> +	twl =&twl_modules[sid];
> +
>   	mutex_lock(&twl->xfer_lock);
>   	/*
>   	 * [MSG1]: fill the register address data
> @@ -419,13 +419,13 @@ int twl_i2c_read(u8 mod_no, u8 *value, u8 reg, unsigned num_bytes)
>   		pr_err("%s: invalid module number %d\n", DRIVER_NAME, mod_no);
>   		return -EPERM;
>   	}
> -	sid = twl_map[mod_no].sid;
> -	twl =&twl_modules[sid];
> -
>   	if (unlikely(!inuse)) {
> -		pr_err("%s: client %d is not initialized\n", DRIVER_NAME, sid);
> +		pr_err("%s: not initialized\n", DRIVER_NAME);
>   		return -EPERM;
>   	}
> +	sid = twl_map[mod_no].sid;
> +	twl =&twl_modules[sid];
> +
>   	mutex_lock(&twl->xfer_lock);
>   	/* [MSG1] fill the register address data */
>   	msg =&twl->xfer_msg[0];


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] twl-core: fix oops while calling twl_i2c_* for unbound driver
  2011-11-09  0:24 ` Ilya Yanok
@ 2011-11-14  0:26   ` Samuel Ortiz
  0 siblings, 0 replies; 3+ messages in thread
From: Samuel Ortiz @ 2011-11-14  0:26 UTC (permalink / raw)
  To: Ilya Yanok; +Cc: linux-kernel

Hi Ilya,

On Wed, Nov 09, 2011 at 04:24:04AM +0400, Ilya Yanok wrote:
> Hi,
> 
> this is still unfixed. twl_i2c_{read,write} are exported and can be
> called before driver initialization so we have to check it before
> dereferencing twl_map.
> 
> Regards, Ilya.
Thanks for the fix. This one should make it to 3.2 as I applied it to my
for-linux branch.

Cheers,
Samuel.

-- 
Intel Open Source Technology Centre
http://oss.intel.com/

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2011-11-14  0:22 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-08-01 21:00 [PATCH] twl-core: fix oops while calling twl_i2c_* for unbound driver Ilya Yanok
2011-11-09  0:24 ` Ilya Yanok
2011-11-14  0:26   ` Samuel Ortiz

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox