From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from mail.linuxfoundation.org ([140.211.169.12]:56774 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1761453AbdEWNkx (ORCPT
        <rfc822;stable@vger.kernel.org>); Tue, 23 May 2017 09:40:53 -0400
Subject: Patch "[media] cec: Fix runtime BUG when (CONFIG_RC_CORE && !CEC_CAP_RC)" has been added to the 4.11-stable tree
To: lee.jones@linaro.org, gregkh@linuxfoundation.org,
        hans.verkuil@cisco.com, mchehab@s-opensource.com
Cc: <stable@vger.kernel.org>, <stable-commits@vger.kernel.org>
From: <gregkh@linuxfoundation.org>
Date: Tue, 23 May 2017 15:40:32 +0200
Message-ID: <1495546832181253@kroah.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ANSI_X3.4-1968
Content-Transfer-Encoding: 8bit
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>


This is a note to let you know that I've just added the patch titled

    [media] cec: Fix runtime BUG when (CONFIG_RC_CORE && !CEC_CAP_RC)

to the 4.11-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     cec-fix-runtime-bug-when-config_rc_core-cec_cap_rc.patch
and it can be found in the queue-4.11 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>>From 43c0c03961d0b19bd225a336897606b46e0021a6 Mon Sep 17 00:00:00 2001
From: Lee Jones <lee.jones@linaro.org>
Date: Tue, 4 Apr 2017 09:32:19 -0300
Subject: [media] cec: Fix runtime BUG when (CONFIG_RC_CORE && !CEC_CAP_RC)

From: Lee Jones <lee.jones@linaro.org>

commit 43c0c03961d0b19bd225a336897606b46e0021a6 upstream.

Currently when the RC Core is enabled (reachable) core code located
in cec_register_adapter() attempts to populate the RC structure with
a pointer to the 'parent' passed in by the caller.

Unfortunately if the caller did not specify RC capability when calling
cec_allocate_adapter(), then there will be no RC structure to populate.

This causes a "NULL pointer dereference" error.

Fixes: f51e80804f0 ("[media] cec: pass parent device in register(), not allocate()")

Signed-off-by: Lee Jones <lee.jones@linaro.org>
Signed-off-by: Hans Verkuil <hans.verkuil@cisco.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 drivers/media/cec/cec-core.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/drivers/media/cec/cec-core.c
+++ b/drivers/media/cec/cec-core.c
@@ -286,8 +286,8 @@ int cec_register_adapter(struct cec_adap
 	adap->devnode.dev.parent = parent;
 
 #if IS_REACHABLE(CONFIG_RC_CORE)
-	adap->rc->dev.parent = parent;
 	if (adap->capabilities & CEC_CAP_RC) {
+		adap->rc->dev.parent = parent;
 		res = rc_register_device(adap->rc);
 
 		if (res) {


Patches currently in stable-queue which might be from lee.jones@linaro.org are

queue-4.11/cec-fix-runtime-bug-when-config_rc_core-cec_cap_rc.patch