BUG: unable to handle kernel NULL pointer dereference at 0000000000000028This doesn't have anything to do with my patch really, and goes way back. I'd say yes, to every stable kernel which is still being maintained.
IP: [<ffffffffa02c66b4>] hidraw_ioctl+0xfc/0x32c [hid]
[...]
This is reproducible by disconnecting the device while userspace does ioctl in
a loop and doesn't check return values in order to exit the loop
Should this be applied to older stable kernels too?
Alan, Jiri,
there is a similar problem when _writing_ to the device, but Alan's
changes in that area are shuffling the code a bit, should I send a patch
[to hidraw_send_report()] on top of Alan's work for that, or a fix for
current mainline [in hidraw_write()] on which Alan should rebase his
work would be better?
The same pattern of unchecked hidraw_table[minor] is also present in
hidraw_get_report but this function is called only after the NULL check
in hidraw_ioctl _for_now_, so that is currently safe.