Re: [PATCH 1/1] MMC: meson: avoid possible NULL dereference
From: Ulf Hansson
Date: Tue Jan 10 2017 - 10:38:39 EST
On 6 January 2017 at 18:01, Kevin Hilman <khilman@xxxxxxxxxxxx> wrote:
> Heinrich Schuchardt <xypron.glpk@xxxxxx> writes:
>
>> No actual segmentation faults were observed but the coding is
>> at least inconsistent.
>>
>> irqreturn_t meson_mmc_irq():
>>
>> We should not dereference host before checking it.
>>
>> meson_mmc_irq_thread():
>>
>> If cmd or mrq are NULL we should not dereference them after
>> writing a warning.
>>
>> Fixes: 51c5d8447bd7 MMC: meson: initial support for GX platforms
>> Signed-off-by: Heinrich Schuchardt <xypron.glpk@xxxxxx>
>
> Acked-by: Kevin Hilman <khilman@xxxxxxxxxxxx>
>
> Ulf, I assume you can pick this up directly for v4.10-rc?
Thanks, applied for fixes!
Kind regards
Uffe
>
> Thanks,
>
> Kevin
>
>> ---
>> drivers/mmc/host/meson-gx-mmc.c | 8 +++++---
>> 1 file changed, 5 insertions(+), 3 deletions(-)
>>
>> diff --git a/drivers/mmc/host/meson-gx-mmc.c b/drivers/mmc/host/meson-gx-mmc.c
>> index b352760c041e..09739352834c 100644
>> --- a/drivers/mmc/host/meson-gx-mmc.c
>> +++ b/drivers/mmc/host/meson-gx-mmc.c
>> @@ -578,13 +578,15 @@ static irqreturn_t meson_mmc_irq(int irq, void *dev_id)
>> {
>> struct meson_host *host = dev_id;
>> struct mmc_request *mrq;
>> - struct mmc_command *cmd = host->cmd;
>> + struct mmc_command *cmd;
>> u32 irq_en, status, raw_status;
>> irqreturn_t ret = IRQ_HANDLED;
>>
>> if (WARN_ON(!host))
>> return IRQ_NONE;
>>
>> + cmd = host->cmd;
>> +
>> mrq = host->mrq;
>>
>> if (WARN_ON(!mrq))
>> @@ -670,10 +672,10 @@ static irqreturn_t meson_mmc_irq_thread(int irq, void *dev_id)
>> int ret = IRQ_HANDLED;
>>
>> if (WARN_ON(!mrq))
>> - ret = IRQ_NONE;
>> + return IRQ_NONE;
>>
>> if (WARN_ON(!cmd))
>> - ret = IRQ_NONE;
>> + return IRQ_NONE;
>>
>> data = cmd->data;
>> if (data) {