[PATCH 05/29] bus: mhi: core: Fix null pointer access when parsing MHI configuration
From: Manivannan Sadhasivam
Date: Wed Dec 02 2020 - 04:44:14 EST
From: Carl Yin <carl.yin@xxxxxxxxxxx>
Functions parse_ev_cfg() and parse_ch_cfg() access mhi_cntrl->mhi_dev
before it is set in function mhi_register_controller(),
use cntrl_dev instead of mhi_dev.
Fixes: 0cbf260820fa ("bus: mhi: core: Add support for registering MHI controllers")
Signed-off-by: Carl Yin <carl.yin@xxxxxxxxxxx>
Reviewed-by: Bhaumik Bhatt <bbhatt@xxxxxxxxxxxxxx>
Reviewed-by: Hemant Kumar <hemantk@xxxxxxxxxxxxxx>
Reviewed-by: Manivannan Sadhasivam <manivannan.sadhasivam@xxxxxxxxxx>
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@xxxxxxxxxx>
---
drivers/bus/mhi/core/init.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/bus/mhi/core/init.c b/drivers/bus/mhi/core/init.c
index 0a09f8215057..8cefa359fccd 100644
--- a/drivers/bus/mhi/core/init.c
+++ b/drivers/bus/mhi/core/init.c
@@ -610,7 +610,7 @@ static int parse_ev_cfg(struct mhi_controller *mhi_cntrl,
{
struct mhi_event *mhi_event;
const struct mhi_event_config *event_cfg;
- struct device *dev = &mhi_cntrl->mhi_dev->dev;
+ struct device *dev = mhi_cntrl->cntrl_dev;
int i, num;
num = config->num_events;
@@ -692,7 +692,7 @@ static int parse_ch_cfg(struct mhi_controller *mhi_cntrl,
const struct mhi_controller_config *config)
{
const struct mhi_channel_config *ch_cfg;
- struct device *dev = &mhi_cntrl->mhi_dev->dev;
+ struct device *dev = mhi_cntrl->cntrl_dev;
int i;
u32 chan;
--
2.25.1