[PATCH 0/2] powercap: dtpm: Guard against missing energy model in dtpm callbacks

Next message: Eric Biggers: "Re: [PATCH 0/4] Xilinx TRNG fix and simplification"
Previous message: Niklas S&#xF6;derlund: "[PATCH v10 12/13] media: rppx1: ga: Add support for gamma out correction"
Next in thread: Elazar Leibovich: "[PATCH 1/2] powercap: dtpm_cpu: Guard em_cpu_get() against NULL return in sysfs callbacks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Elazar Leibovich

Date: Thu Jun 11 2026 - 16:47:16 EST

The dtpm_cpu and dtpm_devfreq powercap drivers dereference the perf
domain returned by em_cpu_get()/em_pd_get() without checking it for
NULL. When the energy model is absent - for instance when a CPU becomes
impossible at runtime so get_cpu_device() returns NULL, or when the
device EM was never registered or has already been unregistered - the
dtpm callbacks, several of which are reachable directly from sysfs via
the powercap zone attributes, crash on a NULL pointer dereference.

Add the missing NULL checks, mirroring the guard that already exists in
get_pd_power_uw() since commit 46dc57406887 ("powercap: dtpm_cpu: Fix
NULL pointer dereference in get_pd_power_uw()").

Note these patches only handle a perf domain that is already gone when
the callback starts. A callback racing with
em_dev_unregister_perf_domain() can still observe a non-NULL perf
domain that is freed underneath it, because only the EM perf state
table is RCU-protected, not struct em_perf_domain itself. Closing that
race needs RCU lifetime guarantees from the EM core plus holding
rcu_read_lock() across the perf domain access in the readers; this will
be addressed in future patches.

Sivan Zohar-Kotzer (2):
powercap: dtpm_cpu: Guard em_cpu_get() against NULL return in sysfs
callbacks
powercap: dtpm_devfreq: Guard em_pd_get() against NULL return in
callbacks

drivers/powercap/dtpm_cpu.c | 6 ++++++
drivers/powercap/dtpm_devfreq.c | 9 +++++++++
2 files changed, 15 insertions(+)

--
2.50.1 (Apple Git-155)