Re: [PATCH] phy: core: Fix error path in devm_of_phy_get()
From: Kishon Vijay Abraham I
Date: Fri Jan 10 2020 - 06:00:40 EST
On 08/01/20 6:53 PM, Marek Szyprowski wrote:
> Commit 5253fe05bb47 ("phy: core: Add consumer device link support") added
> support for consumer device links, but it missed proper update for error
> handling in devm_of_phy_get(). Fix this by adding proper return statement.
>
> This patch fixes the following invalid pointer dereference on
> Exynos5250-based Arndale board with multi_v7_defconfig:
>
> 8<--- cut here ---
> Unable to handle kernel paging request at virtual address fffffe7f
> pgd = (ptrval)
> [fffffe7f] *pgd=6ffff841, *pte=00000000, *ppte=00000000
> Internal error: Oops: 27 [#1] SMP ARM
> Modules linked in:
> CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.5.0-rc5-next-20200108 #167
> Hardware name: Samsung Exynos (Flattened Device Tree)
> PC is at device_link_add+0x68/0x4c4
> LR is at device_link_add+0x68/0x4c4
> ...
> Process swapper/0 (pid: 1, stack limit = 0x(ptrval))
> ...
> [<c0984d70>] (device_link_add) from [<c0707e8c>] (devm_of_phy_get+0x6c/0xb0)
> [<c0707e8c>] (devm_of_phy_get) from [<c0a0deb8>] (ahci_platform_get_phy+0x28/0xe0)
> [<c0a0deb8>] (ahci_platform_get_phy) from [<c0a0e64c>] (ahci_platform_get_resources+0x398/0x48c)
> [<c0a0e64c>] (ahci_platform_get_resources) from [<c0a0daec>] (ahci_probe+0x14/0xb4)
> [<c0a0daec>] (ahci_probe) from [<c098a1ec>] (platform_drv_probe+0x48/0x9c)
> [<c098a1ec>] (platform_drv_probe) from [<c0988214>] (really_probe+0x1dc/0x33c)
> [<c0988214>] (really_probe) from [<c09884f4>] (driver_probe_device+0x60/0x164)
> [<c09884f4>] (driver_probe_device) from [<c09887a0>] (device_driver_attach+0x58/0x60)
> [<c09887a0>] (device_driver_attach) from [<c0988828>] (__driver_attach+0x80/0xbc)
> [<c0988828>] (__driver_attach) from [<c09865b4>] (bus_for_each_dev+0x68/0xb4)
> [<c09865b4>] (bus_for_each_dev) from [<c0987594>] (bus_add_driver+0x160/0x1e4)
> [<c0987594>] (bus_add_driver) from [<c09892c0>] (driver_register+0x78/0x10c)
> [<c09892c0>] (driver_register) from [<c0302f14>] (do_one_initcall+0x54/0x220)
> [<c0302f14>] (do_one_initcall) from [<c1500f4c>] (kernel_init_freeable+0x150/0x1b4)
> [<c1500f4c>] (kernel_init_freeable) from [<c0ef6b34>] (kernel_init+0x8/0x10c)
> [<c0ef6b34>] (kernel_init) from [<c03010e8>] (ret_from_fork+0x14/0x2c)
I've already merged a patch fixing this.
Thanks
Kishon
> ...
>
> Fixes: 5253fe05bb47 ("phy: core: Add consumer device link support")
> Signed-off-by: Marek Szyprowski <m.szyprowski@xxxxxxxxxxx>
> ---
> drivers/phy/phy-core.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/phy/phy-core.c b/drivers/phy/phy-core.c
> index 8dfb4868c8c3..2eb28cc2d2dc 100644
> --- a/drivers/phy/phy-core.c
> +++ b/drivers/phy/phy-core.c
> @@ -799,6 +799,7 @@ struct phy *devm_of_phy_get(struct device *dev, struct device_node *np,
> devres_add(dev, ptr);
> } else {
> devres_free(ptr);
> + return phy;
> }
>
> link = device_link_add(dev, &phy->dev, DL_FLAG_STATELESS);
>