[PATCH 4.4 232/312] power_supply: tps65217-charger: Fix NULL deref during property export
From: Greg Kroah-Hartman
Date: Fri May 08 2020 - 08:47:26 EST
From: Marcin Niestroj <m.niestroj@xxxxxxxxxxxxxxxx>
commit 362761299eea7dfc3a4870551de36e08758b9254 upstream.
This bug leads to:
[ 1.906411] Unable to handle kernel NULL pointer dereference at virtual address 0000000c
[ 1.914878] pgd = c0004000
[ 1.917786] [0000000c] *pgd=00000000
[ 1.921536] Internal error: Oops: 5 [#1] SMP ARM
[ 1.926357] Modules linked in:
[ 1.929556] CPU: 0 PID: 14 Comm: kworker/0:1 Not tainted 4.4.5 #18
[ 1.936006] Hardware name: Generic AM33XX (Flattened Device Tree)
[ 1.942383] Workqueue: events power_supply_changed_work
[ 1.947842] task: de2c41c0 ti: de2c8000 task.ti: de2c8000
[ 1.953483] PC is at tps65217_ac_get_property+0x14/0x28
[ 1.958937] LR is at tps65217_ac_get_property+0x10/0x28
Driver was trying to use drv_data in property get handler. However drv_data
was not set, so it caused NULL pointer dereference. This patch properly
sets drv_data during probe by power_supply_config parameter, so the
property get handler works as desired.
Signed-off-by: Marcin Niestroj <m.niestroj@xxxxxxxxxxxxxxxx>
Fixes: 3636859b280c ("power_supply: Add support for tps65217-charger")
Signed-off-by: Sebastian Reichel <sre@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/power/tps65217_charger.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
--- a/drivers/power/tps65217_charger.c
+++ b/drivers/power/tps65217_charger.c
@@ -197,6 +197,7 @@ static int tps65217_charger_probe(struct
{
struct tps65217 *tps = dev_get_drvdata(pdev->dev.parent);
struct tps65217_charger *charger;
+ struct power_supply_config cfg = {};
int ret;
dev_dbg(&pdev->dev, "%s\n", __func__);
@@ -209,9 +210,12 @@ static int tps65217_charger_probe(struct
charger->tps = tps;
charger->dev = &pdev->dev;
+ cfg.of_node = pdev->dev.of_node;
+ cfg.drv_data = charger;
+
charger->ac = devm_power_supply_register(&pdev->dev,
&tps65217_charger_desc,
- NULL);
+ &cfg);
if (IS_ERR(charger->ac)) {
dev_err(&pdev->dev, "failed: power supply register\n");
return PTR_ERR(charger->ac);