[PATCH v2 1/4] usb: typec: ucsi: Fix null deref in trace
From: Jameson Thies
Date: Tue Apr 23 2024 - 21:49:03 EST
From: Abhishek Pandit-Subedi <abhishekpandit@xxxxxxxxxxxx>
ucsi_register_altmode checks IS_ERR on returned pointer and treats
NULL as valid. This results in a null deref when
trace_ucsi_register_altmode is called. Return an error from
ucsi_register_displayport when it is not supported and register the
altmode with typec_port_register_altmode.
Reviewed-by: Jameson Thies <jthies@xxxxxxxxxx>
Signed-off-by: Abhishek Pandit-Subedi <abhishekpandit@xxxxxxxxxxxx>
---
Changes in V2:
- Checks for error response from ucsi_register_displayport when
registering DisplayPort alternate mode.
drivers/usb/typec/ucsi/ucsi.c | 3 +++
drivers/usb/typec/ucsi/ucsi.h | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/usb/typec/ucsi/ucsi.c b/drivers/usb/typec/ucsi/ucsi.c
index cb52e7b0a2c5c..f3b413f94fd28 100644
--- a/drivers/usb/typec/ucsi/ucsi.c
+++ b/drivers/usb/typec/ucsi/ucsi.c
@@ -361,6 +361,9 @@ static int ucsi_register_altmode(struct ucsi_connector *con,
switch (desc->svid) {
case USB_TYPEC_DP_SID:
alt = ucsi_register_displayport(con, override, i, desc);
+ if (IS_ERR(alt) && PTR_ERR(alt) == -EOPNOTSUPP)
+ alt = typec_port_register_altmode(con->port, desc);
+
break;
case USB_TYPEC_NVIDIA_VLINK_SID:
if (desc->vdo == USB_TYPEC_NVIDIA_VLINK_DBG_VDO)
diff --git a/drivers/usb/typec/ucsi/ucsi.h b/drivers/usb/typec/ucsi/ucsi.h
index c4d103db9d0f8..c663dce0659ee 100644
--- a/drivers/usb/typec/ucsi/ucsi.h
+++ b/drivers/usb/typec/ucsi/ucsi.h
@@ -496,7 +496,7 @@ ucsi_register_displayport(struct ucsi_connector *con,
bool override, int offset,
struct typec_altmode_desc *desc)
{
- return NULL;
+ return ERR_PTR(-EOPNOTSUPP);
}
static inline void
--
2.44.0.769.g3c40516874-goog