[PATCH 1/2] uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind
From: Naman Jain
Date: Thu Aug 22 2024 - 07:10:00 EST
From: Saurabh Sengar <ssengar@xxxxxxxxxxxxxxxxxxx>
For primary VMBus channels primary_channel pointer is always NULL. This
pointer is valid only for the secondry channels.
Fix NULL pointer dereference by retrieving the device_obj from the parent
in the absence of a valid primary_channel pointer.
Fixes: ca3cda6fcf1e ("uio_hv_generic: add rescind support")
Signed-off-by: Saurabh Sengar <ssengar@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Naman Jain <namjain@xxxxxxxxxxxxxxxxxxx>
---
drivers/uio/uio_hv_generic.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/uio/uio_hv_generic.c b/drivers/uio/uio_hv_generic.c
index b45653752301..c99890c16d29 100644
--- a/drivers/uio/uio_hv_generic.c
+++ b/drivers/uio/uio_hv_generic.c
@@ -109,7 +109,8 @@ static void hv_uio_channel_cb(void *context)
*/
static void hv_uio_rescind(struct vmbus_channel *channel)
{
- struct hv_device *hv_dev = channel->primary_channel->device_obj;
+ struct hv_device *hv_dev = channel->primary_channel ?
+ channel->primary_channel->device_obj : channel->device_obj;
struct hv_uio_private_data *pdata = hv_get_drvdata(hv_dev);
/*
--
2.34.1