[PATCH] staging: vc04_services: vchiq_arm: Fix NULL ptr dereferences

Stefan Wahren wahrenst at gmx.net
Fri Apr 19 07:26:50 PDT 2024


The commit 8c9753f63905 ("staging: vc04_services: vchiq_arm: Drop
g_cache_line_size") introduced NULL pointer dereferences by
messing up usage of device driver data. But the real issue here
is the mixed usage of platform and device driver data. So fix
this by switching completely to device driver data.

Fixes: 8c9753f63905 ("staging: vc04_services: vchiq_arm: Drop g_cache_line_size")
Signed-off-by: Stefan Wahren <wahrenst at gmx.net>
---
 .../staging/vc04_services/interface/vchiq_arm/vchiq_arm.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
index 502ddc0f6e46..3b032d987f0c 100644
--- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
+++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_arm.c
@@ -257,7 +257,7 @@ create_pagelist(struct vchiq_instance *instance, char *buf, char __user *ubuf,
 	if (count >= INT_MAX - PAGE_SIZE)
 		return NULL;

-	drv_mgmt = dev_get_drvdata(instance->state->dev->parent);
+	drv_mgmt = dev_get_drvdata(instance->state->dev);

 	if (buf)
 		offset = (uintptr_t)buf & (PAGE_SIZE - 1);
@@ -436,7 +436,7 @@ free_pagelist(struct vchiq_instance *instance, struct vchiq_pagelist_info *pagel

 	dev_dbg(instance->state->dev, "arm: %pK, %d\n", pagelistinfo->pagelist, actual);

-	drv_mgmt = dev_get_drvdata(instance->state->dev->parent);
+	drv_mgmt = dev_get_drvdata(instance->state->dev);

 	/*
 	 * NOTE: dma_unmap_sg must be called before the
@@ -497,7 +497,7 @@ free_pagelist(struct vchiq_instance *instance, struct vchiq_pagelist_info *pagel
 static int vchiq_platform_init(struct platform_device *pdev, struct vchiq_state *state)
 {
 	struct device *dev = &pdev->dev;
-	struct vchiq_drv_mgmt *drv_mgmt = platform_get_drvdata(pdev);
+	struct vchiq_drv_mgmt *drv_mgmt = dev_get_drvdata(dev);
 	struct rpi_firmware *fw = drv_mgmt->fw;
 	struct vchiq_slot_zero *vchiq_slot_zero;
 	void *slot_mem;
@@ -1753,7 +1753,7 @@ static int vchiq_probe(struct platform_device *pdev)
 		return -EPROBE_DEFER;

 	mgmt->info = info;
-	platform_set_drvdata(pdev, mgmt);
+	dev_set_drvdata(&pdev->dev, mgmt);

 	err = vchiq_platform_init(pdev, &mgmt->state);
 	if (err)
--
2.34.1




More information about the linux-arm-kernel mailing list