[3.13.y.z extended stable] Patch "regmap: debugfs: fix possbile NULL pointer dereference" has been added to staging queue

Kamal Mostafa kamal at canonical.com
Tue Oct 21 20:09:23 UTC 2014 

This is a note to let you know that I have just added a patch titled

    regmap: debugfs: fix possbile NULL pointer dereference

to the linux-3.13.y-queue branch of the 3.13.y.z extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.13.y-queue

This patch is scheduled to be released in version 3.13.11.10.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.13.y.z tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Kamal

------

>From 80d0ad902ecd87136141d0fb8950b38a30f367e3 Mon Sep 17 00:00:00 2001
From: Xiubo Li <Li.Xiubo at freescale.com>
Date: Sun, 28 Sep 2014 11:35:25 +0800
Subject: regmap: debugfs: fix possbile NULL pointer dereference

commit 2c98e0c1cc6b8e86f1978286c3d4e0769ee9d733 upstream.

If 'map->dev' is NULL and there will lead dev_name() to be NULL pointer
dereference. So before dev_name(), we need to have check of the map->dev
pionter.

We also should make sure that the 'name' pointer shouldn't be NULL for
debugfs_create_dir(). So here using one default "dummy" debugfs name when
the 'name' pointer and 'map->dev' are both NULL.

Signed-off-by: Xiubo Li <Li.Xiubo at freescale.com>
Signed-off-by: Mark Brown <broonie at kernel.org>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
 drivers/base/regmap/regmap-debugfs.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/drivers/base/regmap/regmap-debugfs.c b/drivers/base/regmap/regmap-debugfs.c
index f89d382..004e132 100644
--- a/drivers/base/regmap/regmap-debugfs.c
+++ b/drivers/base/regmap/regmap-debugfs.c
@@ -473,6 +473,7 @@ void regmap_debugfs_init(struct regmap *map, const char *name)
 {
 	struct rb_node *next;
 	struct regmap_range_node *range_node;
+	const char *devname = "dummy";

 	/* If we don't have the debugfs root yet, postpone init */
 	if (!regmap_debugfs_root) {
@@ -491,12 +492,15 @@ void regmap_debugfs_init(struct regmap *map, const char *name)
 	INIT_LIST_HEAD(&map->debugfs_off_cache);
 	mutex_init(&map->cache_lock);

+	if (map->dev)
+		devname = dev_name(map->dev);
+
 	if (name) {
 		map->debugfs_name = kasprintf(GFP_KERNEL, "%s-%s",
-					      dev_name(map->dev), name);
+					      devname, name);
 		name = map->debugfs_name;
 	} else {
-		name = dev_name(map->dev);
+		name = devname;
 	}

 	map->debugfs = debugfs_create_dir(name, regmap_debugfs_root);
--
1.9.1

More information about the kernel-team mailing list