[PATCH 3.16.y-ckt 124/144] iio: imu: Use iio_trigger_get for indio_dev->trig assignment
Luis Henriques
luis.henriques at canonical.com
Tue Apr 21 15:31:49 UTC 2015
3.16.7-ckt10 -stable review patch. If anyone has any objections, please let me know.
------------------
From: Darshana Padmadas <darshanapadmadas at gmail.com>
commit 4ce7ca89d6e8eae9e201cd0e972ba323f33e2fb4 upstream.
This patch uses iio_trigger_get to increment the reference
count of trigger device, to avoid incorrect assignment.
Can result in a null pointer dereference during removal if the
trigger has been changed before removal.
This patch refers to a similar situation encountered through the
following discussion:
http://www.spinics.net/lists/linux-iio/msg13669.html
Signed-off-by: Darshana Padmadas <darshanapadmadas at gmail.com>
Signed-off-by: Jonathan Cameron <jic23 at kernel.org>
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
drivers/iio/imu/adis_trigger.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/iio/imu/adis_trigger.c b/drivers/iio/imu/adis_trigger.c
index e0017c22bb9c..f53e9a803a0e 100644
--- a/drivers/iio/imu/adis_trigger.c
+++ b/drivers/iio/imu/adis_trigger.c
@@ -60,7 +60,7 @@ int adis_probe_trigger(struct adis *adis, struct iio_dev *indio_dev)
iio_trigger_set_drvdata(adis->trig, adis);
ret = iio_trigger_register(adis->trig);
- indio_dev->trig = adis->trig;
+ indio_dev->trig = iio_trigger_get(adis->trig);
if (ret)
goto error_free_irq;
More information about the kernel-team
mailing list