From e9c5b0b53ccca81dd0a35c62309e243a57c7959d Mon Sep 17 00:00:00 2001
From: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Date: Thu, 29 Jul 2021 14:04:01 +0200
Subject: [PATCH] dmaengine: idxd: Fix a possible NULL pointer dereference
Git-commit: e9c5b0b53ccca81dd0a35c62309e243a57c7959d
Patch-mainline: v5.15-rc1
References: jsc#SLE-18899
'device_driver_attach()' dereferences its first argument (i.e. 'alt_drv')
so it must not be NULL.
Simplify the error handling logic about NULL 'alt_drv' in order to be
more robust and future-proof.
Fixes: 568b2126466f ("dmaengine: idxd: fix uninit var for alt_drv")
Fixes: 6e7f3ee97bbe ("dmaengine: idxd: move dsa_drv support to compatible mode")
Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Acked-by: Dave Jiang <dave.jiang@intel.com>
Link: https://lore.kernel.org/r/77f0dc4f3966591d1f0cffb614a94085f8895a85.1627560174.git.christophe.jaillet@wanadoo.fr
Signed-off-by: Vinod Koul <vkoul@kernel.org>
Acked-by: Takashi Iwai <tiwai@suse.de>
---
drivers/dma/idxd/compat.c | 15 ++++-----------
1 file changed, 4 insertions(+), 11 deletions(-)
diff --git a/drivers/dma/idxd/compat.c b/drivers/dma/idxd/compat.c
index d7616c240dcd..3df21615f888 100644
--- a/drivers/dma/idxd/compat.c
+++ b/drivers/dma/idxd/compat.c
@@ -45,23 +45,16 @@ static ssize_t bind_store(struct device_driver *drv, const char *buf, size_t cou
idxd_dev = confdev_to_idxd_dev(dev);
if (is_idxd_dev(idxd_dev)) {
alt_drv = driver_find("idxd", bus);
- if (!alt_drv)
- return -ENODEV;
} else if (is_idxd_wq_dev(idxd_dev)) {
struct idxd_wq *wq = confdev_to_wq(dev);
- if (is_idxd_wq_kernel(wq)) {
+ if (is_idxd_wq_kernel(wq))
alt_drv = driver_find("dmaengine", bus);
- if (!alt_drv)
- return -ENODEV;
- } else if (is_idxd_wq_user(wq)) {
+ else if (is_idxd_wq_user(wq))
alt_drv = driver_find("user", bus);
- if (!alt_drv)
- return -ENODEV;
- } else {
- return -ENODEV;
- }
}
+ if (!alt_drv)
+ return -ENODEV;
rc = device_driver_attach(alt_drv, dev);
if (rc < 0)
--
2.26.2