Make sure to stop and deregister the port in case of late probe errors
to avoid use-after-free issues when the underlying memory is released by
devres.
Fixes: a4422ff22142 ("usb: typec: qcom: Add Qualcomm PMIC Type-C driver")
Cc: [email protected] # 6.5
Cc: Bryan O'Donoghue <[email protected]>
Signed-off-by: Johan Hovold <[email protected]>
---
drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c b/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c
index e48412cdcb0f..d3958c061a97 100644
--- a/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c
+++ b/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c
@@ -104,14 +104,18 @@ static int qcom_pmic_typec_probe(struct platform_device *pdev)
ret = tcpm->port_start(tcpm, tcpm->tcpm_port);
if (ret)
- goto fwnode_remove;
+ goto port_unregister;
ret = tcpm->pdphy_start(tcpm, tcpm->tcpm_port);
if (ret)
- goto fwnode_remove;
+ goto port_stop;
return 0;
+port_stop:
+ tcpm->port_stop(tcpm);
+port_unregister:
+ tcpm_unregister_port(tcpm->tcpm_port);
fwnode_remove:
fwnode_remove_software_node(tcpm->tcpc.fwnode);
--
2.43.2
On Thu, Apr 18, 2024 at 04:57:29PM +0200, Johan Hovold wrote:
> Make sure to stop and deregister the port in case of late probe errors
> to avoid use-after-free issues when the underlying memory is released by
> devres.
>
> Fixes: a4422ff22142 ("usb: typec: qcom: Add Qualcomm PMIC Type-C driver")
> Cc: [email protected] # 6.5
> Cc: Bryan O'Donoghue <[email protected]>
> Signed-off-by: Johan Hovold <[email protected]>
> ---
> drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
Reviewed-by: Dmitry Baryshkov <[email protected]>
--
With best wishes
Dmitry
On 18/04/2024 15:57, Johan Hovold wrote:
> Make sure to stop and deregister the port in case of late probe errors
> to avoid use-after-free issues when the underlying memory is released by
> devres.
>
> Fixes: a4422ff22142 ("usb: typec: qcom: Add Qualcomm PMIC Type-C driver")
> Cc: [email protected] # 6.5
> Cc: Bryan O'Donoghue <[email protected]>
> Signed-off-by: Johan Hovold <[email protected]>
> ---
> drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c b/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c
> index e48412cdcb0f..d3958c061a97 100644
> --- a/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c
> +++ b/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c
> @@ -104,14 +104,18 @@ static int qcom_pmic_typec_probe(struct platform_device *pdev)
>
> ret = tcpm->port_start(tcpm, tcpm->tcpm_port);
> if (ret)
> - goto fwnode_remove;
> + goto port_unregister;
>
> ret = tcpm->pdphy_start(tcpm, tcpm->tcpm_port);
> if (ret)
> - goto fwnode_remove;
> + goto port_stop;
>
> return 0;
>
> +port_stop:
> + tcpm->port_stop(tcpm);
> +port_unregister:
> + tcpm_unregister_port(tcpm->tcpm_port);
> fwnode_remove:
> fwnode_remove_software_node(tcpm->tcpc.fwnode);
>
Reviewed-by: Bryan O'Donoghue <[email protected]>
On Thu, Apr 18, 2024 at 04:57:29PM +0200, Johan Hovold wrote:
> Make sure to stop and deregister the port in case of late probe errors
> to avoid use-after-free issues when the underlying memory is released by
> devres.
>
> Fixes: a4422ff22142 ("usb: typec: qcom: Add Qualcomm PMIC Type-C driver")
> Cc: [email protected] # 6.5
> Cc: Bryan O'Donoghue <[email protected]>
> Signed-off-by: Johan Hovold <[email protected]>
Reviewed-by: Heikki Krogerus <[email protected]>
> ---
> drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c b/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c
> index e48412cdcb0f..d3958c061a97 100644
> --- a/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c
> +++ b/drivers/usb/typec/tcpm/qcom/qcom_pmic_typec.c
> @@ -104,14 +104,18 @@ static int qcom_pmic_typec_probe(struct platform_device *pdev)
>
> ret = tcpm->port_start(tcpm, tcpm->tcpm_port);
> if (ret)
> - goto fwnode_remove;
> + goto port_unregister;
>
> ret = tcpm->pdphy_start(tcpm, tcpm->tcpm_port);
> if (ret)
> - goto fwnode_remove;
> + goto port_stop;
>
> return 0;
>
> +port_stop:
> + tcpm->port_stop(tcpm);
> +port_unregister:
> + tcpm_unregister_port(tcpm->tcpm_port);
> fwnode_remove:
> fwnode_remove_software_node(tcpm->tcpc.fwnode);
>
> --
> 2.43.2
--
heikki