This is to address a possible NULL pointer dereference on a platform that might
use this driver but its underlying IRQ chip does not provide an irq_eoi callback.
A commit 0766d20 added an conditional to the code, but then it was later
super-seeded by commit 20e2aa9 which introduced number of helper functions
for accessing various members of the irq_desc struct, but removed said
conditional from the code.
This change will re-introduce conditional guarding against possible NULL
pointer dereference caused by missing EIO handler.
Signed-off-by: Krzysztof Wilczynski <[email protected]>
---
drivers/gpio/gpio-langwell.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/drivers/gpio/gpio-langwell.c b/drivers/gpio/gpio-langwell.c
index 00692e8..5749738 100644
--- a/drivers/gpio/gpio-langwell.c
+++ b/drivers/gpio/gpio-langwell.c
@@ -260,7 +260,8 @@ static void lnw_irq_handler(unsigned irq, struct irq_desc *desc)
}
}
- chip->irq_eoi(data);
+ if (data)
+ chip->irq_eoi(data);
}
#ifdef CONFIG_PM
--
1.7.2.5
On Sun, 6 May 2012, Krzysztof Wilczynski wrote:
> This is to address a possible NULL pointer dereference on a platform that might
> use this driver but its underlying IRQ chip does not provide an irq_eoi callback.
>
> A commit 0766d20 added an conditional to the code, but then it was later
> super-seeded by commit 20e2aa9 which introduced number of helper functions
> for accessing various members of the irq_desc struct, but removed said
> conditional from the code.
>
> This change will re-introduce conditional guarding against possible NULL
> pointer dereference caused by missing EIO handler.
>
> Signed-off-by: Krzysztof Wilczynski <[email protected]>
> ---
> drivers/gpio/gpio-langwell.c | 3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/drivers/gpio/gpio-langwell.c b/drivers/gpio/gpio-langwell.c
> index 00692e8..5749738 100644
> --- a/drivers/gpio/gpio-langwell.c
> +++ b/drivers/gpio/gpio-langwell.c
> @@ -260,7 +260,8 @@ static void lnw_irq_handler(unsigned irq, struct irq_desc *desc)
> }
> }
>
> - chip->irq_eoi(data);
> + if (data)
> + chip->irq_eoi(data);
And how does data, which is always set as long as the interrupt exist
prove that the chip has an eoi function?
Thanks,
tglx
Hi,
[...]
>> - chip->irq_eoi(data);
>> + if (data)
>> + chip->irq_eoi(data);
>
> And how does data, which is always set as long as the interrupt exist
> prove that the chip has an eoi function?
It won't, a very good point. And as you told me (IRC) this has to be
solved on a more generic level (core handlers), and possibly
abstracted from the drivers. I will do and read through the code of
core handlers to learn more. Thanks for pointing it out and help so
far :)
KW