| Message ID | 1453851636-5490-1-git-send-email-aduggan@synaptics.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Tue, 26 Jan 2016, Andrew Duggan wrote: > Commit 092563604217 ("HID: rmi: Disable scanning if the device is not a > wake source") introduced a regression for devices which use hid-rmi to > handle composite USB devices. The suspend or resume callbacks are not > checking that the device is a RMI device before calling rmi_read or > rmi_write. This results in dereferencing uninitialized variables on > non RMI devices. This patch checks that the RMI_DEVICE flag is set before > sending RMI commands to the device. > > Reported-by: Rodrigo Gomes <rodrigo.toste.gomes@gmail.com> > Signed-off-by: Andrew Duggan <aduggan@synaptics.com> Applied to for-4.5/upstream-fixes.
diff --git a/drivers/hid/hid-rmi.c b/drivers/hid/hid-rmi.c index 67cd059..9cd2ca3 100644 --- a/drivers/hid/hid-rmi.c +++ b/drivers/hid/hid-rmi.c @@ -594,6 +594,9 @@ static int rmi_suspend(struct hid_device *hdev, pm_message_t message) int ret; u8 buf[RMI_F11_CTRL_REG_COUNT]; + if (!(data->device_flags & RMI_DEVICE)) + return 0; + ret = rmi_read_block(hdev, data->f11.control_base_addr, buf, RMI_F11_CTRL_REG_COUNT); if (ret) @@ -613,6 +616,9 @@ static int rmi_post_reset(struct hid_device *hdev) struct rmi_data *data = hid_get_drvdata(hdev); int ret; + if (!(data->device_flags & RMI_DEVICE)) + return 0; + ret = rmi_reset_attn_mode(hdev); if (ret) { hid_err(hdev, "can not set rmi mode\n"); @@ -640,6 +646,11 @@ static int rmi_post_reset(struct hid_device *hdev) static int rmi_post_resume(struct hid_device *hdev) { + struct rmi_data *data = hid_get_drvdata(hdev); + + if (!(data->device_flags & RMI_DEVICE)) + return 0; + return rmi_reset_attn_mode(hdev); } #endif /* CONFIG_PM */
Commit 092563604217 ("HID: rmi: Disable scanning if the device is not a wake source") introduced a regression for devices which use hid-rmi to handle composite USB devices. The suspend or resume callbacks are not checking that the device is a RMI device before calling rmi_read or rmi_write. This results in dereferencing uninitialized variables on non RMI devices. This patch checks that the RMI_DEVICE flag is set before sending RMI commands to the device. Reported-by: Rodrigo Gomes <rodrigo.toste.gomes@gmail.com> Signed-off-by: Andrew Duggan <aduggan@synaptics.com> --- drivers/hid/hid-rmi.c | 11 +++++++++++ 1 file changed, 11 insertions(+)