Message ID | 0a92979f6e790737544638e8a4c19b0564e660a2.1676983596.git.geert+renesas@glider.be (mailing list archive) |
---|---|
State | Mainlined |
Commit | e8b812b3e515742a4faaf2e4722bdc5755b98f56 |
Delegated to: | Geert Uytterhoeven |
Headers | show |
Series | driver core: bus: Handle early calls to bus_to_subsys() | expand |
On Tue, Feb 21, 2023 at 01:53:51PM +0100, Geert Uytterhoeven wrote: > When calling soc_device_match() from early_initcall(), bus_kset is still > NULL, causing a crash: > > Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028 > ... > Call trace: > __lock_acquire+0x530/0x20f0 > lock_acquire.part.0+0xc8/0x210 > lock_acquire+0x64/0x80 > _raw_spin_lock+0x4c/0x60 > bus_to_subsys+0x24/0xac > bus_for_each_dev+0x30/0xcc > soc_device_match+0x4c/0xe0 > r8a7795_sysc_init+0x18/0x60 > rcar_sysc_pd_init+0xb0/0x33c > do_one_initcall+0x128/0x2bc > > Before, bus_for_each_dev() handled this gracefully by checking that > the back-pointer to the private structure was valid. > > Fix this by adding a NULL check for bus_kset to bus_to_subsys(). > > Fixes: 83b9148df2c95e23 ("driver core: bus: bus iterator cleanups") > Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> > --- > drivers/base/bus.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/base/bus.c b/drivers/base/bus.c > index cfe8615d5106f030..dd4b82d7510f68fb 100644 > --- a/drivers/base/bus.c > +++ b/drivers/base/bus.c > @@ -62,7 +62,7 @@ static struct subsys_private *bus_to_subsys(const struct bus_type *bus) > struct subsys_private *sp = NULL; > struct kobject *kobj; > > - if (!bus) > + if (!bus || !bus_kset) > return NULL; > > spin_lock(&bus_kset->list_lock); Thanks for this, I'll queue it up after my patches get sent to Linus. greg k-h
On Tue, Feb 21, 2023 at 01:53:51PM +0100, Geert Uytterhoeven wrote: > When calling soc_device_match() from early_initcall(), bus_kset is still > NULL, causing a crash: > > Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028 > ... > Call trace: > __lock_acquire+0x530/0x20f0 > lock_acquire.part.0+0xc8/0x210 > lock_acquire+0x64/0x80 > _raw_spin_lock+0x4c/0x60 > bus_to_subsys+0x24/0xac > bus_for_each_dev+0x30/0xcc > soc_device_match+0x4c/0xe0 > r8a7795_sysc_init+0x18/0x60 > rcar_sysc_pd_init+0xb0/0x33c > do_one_initcall+0x128/0x2bc > > Before, bus_for_each_dev() handled this gracefully by checking that > the back-pointer to the private structure was valid. > > Fix this by adding a NULL check for bus_kset to bus_to_subsys(). > > Fixes: 83b9148df2c95e23 ("driver core: bus: bus iterator cleanups") > Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> Current top-of-head doesn't boot my Salvator-XS board, this patch fixed it. Tested-by: Wolfram Sang <wsa+renesas@sang-engineering.com>
On Tue, Feb 28, 2023 at 11:57:02AM +0100, Wolfram Sang wrote: > On Tue, Feb 21, 2023 at 01:53:51PM +0100, Geert Uytterhoeven wrote: > > When calling soc_device_match() from early_initcall(), bus_kset is still > > NULL, causing a crash: > > > > Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028 > > ... > > Call trace: > > __lock_acquire+0x530/0x20f0 > > lock_acquire.part.0+0xc8/0x210 > > lock_acquire+0x64/0x80 > > _raw_spin_lock+0x4c/0x60 > > bus_to_subsys+0x24/0xac > > bus_for_each_dev+0x30/0xcc > > soc_device_match+0x4c/0xe0 > > r8a7795_sysc_init+0x18/0x60 > > rcar_sysc_pd_init+0xb0/0x33c > > do_one_initcall+0x128/0x2bc > > > > Before, bus_for_each_dev() handled this gracefully by checking that > > the back-pointer to the private structure was valid. > > > > Fix this by adding a NULL check for bus_kset to bus_to_subsys(). > > > > Fixes: 83b9148df2c95e23 ("driver core: bus: bus iterator cleanups") > > Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> > > Current top-of-head doesn't boot my Salvator-XS board, this patch fixed > it. > > Tested-by: Wolfram Sang <wsa+renesas@sang-engineering.com> > Great, now sent to Linus. greg k-h
diff --git a/drivers/base/bus.c b/drivers/base/bus.c index cfe8615d5106f030..dd4b82d7510f68fb 100644 --- a/drivers/base/bus.c +++ b/drivers/base/bus.c @@ -62,7 +62,7 @@ static struct subsys_private *bus_to_subsys(const struct bus_type *bus) struct subsys_private *sp = NULL; struct kobject *kobj; - if (!bus) + if (!bus || !bus_kset) return NULL; spin_lock(&bus_kset->list_lock);
When calling soc_device_match() from early_initcall(), bus_kset is still NULL, causing a crash: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028 ... Call trace: __lock_acquire+0x530/0x20f0 lock_acquire.part.0+0xc8/0x210 lock_acquire+0x64/0x80 _raw_spin_lock+0x4c/0x60 bus_to_subsys+0x24/0xac bus_for_each_dev+0x30/0xcc soc_device_match+0x4c/0xe0 r8a7795_sysc_init+0x18/0x60 rcar_sysc_pd_init+0xb0/0x33c do_one_initcall+0x128/0x2bc Before, bus_for_each_dev() handled this gracefully by checking that the back-pointer to the private structure was valid. Fix this by adding a NULL check for bus_kset to bus_to_subsys(). Fixes: 83b9148df2c95e23 ("driver core: bus: bus iterator cleanups") Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> --- drivers/base/bus.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)