6.7-stable review patch. If anyone has any objections, please let me know.
------------------
From: Umang Jain umang.jain@ideasonboard.com
[ Upstream commit f9c42898830383aff4fdc723828fa93a6abec02d ]
The handle_to_service() helper can return NULL, so `service` pointer can indeed be set to NULL. So, do not log through service pointer (which can cause NULL-deference), instead, use the vchiq_instance function argument to get access to the struct device.
Fixes: f67af5940d6d ("staging: vc04: Convert(and rename) vchiq_log_info() to use dynamic debug") Reviewed-by: Ricardo B. Marliere ricardo@marliere.net Signed-off-by: Umang Jain umang.jain@ideasonboard.com Link: https://lore.kernel.org/r/20231128201845.489237-1-umang.jain@ideasonboard.co... Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Signed-off-by: Sasha Levin sashal@kernel.org --- .../staging/vc04_services/interface/vchiq_arm/vchiq_core.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c index 39b857da2d42..8a9eb0101c2e 100644 --- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c +++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c @@ -245,7 +245,7 @@ find_service_by_handle(struct vchiq_instance *instance, unsigned int handle) return service; } rcu_read_unlock(); - vchiq_log_debug(service->state->dev, VCHIQ_CORE, + vchiq_log_debug(instance->state->dev, VCHIQ_CORE, "Invalid service handle 0x%x", handle); return NULL; } @@ -287,7 +287,7 @@ find_service_for_instance(struct vchiq_instance *instance, unsigned int handle) return service; } rcu_read_unlock(); - vchiq_log_debug(service->state->dev, VCHIQ_CORE, + vchiq_log_debug(instance->state->dev, VCHIQ_CORE, "Invalid service handle 0x%x", handle); return NULL; } @@ -310,7 +310,7 @@ find_closed_service_for_instance(struct vchiq_instance *instance, unsigned int h return service; } rcu_read_unlock(); - vchiq_log_debug(service->state->dev, VCHIQ_CORE, + vchiq_log_debug(instance->state->dev, VCHIQ_CORE, "Invalid service handle 0x%x", handle); return service; }