6.1-stable review patch. If anyone has any objections, please let me know.
------------------
From: Mike Tipton quic_mdtipton@quicinc.com
[ Upstream commit ad2ab1297d0c80899125a842bb7a078abfe1e6ce ]
Currently, if provider->xlate() or provider->xlate_extended() "successfully" return a NULL node, then of_icc_get_from_provider() won't consider that an error and will successfully return the NULL node. This bypasses error handling in of_icc_get_by_index() and leads to NULL dereferences in path_find().
This could be avoided by ensuring provider callbacks always return an error for NULL nodes, but it's better to explicitly protect against this in the common framework.
Fixes: 87e3031b6fbd ("interconnect: Allow endpoints translation via DT") Signed-off-by: Mike Tipton quic_mdtipton@quicinc.com Link: https://lore.kernel.org/r/20231025145829.11603-1-quic_mdtipton@quicinc.com Signed-off-by: Georgi Djakov djakov@kernel.org Signed-off-by: Sasha Levin sashal@kernel.org --- drivers/interconnect/core.c | 3 +++ 1 file changed, 3 insertions(+)
diff --git a/drivers/interconnect/core.c b/drivers/interconnect/core.c index 0c6fc954e7296..1d9494f64a215 100644 --- a/drivers/interconnect/core.c +++ b/drivers/interconnect/core.c @@ -381,6 +381,9 @@ struct icc_node_data *of_icc_get_from_provider(struct of_phandle_args *spec) } mutex_unlock(&icc_lock);
+ if (!node) + return ERR_PTR(-EINVAL); + if (IS_ERR(node)) return ERR_CAST(node);