1. Patchew
  2. linux
  3. View series

[PATCH] driver core: bus: Handle early calls to bus_to_subsys()

Geert Uytterhoeven posted 1 patch 2 years, 6 months ago 
drivers/base/bus.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] driver core: bus: Handle early calls to bus_to_subsys()
Posted by Geert Uytterhoeven 2 years, 6 months ago 
When calling soc_device_match() from early_initcall(), bus_kset is still
NULL, causing a crash:

    Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028
    ...
    Call trace:
     __lock_acquire+0x530/0x20f0
     lock_acquire.part.0+0xc8/0x210
     lock_acquire+0x64/0x80
     _raw_spin_lock+0x4c/0x60
     bus_to_subsys+0x24/0xac
     bus_for_each_dev+0x30/0xcc
     soc_device_match+0x4c/0xe0
     r8a7795_sysc_init+0x18/0x60
     rcar_sysc_pd_init+0xb0/0x33c
     do_one_initcall+0x128/0x2bc

Before, bus_for_each_dev() handled this gracefully by checking that
the back-pointer to the private structure was valid.

Fix this by adding a NULL check for bus_kset to bus_to_subsys().

Fixes: 83b9148df2c95e23 ("driver core: bus: bus iterator cleanups")
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
---
 drivers/base/bus.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/base/bus.c b/drivers/base/bus.c
index cfe8615d5106f030..dd4b82d7510f68fb 100644
--- a/drivers/base/bus.c
+++ b/drivers/base/bus.c
@@ -62,7 +62,7 @@ static struct subsys_private *bus_to_subsys(const struct bus_type *bus)
 	struct subsys_private *sp = NULL;
 	struct kobject *kobj;
 
-	if (!bus)
+	if (!bus || !bus_kset)
 		return NULL;
 
 	spin_lock(&bus_kset->list_lock);
-- 
2.34.1
Re: [PATCH] driver core: bus: Handle early calls to bus_to_subsys()
Posted by Wolfram Sang 2 years, 6 months ago 
On Tue, Feb 21, 2023 at 01:53:51PM +0100, Geert Uytterhoeven wrote:
> When calling soc_device_match() from early_initcall(), bus_kset is still
> NULL, causing a crash:
> 
>     Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028
>     ...
>     Call trace:
>      __lock_acquire+0x530/0x20f0
>      lock_acquire.part.0+0xc8/0x210
>      lock_acquire+0x64/0x80
>      _raw_spin_lock+0x4c/0x60
>      bus_to_subsys+0x24/0xac
>      bus_for_each_dev+0x30/0xcc
>      soc_device_match+0x4c/0xe0
>      r8a7795_sysc_init+0x18/0x60
>      rcar_sysc_pd_init+0xb0/0x33c
>      do_one_initcall+0x128/0x2bc
> 
> Before, bus_for_each_dev() handled this gracefully by checking that
> the back-pointer to the private structure was valid.
> 
> Fix this by adding a NULL check for bus_kset to bus_to_subsys().
> 
> Fixes: 83b9148df2c95e23 ("driver core: bus: bus iterator cleanups")
> Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>

Current top-of-head doesn't boot my Salvator-XS board, this patch fixed
it.

Tested-by: Wolfram Sang <wsa+renesas@sang-engineering.com>
Re: [PATCH] driver core: bus: Handle early calls to bus_to_subsys()
Posted by Greg Kroah-Hartman 2 years, 6 months ago 
On Tue, Feb 28, 2023 at 11:57:02AM +0100, Wolfram Sang wrote:
> On Tue, Feb 21, 2023 at 01:53:51PM +0100, Geert Uytterhoeven wrote:
> > When calling soc_device_match() from early_initcall(), bus_kset is still
> > NULL, causing a crash:
> > 
> >     Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028
> >     ...
> >     Call trace:
> >      __lock_acquire+0x530/0x20f0
> >      lock_acquire.part.0+0xc8/0x210
> >      lock_acquire+0x64/0x80
> >      _raw_spin_lock+0x4c/0x60
> >      bus_to_subsys+0x24/0xac
> >      bus_for_each_dev+0x30/0xcc
> >      soc_device_match+0x4c/0xe0
> >      r8a7795_sysc_init+0x18/0x60
> >      rcar_sysc_pd_init+0xb0/0x33c
> >      do_one_initcall+0x128/0x2bc
> > 
> > Before, bus_for_each_dev() handled this gracefully by checking that
> > the back-pointer to the private structure was valid.
> > 
> > Fix this by adding a NULL check for bus_kset to bus_to_subsys().
> > 
> > Fixes: 83b9148df2c95e23 ("driver core: bus: bus iterator cleanups")
> > Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
> 
> Current top-of-head doesn't boot my Salvator-XS board, this patch fixed
> it.
> 
> Tested-by: Wolfram Sang <wsa+renesas@sang-engineering.com>
> 

Great, now sent to Linus.

greg k-h
Re: [PATCH] driver core: bus: Handle early calls to bus_to_subsys()
Posted by Greg Kroah-Hartman 2 years, 6 months ago 
On Tue, Feb 21, 2023 at 01:53:51PM +0100, Geert Uytterhoeven wrote:
> When calling soc_device_match() from early_initcall(), bus_kset is still
> NULL, causing a crash:
> 
>     Unable to handle kernel NULL pointer dereference at virtual address 0000000000000028
>     ...
>     Call trace:
>      __lock_acquire+0x530/0x20f0
>      lock_acquire.part.0+0xc8/0x210
>      lock_acquire+0x64/0x80
>      _raw_spin_lock+0x4c/0x60
>      bus_to_subsys+0x24/0xac
>      bus_for_each_dev+0x30/0xcc
>      soc_device_match+0x4c/0xe0
>      r8a7795_sysc_init+0x18/0x60
>      rcar_sysc_pd_init+0xb0/0x33c
>      do_one_initcall+0x128/0x2bc
> 
> Before, bus_for_each_dev() handled this gracefully by checking that
> the back-pointer to the private structure was valid.
> 
> Fix this by adding a NULL check for bus_kset to bus_to_subsys().
> 
> Fixes: 83b9148df2c95e23 ("driver core: bus: bus iterator cleanups")
> Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
> ---
>  drivers/base/bus.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/base/bus.c b/drivers/base/bus.c
> index cfe8615d5106f030..dd4b82d7510f68fb 100644
> --- a/drivers/base/bus.c
> +++ b/drivers/base/bus.c
> @@ -62,7 +62,7 @@ static struct subsys_private *bus_to_subsys(const struct bus_type *bus)
>  	struct subsys_private *sp = NULL;
>  	struct kobject *kobj;
>  
> -	if (!bus)
> +	if (!bus || !bus_kset)
>  		return NULL;
>  
>  	spin_lock(&bus_kset->list_lock);

Thanks for this, I'll queue it up after my patches get sent to Linus.

greg k-h

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.