drivers/platform/chrome/cros_typec_altmode.c | 1 + 1 file changed, 1 insertion(+)
cros_typec_register_thunderbolt() missed initializing the `adata->lock`
mutex. This leads to a NULL dereference when the mutex is later
acquired (e.g. in cros_typec_altmode_work()).
Initialize the mutex in cros_typec_register_thunderbolt() to fix the
issue.
Cc: stable@vger.kernel.org
Fixes: 3b00be26b16a ("platform/chrome: cros_ec_typec: Thunderbolt support")
Signed-off-by: Tzung-Bi Shih <tzungbi@kernel.org>
---
drivers/platform/chrome/cros_typec_altmode.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/platform/chrome/cros_typec_altmode.c b/drivers/platform/chrome/cros_typec_altmode.c
index 557340b53af0..66c546bf89b5 100644
--- a/drivers/platform/chrome/cros_typec_altmode.c
+++ b/drivers/platform/chrome/cros_typec_altmode.c
@@ -359,6 +359,7 @@ cros_typec_register_thunderbolt(struct cros_typec_port *port,
}
INIT_WORK(&adata->work, cros_typec_altmode_work);
+ mutex_init(&adata->lock);
adata->alt = alt;
adata->port = port;
adata->ap_mode_entry = true;
--
2.54.0.545.g6539524ca2-googOn Tue, May 05, 2026 at 05:34:03AM +0000, Tzung-Bi Shih wrote:
> cros_typec_register_thunderbolt() missed initializing the `adata->lock`
> mutex. This leads to a NULL dereference when the mutex is later
> acquired (e.g. in cros_typec_altmode_work()).
>
> Initialize the mutex in cros_typec_register_thunderbolt() to fix the
> issue.
>
> [...]
Applied to
https://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux.git for-7.1
[1/1] platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration
commit: 525cb7ba6661074c1c5cc3772bccc6afab6791ef
Thanks!
On Tue, May 05, 2026 at 05:34:03AM +0000, Tzung-Bi Shih wrote:
> cros_typec_register_thunderbolt() missed initializing the `adata->lock`
> mutex. This leads to a NULL dereference when the mutex is later
> acquired (e.g. in cros_typec_altmode_work()).
>
> Initialize the mutex in cros_typec_register_thunderbolt() to fix the
> issue.
>
> Cc: stable@vger.kernel.org
> Fixes: 3b00be26b16a ("platform/chrome: cros_ec_typec: Thunderbolt support")
> Signed-off-by: Tzung-Bi Shih <tzungbi@kernel.org>
Thanks for the fix!
Reviewed-by: Benson Leung <bleung@chromium.org>
> ---
> drivers/platform/chrome/cros_typec_altmode.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/platform/chrome/cros_typec_altmode.c b/drivers/platform/chrome/cros_typec_altmode.c
> index 557340b53af0..66c546bf89b5 100644
> --- a/drivers/platform/chrome/cros_typec_altmode.c
> +++ b/drivers/platform/chrome/cros_typec_altmode.c
> @@ -359,6 +359,7 @@ cros_typec_register_thunderbolt(struct cros_typec_port *port,
> }
>
> INIT_WORK(&adata->work, cros_typec_altmode_work);
> + mutex_init(&adata->lock);
> adata->alt = alt;
> adata->port = port;
> adata->ap_mode_entry = true;
> --
> 2.54.0.545.g6539524ca2-goog
>
On Mon, May 4, 2026 at 10:34 PM Tzung-Bi Shih <tzungbi@kernel.org> wrote:
>
> cros_typec_register_thunderbolt() missed initializing the `adata->lock`
> mutex. This leads to a NULL dereference when the mutex is later
> acquired (e.g. in cros_typec_altmode_work()).
>
> Initialize the mutex in cros_typec_register_thunderbolt() to fix the
> issue.
>
> Cc: stable@vger.kernel.org
> Fixes: 3b00be26b16a ("platform/chrome: cros_ec_typec: Thunderbolt support")
> Signed-off-by: Tzung-Bi Shih <tzungbi@kernel.org>
> ---
> drivers/platform/chrome/cros_typec_altmode.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/platform/chrome/cros_typec_altmode.c b/drivers/platform/chrome/cros_typec_altmode.c
> index 557340b53af0..66c546bf89b5 100644
> --- a/drivers/platform/chrome/cros_typec_altmode.c
> +++ b/drivers/platform/chrome/cros_typec_altmode.c
> @@ -359,6 +359,7 @@ cros_typec_register_thunderbolt(struct cros_typec_port *port,
> }
>
> INIT_WORK(&adata->work, cros_typec_altmode_work);
> + mutex_init(&adata->lock);
> adata->alt = alt;
> adata->port = port;
> adata->ap_mode_entry = true;
> --
> 2.54.0.545.g6539524ca2-goog
>
Thanks for the fix.
Reviewed-by: Abhishek Pandit-Subedi <abhishekpandit@chromium.org>
© 2016 - 2026 Red Hat, Inc.