OpenCloudOS-Kernel/drivers
Krzysztof Kozlowski 8e59c7f234 power_supply: Fix NULL pointer dereference during bq27x00_battery probe
Power supply is often registered during probe of a driver. The
power_supply_register() returns pointer to newly allocated structure as
return value. However before returning the power_supply_register()
calls back the get_property() method provided by the driver through
uevent.

In that time the driver probe is still in progress and driver did not
assigned pointer to power supply to its local variables. This leads to
NULL pointer dereference from get_property() function.
Starting from bq27x00_battery_probe():
  di->bat = power_supply_register()
    device_add()
      kobject_uevent()
        power_supply_uevent()
          power_supply_show_property()
            power_supply_get_property()
              bq27x00_battery_get_property()
                dereference of (di->bat) which is NULL here

The first uevent of power supply (the one coming from device creation)
should not call back to the driver. To prevent that from happening,
increment the atomic use counter at the end of power_supply_register().
This means that power_supply_get_property() will return -ENODEV.

IMPORTANT:
The patch has impact on this first uevent sent from power supply because
it will not contain properties from power supply.

The uevent with properties will be sent later after indicating that
power supply has changed. This also has a race now, but will be fixed in
other patches.

Reported-by: H. Nikolaus Schaller <hns@goldelico.com>
Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Fixes: 297d716f62 ("power_supply: Change ownership from driver to core")
Tested-By: Dr. H. Nikolaus Schaller <hns@goldelico.com>
Signed-off-by: Sebastian Reichel <sre@kernel.org>
2015-05-21 15:40:54 +02:00
..
accessibility
acpi Merge branches 'acpi-init' and 'acpica' 2015-05-15 00:31:23 +02:00
amba
android
ata Merge branch 'for-4.1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata 2015-05-11 10:54:20 -07:00
atm
auxdisplay
base Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-26 17:22:07 -07:00
bcma Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2015-04-17 15:50:54 -04:00
block Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2015-05-08 19:49:35 -07:00
bluetooth Bluetooth: btusb: off by one in rtl8723b_parse_firmware() 2015-04-30 01:05:30 +02:00
bus drivers: CCI: fix used_mask init in validate_group() 2015-05-07 18:29:18 +02:00
cdrom
char ipmi: Fix multi-part message handling 2015-05-05 19:37:22 -05:00
clk ARM: SoC multiplatform code changes for v4.1 2015-04-22 09:20:15 -07:00
clocksource Initial ACPI support for arm64: 2015-04-24 08:23:45 -07:00
connector
cpufreq cpufreq: intel_pstate: Fix an annoying !CONFIG_SMP warning 2015-04-15 23:02:24 +02:00
cpuidle cpuidle: Run tick_broadcast_exit() with disabled interrupts 2015-04-29 15:19:21 +02:00
crypto Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2015-04-26 13:51:05 -07:00
dca
devfreq
dio
dma dmaengine: increment privatecnt when using dma_get_any_slave_channel 2015-04-29 16:47:57 +05:30
dma-buf dma-buf: cleanup dma_buf_export() to make it easily extensible 2015-04-21 14:47:16 +05:30
edac
eisa
extcon extcon: usb-gpio: register extcon device before IRQ registration 2015-04-27 11:06:05 +09:00
firewire
firmware Merge branch 'dmi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging 2015-05-14 18:02:15 -07:00
fmc
gpio gpio: omap: Fix regression for MPUIO interrupts 2015-05-06 15:19:38 +02:00
gpu Merge tag 'drm-intel-fixes-2015-05-13' of git://anongit.freedesktop.org/drm-intel into drm-fixes 2015-05-15 15:21:18 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2015-04-14 18:25:15 -07:00
hsi HSI: cmt_speech: fix error return code 2015-04-05 14:45:27 +02:00
hv Drivers: hv: hv_balloon: correctly handle num_pages>INT_MAX case 2015-04-03 16:20:12 +02:00
hwmon hwmon: (w83795) use find_closest_descending() in pwm_freq_to_reg() 2015-04-17 09:03:55 -04:00
hwspinlock
hwtracing/coresight Char/Misc driver patches for 4.1-rc1 2015-04-21 09:42:58 -07:00
i2c Merge branch 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2015-04-26 17:44:09 -07:00
ide Merge branch 'for-4.1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata 2015-05-11 10:54:20 -07:00
idle Power management and ACPI updates for v4.1-rc1 2015-04-14 20:21:54 -07:00
iio The usual mixed bag of fixes for IIO in the 4.1 cycle. 2015-05-13 11:51:14 -07:00
infiniband infiniband: Remove duplicated KERN_<LEVEL> from pr_<level> uses 2015-05-12 15:52:37 -04:00
input platform/chrome: Updates for v4.1 2015-04-26 13:36:02 -07:00
iommu iommu/arm-smmu: Fix sign-extension of upstream bus addresses at stage 1 2015-05-11 18:36:20 +02:00
ipack
irqchip irqchip: tegra: Set the proper base address in irq chip data 2015-05-13 10:46:07 +02:00
isdn Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2015-04-15 09:00:47 -07:00
leds This is the bulk of GPIO changes for the v4.1 development 2015-04-18 08:22:10 -04:00
lguest Some virtio internal cleanups, a new virtio device "virtio input", and 2015-04-22 10:55:06 -07:00
macintosh Merge branch 'next-remove-ldst' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc into next 2015-04-07 13:25:14 +10:00
mailbox
mcb mcb: request_mem_region() returns NULL on error 2015-04-03 16:15:30 +02:00
md A few fixes for md. 2015-05-11 10:33:31 -07:00
media media fixes for v4.1-rc3 2015-05-05 08:42:06 -07:00
memory ARM: SoC driver updates for v4.1 2015-04-22 09:18:17 -07:00
memstick memstick: mspro_block: add missing curly braces 2015-04-17 09:04:09 -04:00
message
mfd platform/chrome: Updates for v4.1 2015-04-26 13:36:02 -07:00
misc Char/Misc driver patches for 4.1-rc1 2015-04-21 09:42:58 -07:00
mmc mmc: dw_mmc: dw_mci_get_cd check MMC_CAP_NONREMOVABLE 2015-05-08 08:55:47 +02:00
mtd Two MTD fixes for 4.1: 2015-05-18 10:01:54 -07:00
net e1000e: Add pm_qos header 2015-05-12 23:22:03 -04:00
nfc NFC: logging neatening 2015-04-07 12:05:12 +02:00
ntb
nubus
of Devicetree updates for 4.1: 2015-04-24 08:46:18 -07:00
oprofile Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-26 17:22:07 -07:00
parisc parisc: %pf is only for function pointers 2015-04-24 13:45:54 +02:00
parport
pci xen: features and fixes for 4.1-rc0 2015-04-16 14:01:03 -05:00
pcmcia ARM: SoC cleanups for v4.1 2015-04-22 09:04:39 -07:00
phy USB patches for 4.1-rc1 2015-04-13 17:07:21 -07:00
pinctrl These are some GPIO fixes for the v4.1 series: 2015-05-08 19:42:59 -07:00
platform thinkpad_acpi: Fix warning for static not at beginning 2015-05-05 13:56:46 -07:00
pnp Power management and ACPI updates for v4.1-rc1 2015-04-14 20:21:54 -07:00
power power_supply: Fix NULL pointer dereference during bq27x00_battery probe 2015-05-21 15:40:54 +02:00
powercap powercap / RAPL: Add support for Intel Skylake processors 2015-04-15 23:06:16 +02:00
pps
ps3
ptp
pwm pwm: Remove __init initializer for pwm_add_table() 2015-04-23 14:50:52 +02:00
rapidio
ras
regulator == Changes to existing drivers == 2015-04-14 17:29:55 -07:00
remoteproc
reset
rpmsg
rtc drivers/rtc/rtc-armada38x.c: remove unused local `flags' 2015-05-14 17:55:51 -07:00
s390 s390/3215: free memory in error path 2015-04-23 16:55:50 +02:00
sbus drivers/sbus/char/envctrl.c: ignore orderly_poweroff return value 2015-04-15 16:35:23 -07:00
scsi 3w-9xxx: fix command completion race 2015-04-27 10:10:19 -07:00
sfi
sh drivers: sh: Remove test for now unsupported sh7372 2015-04-27 13:08:14 +09:00
sn
soc - fix unused variable warning for pmic-wrapper 2015-04-14 00:43:28 +02:00
spi Merge remote-tracking branches 'spi/fix/fsl-cpm', 'spi/fix/fsl-dspi' and 'spi/fix/fsl-espi' into spi-linus 2015-05-11 17:29:49 +01:00
spmi spmi: pmic_arb: remove ARM build time dependency 2015-04-03 16:15:30 +02:00
ssb Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2015-04-17 15:50:54 -04:00
staging Staging / IIO driver fixes for 4.1-rc4 2015-05-16 21:04:56 -07:00
target Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2015-04-24 10:22:09 -07:00
tc
thermal thermal: rockchip: fix an error code 2015-05-09 13:36:57 +08:00
thunderbolt
tty TTY/Serial fixes for 4.1-rc4 2015-05-16 21:10:05 -07:00
uio Revert "uio: constify of_device_id array" 2015-04-03 16:04:21 +02:00
usb USB-serial fixes for v4.1-rc4 2015-05-14 12:43:36 -07:00
uwb
vfio vfio: Fix runaway interruptible timeout 2015-05-01 16:31:41 -06:00
vhost Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2015-04-24 10:22:09 -07:00
video fbdev changes for v4.1 2015-04-20 15:16:25 -07:00
virt
virtio virtio: drop virtio_device_is_legacy_only 2015-04-15 12:41:14 +09:30
vlynq
vme
w1
watchdog Merge git://www.linux-watchdog.org/linux-watchdog 2015-04-22 11:22:55 -07:00
xen xen: Add __GFP_DMA flag when xen_swiotlb_init gets free pages on ARM 2015-05-06 15:02:58 +01:00
zorro
Kconfig
Makefile coresight: moving to new "hwtracing" directory 2015-04-03 16:17:04 +02:00