From a5ccda47f1587180b70c634ba4cb7f8d151f408a Mon Sep 17 00:00:00 2001 From: Sergey Temerkhanov Date: Mon, 17 Aug 2015 15:38:07 +0300 Subject: usb: xhci: Fix a potential NULL pointer dereference This patch fixes a potential NULL pointer dereference arising on non-present/non-initialized xHCI controllers and adds some error handling to xHCI code Signed-off-by: Sergey Temerkhanov Signed-off-by: Radha Mohan Chintakuntla --- drivers/usb/host/xhci.c | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) (limited to 'drivers') diff --git a/drivers/usb/host/xhci.c b/drivers/usb/host/xhci.c index 0b09643e09..307e1a6f61 100644 --- a/drivers/usb/host/xhci.c +++ b/drivers/usb/host/xhci.c @@ -199,7 +199,7 @@ int xhci_reset(struct xhci_hcor *hcor) int ret; /* Halting the Host first */ - debug("// Halt the HC\n"); + debug("// Halt the HC: %p\n", hcor); state = xhci_readl(&hcor->or_usbsts) & STS_HALT; if (!state) { cmd = xhci_readl(&hcor->or_usbcmd); @@ -1064,6 +1064,8 @@ int usb_lowlevel_init(int index, enum usb_init_type init, void **controller) struct xhci_ctrl *ctrl; int ret; + *controller = NULL; + if (xhci_hcd_init(index, &hccr, (struct xhci_hcor **)&hcor) != 0) return -ENODEV; @@ -1077,7 +1079,12 @@ int usb_lowlevel_init(int index, enum usb_init_type init, void **controller) ret = xhci_lowlevel_init(ctrl); - *controller = &xhcic[index]; + if (ret) { + ctrl->hccr = NULL; + ctrl->hcor = NULL; + } else { + *controller = &xhcic[index]; + } return ret; } @@ -1093,9 +1100,11 @@ int usb_lowlevel_stop(int index) { struct xhci_ctrl *ctrl = (xhcic + index); - xhci_lowlevel_stop(ctrl); - xhci_hcd_stop(index); - xhci_cleanup(ctrl); + if (ctrl->hcor) { + xhci_lowlevel_stop(ctrl); + xhci_hcd_stop(index); + xhci_cleanup(ctrl); + } return 0; } -- cgit v1.2.1