[PATCH] nvdimm: nvdimm_bus_register: Avoid adding device to the unregistered bus

Thu, 16 Mar 2023 01:39:36 -0700 

nvdimm_bus_register() could be called from other modules, such as nfit,
but it can only be called after the nvdimm_bus_type is registered.

 BUG: kernel NULL pointer dereference, address: 0000000000000098
 #PF: supervisor read access in kernel mode
 #PF: error_code(0x0000) - not-present page
 PGD 0 P4D 0
 Oops: 0000 [#1] PREEMPT SMP PTI
 CPU: 0 PID: 117 Comm: systemd-udevd Not tainted 6.2.0-rc6-pmem+ #97
 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 
rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
 RIP: 0010:bus_add_device+0x58/0x150
 Call Trace:
  <TASK>
  device_add+0x3ac/0x980
  nvdimm_bus_register+0x16d/0x1d0
  acpi_nfit_init+0xb72/0x1f90 [nfit]
  acpi_nfit_add+0x1d5/0x200 [nfit]
  acpi_device_probe+0x45/0x160
  really_probe+0xce/0x390
  __driver_probe_device+0x78/0x180
  driver_probe_device+0x1e/0x90
  __driver_attach+0xd6/0x1d0
  bus_for_each_dev+0x7b/0xc0
  bus_add_driver+0x1ac/0x200
  driver_register+0x8f/0xf0
  nfit_init+0x164/0xff0 [nfit]
  do_one_initcall+0x5b/0x320
  do_init_module+0x4c/0x1f0
  __do_sys_finit_module+0xb4/0x130
  do_syscall_64+0x3b/0x90
  entry_SYSCALL_64_after_hwframe+0x72/0xdc

Signed-off-by: Li Zhijian <lizhij...@fujitsu.com>
---
 drivers/nvdimm/bus.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/drivers/nvdimm/bus.c b/drivers/nvdimm/bus.c
index ada61bbf49c1..ea66053072cb 100644
--- a/drivers/nvdimm/bus.c
+++ b/drivers/nvdimm/bus.c
@@ -28,6 +28,7 @@
 static int nvdimm_bus_major;
 struct class *nd_class;
 static DEFINE_IDA(nd_ida);
+static bool nvdimm_bus_type_registered;
 
 static int to_nd_device_type(struct device *dev)
 {
@@ -337,6 +338,10 @@ struct nvdimm_bus *nvdimm_bus_register(struct device 
*parent,
        struct nvdimm_bus *nvdimm_bus;
        int rc;
 
+       if (!nvdimm_bus_type_registered) {
+               pr_warn("nvdimm bus type is not registered\n");
+               return NULL;
+       }
        nvdimm_bus = kzalloc(sizeof(*nvdimm_bus), GFP_KERNEL);
        if (!nvdimm_bus)
                return NULL;
@@ -1321,6 +1326,7 @@ int __init nvdimm_bus_init(void)
        if (rc)
                goto err_nd_bus;
 
+       nvdimm_bus_type_registered = true;
        return 0;
 
  err_nd_bus:
@@ -1343,4 +1349,5 @@ void nvdimm_bus_exit(void)
        unregister_chrdev(nvdimm_major, "dimmctl");
        bus_unregister(&nvdimm_bus_type);
        ida_destroy(&nd_ida);
+       nvdimm_bus_type_registered = false;
 }
-- 
1.8.3.1

Reply via email to