4.2-stable review patch. If anyone has any objections, please let me know.
--
From: David Dueck
commit 1ab36387ea4face01aac3560b396b1e2ce07c4ff upstream.
Not all gpio banks are necessarily enabled, in the current code this can
lead to null pointer dereferences.
[ 51.13] Unable to handle kernel NULL pointer dereference at virtual
address 0058
[ 51.13] pgd = dee04000
[ 51.13] [0058] *pgd=3f66d831, *pte=, *ppte=
[ 51.14] Internal error: Oops: 17 [#1] ARM
[ 51.14] Modules linked in:
[ 51.14] CPU: 0 PID: 1664 Comm: cat Not tainted 4.1.1+ #6
[ 51.14] Hardware name: Atmel SAMA5
[ 51.14] task: df6dd880 ti: dec6 task.ti: dec6
[ 51.14] PC is at at91_pinconf_get+0xb4/0x200
[ 51.14] LR is at at91_pinconf_get+0xb4/0x200
[ 51.14] pc : []lr : []psr: 600f0013
sp : dec61e48 ip : 600f0013 fp : df522538
[ 51.14] r10: df52250c r9 : 0058 r8 : 0068
[ 51.14] r7 : r6 : df53c910 r5 : r4 : dec61e7c
[ 51.14] r3 : r2 : c06746d4 r1 : r0 : 0003
[ 51.14] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
[ 51.14] Control: 10c53c7d Table: 3ee04059 DAC: 0015
[ 51.14] Process cat (pid: 1664, stack limit = 0xdec60208)
[ 51.14] Stack: (0xdec61e48 to 0xdec62000)
[ 51.14] 1e40: 0358 df522500 ded15f80
c05a9d08 ded15f80
[ 51.14] 1e60: 048c 0061 df522500 ded15f80 c05a9d08 c01e7304
ded15f80
[ 51.14] 1e80: c01e6008 0060 048c c01e6034 c01e5f6c ded15f80
dec61ec0
[ 51.14] 1ea0: 0002 ded6f280 dec61f80 0001 0001 c00ae0b8
b6e8 ded15fb0
[ 51.14] 1ec0: df4bc974 0055 0800 ded6f280
b6e8 ded6f280
[ 51.14] 1ee0: ded6f280 0002 b6e8 0002 c0090dec
c0671e1c dec61fb0
[ 51.14] 1f00: b6f8b510 0001 4201 c000924c 0003
0003
[ 51.14] 1f20: df4bc940 00022000 0022 c066e188 b6e7f000 c00836f4
000b6e7f ded6f280
[ 51.14] 1f40: ded6f280 b6e8 dec61f80 ded6f280 0002 c0091508
0003
[ 51.14] 1f60: 00022000 ded6f280 ded6f280 0002
b6e8 c0091d9c
[ 51.14] 1f80: 0002 0002 b6e8
0003 c000f124
[ 51.14] 1fa0: dec6 c000efa0 0002 0002 0003 b6e8
0002 000271c4
[ 51.14] 1fc0: 0002 0002 b6e8 0003 7fffe000
0002
[ 51.14] 1fe0: bef50b64 00013835 b6f29c76 400f0030 0003
[ 51.14] [] (at91_pinconf_get) from []
(at91_pinconf_dbg_show+0x18/0x2c0)
[ 51.14] [] (at91_pinconf_dbg_show) from []
(pinconf_pins_show+0xc8/0xf8)
[ 51.14] [] (pinconf_pins_show) from []
(seq_read+0x1a0/0x464)
[ 51.14] [] (seq_read) from [] (__vfs_read+0x20/0xd0)
[ 51.14] [] (__vfs_read) from [] (vfs_read+0x7c/0x108)
[ 51.14] [] (vfs_read) from [] (SyS_read+0x40/0x94)
[ 51.14] [] (SyS_read) from []
(ret_fast_syscall+0x0/0x3c)
[ 51.14] Code: eb010ec2 e30a0d08 e34c005a eb0ae5a7 (e5993000)
[ 51.15] ---[ end trace fb3c370da3ea4794 ]---
Fixes: a0b957f306fa ("pinctrl: at91: allow to have disabled gpio bank")
Signed-off-by: David Dueck
Acked-by: Ludovic Desroches
Acked-by: Alexandre Belloni
Acked-by: Nicolas Ferre
Cc: Boris Brezillon
Cc: Jean-Christophe PLAGNIOL-VILLARD
Cc: linux-arm-ker...@lists.infradead.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Linus Walleij
Signed-off-by: Greg Kroah-Hartman
---
drivers/pinctrl/pinctrl-at91.c | 15 +++
1 file changed, 15 insertions(+)
--- a/drivers/pinctrl/pinctrl-at91.c
+++ b/drivers/pinctrl/pinctrl-at91.c
@@ -320,6 +320,9 @@ static const struct pinctrl_ops at91_pct
static void __iomem *pin_to_controller(struct at91_pinctrl *info,
unsigned int bank)
{
+ if (!gpio_chips[bank])
+ return NULL;
+
return gpio_chips[bank]->regbase;
}
@@ -729,6 +732,10 @@ static int at91_pmx_set(struct pinctrl_d
pin = _conf[i];
at91_pin_dbg(info->dev, pin);
pio = pin_to_controller(info, pin->bank);
+
+ if (!pio)
+ continue;
+
mask = pin_to_mask(pin->pin);
at91_mux_disable_interrupt(pio, mask);
switch (pin->mux) {
@@ -848,6 +855,10 @@ static int at91_pinconf_get(struct pinct
*config = 0;
dev_dbg(info->dev, "%s:%d, pin_id=%d", __func__, __LINE__, pin_id);
pio = pin_to_controller(info, pin_to_bank(pin_id));
+
+ if (!pio)
+ return -EINVAL;
+
pin = pin_id % MAX_NB_GPIO_PER_BANK;
if (at91_mux_get_multidrive(pio, pin))
@@ -889,6 +900,10 @@ static int at91_pinconf_set(struct pinct