| Message ID | 20250321143728.4092417-3-akuchynski@chromium.org |
|---|---|
| State | New |
| Headers | show |
| Series | Fix invalid pointer access | expand |
Hi Andrei, On Fri, Mar 21, 2025 at 02:37:27PM +0000, Andrei Kuchynski wrote: > To avoid using invalid USB device pointers after a Type-C partner > disconnects, this patch clears the pointers upon partner unregistration. > This ensures a clean state for future connections. > > Cc: stable@vger.kernel.org > Fixes: 59de2a56d127 ("usb: typec: Link enumerated USB devices with Type-C partner") > Signed-off-by: Andrei Kuchynski <akuchynski@chromium.org> Reviewed-by: Benson Leung <bleung@chromium.org> > --- > drivers/usb/typec/class.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > diff --git a/drivers/usb/typec/class.c b/drivers/usb/typec/class.c > index eadb150223f8..3df3e3736916 100644 > --- a/drivers/usb/typec/class.c > +++ b/drivers/usb/typec/class.c > @@ -1086,10 +1086,14 @@ void typec_unregister_partner(struct typec_partner *partner) > port = to_typec_port(partner->dev.parent); > > mutex_lock(&port->partner_link_lock); > - if (port->usb2_dev) > + if (port->usb2_dev) { > typec_partner_unlink_device(partner, port->usb2_dev); > - if (port->usb3_dev) > + port->usb2_dev = NULL; > + } > + if (port->usb3_dev) { > typec_partner_unlink_device(partner, port->usb3_dev); > + port->usb3_dev = NULL; > + } > > device_unregister(&partner->dev); > mutex_unlock(&port->partner_link_lock); > -- > 2.49.0.395.g12beb8f557-goog >
On Fri, Mar 21, 2025 at 02:37:27PM +0000, Andrei Kuchynski wrote: > To avoid using invalid USB device pointers after a Type-C partner > disconnects, this patch clears the pointers upon partner unregistration. > This ensures a clean state for future connections. > > Cc: stable@vger.kernel.org > Fixes: 59de2a56d127 ("usb: typec: Link enumerated USB devices with Type-C partner") > Signed-off-by: Andrei Kuchynski <akuchynski@chromium.org> Reviewed-by: Heikki Krogerus <heikki.krogerus@linux.intel.com> > --- > drivers/usb/typec/class.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > diff --git a/drivers/usb/typec/class.c b/drivers/usb/typec/class.c > index eadb150223f8..3df3e3736916 100644 > --- a/drivers/usb/typec/class.c > +++ b/drivers/usb/typec/class.c > @@ -1086,10 +1086,14 @@ void typec_unregister_partner(struct typec_partner *partner) > port = to_typec_port(partner->dev.parent); > > mutex_lock(&port->partner_link_lock); > - if (port->usb2_dev) > + if (port->usb2_dev) { > typec_partner_unlink_device(partner, port->usb2_dev); > - if (port->usb3_dev) > + port->usb2_dev = NULL; > + } > + if (port->usb3_dev) { > typec_partner_unlink_device(partner, port->usb3_dev); > + port->usb3_dev = NULL; > + } > > device_unregister(&partner->dev); > mutex_unlock(&port->partner_link_lock); > -- > 2.49.0.395.g12beb8f557-goog
diff --git a/drivers/usb/typec/class.c b/drivers/usb/typec/class.c index eadb150223f8..3df3e3736916 100644 --- a/drivers/usb/typec/class.c +++ b/drivers/usb/typec/class.c @@ -1086,10 +1086,14 @@ void typec_unregister_partner(struct typec_partner *partner) port = to_typec_port(partner->dev.parent); mutex_lock(&port->partner_link_lock); - if (port->usb2_dev) + if (port->usb2_dev) { typec_partner_unlink_device(partner, port->usb2_dev); - if (port->usb3_dev) + port->usb2_dev = NULL; + } + if (port->usb3_dev) { typec_partner_unlink_device(partner, port->usb3_dev); + port->usb3_dev = NULL; + } device_unregister(&partner->dev); mutex_unlock(&port->partner_link_lock);
To avoid using invalid USB device pointers after a Type-C partner disconnects, this patch clears the pointers upon partner unregistration. This ensures a clean state for future connections. Cc: stable@vger.kernel.org Fixes: 59de2a56d127 ("usb: typec: Link enumerated USB devices with Type-C partner") Signed-off-by: Andrei Kuchynski <akuchynski@chromium.org> --- drivers/usb/typec/class.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-)