Quoting Bryan O'Donoghue (2024-03-01 16:52:14)
> It is possible for clk_core_get to dereference a NULL in the following
> sequence:
>
> clk_core_get()
> of_clk_get_hw_from_clkspec()
> __of_clk_get_hw_from_provider()
> __clk_get_hw()
>
> __clk_get_hw() can return NULL which is dereferenced by clk_core_get() at
> hw->core.
>
> Prior to commit dde4eff47c82 ("clk: Look for parents with clkdev based
> clk_lookups") the check IS_ERR_OR_NULL() was performed which would have
> caught the NULL.
>
> Reading the description of this function it talks about returning NULL but
> that cannot be so at the moment.
>
> Update the function to check for hw before dereferencing it and return NULL
> if hw is NULL.
>
> Fixes: dde4eff47c82 ("clk: Look for parents with clkdev based clk_lookups")
> Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@xxxxxxxxxx>
> ---
I dug through a bunch of old patches and this looks right. I'm not sure
why a provider would ever return NULL though. A NULL pointer means that
the parent is never going to appear so we shouldn't treat this clk as
orphaned in case the clk needs to be clk_get()able and change parents.
This was all part of my plan to introduce a clk_parent_hw() clk op that
returns a pointer and then implement probe defer through clk_get() when
a clk is orphaned. A NULL clk also means a clk is optional and not
there.
Anyway, I've applied this to clk-next. I hope to send out the
clk_parent_hw clk op series soon.
