From: Fabio Estevam <festevam@xxxxxxxxx> Sent: Friday, May 20, 2016 12:22 PM > To: gregkh@xxxxxxxxxxxxxxxxxxx > Cc: Fugang Duan <fugang.duan@xxxxxxx>; linux-serial@xxxxxxxxxxxxxxx; Fabio > Estevam <fabio.estevam@xxxxxxx> > Subject: [PATCH] serial: serial_core: Only call release_port() if it is not NULL > > From: Fabio Estevam <fabio.estevam@xxxxxxx> > > Doing the following UART bind/unbind sequence on a i.mx platform causes a > kernel crash due to NULL pointer dereference: > > echo 21f4000.serial > /sys/bus/platform/drivers/imx-uart/bind > echo 21f4000.serial > /sys/bus/platform/drivers/imx-uart/unbind > > Change uart_remove_one_port() to only call uport->ops->release_port() if it is > not NULL. > > Reported-by: Fugang Duan <fugang.duan@xxxxxxx> > Signed-off-by: Fabio Estevam <fabio.estevam@xxxxxxx> > --- > drivers/tty/serial/serial_core.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c > index a126a60..aa0ab89 100644 > --- a/drivers/tty/serial/serial_core.c > +++ b/drivers/tty/serial/serial_core.c > @@ -2755,7 +2755,7 @@ int uart_remove_one_port(struct uart_driver *drv, > struct uart_port *uport) > /* > * Free the port IO and memory resources, if any. > */ > - if (uport->type != PORT_UNKNOWN) > + if (uport->type != PORT_UNKNOWN && uport->ops->release_port) > uport->ops->release_port(uport); > kfree(uport->tty_groups); > > -- > 1.9.1 For user ioctl interface "TIOCSSERIAL" may call .request_port()/.release_port(), so it is better to add all request/release_port ops check in serial_core.c file ? Regards, Andy -- To unsubscribe from this list: send the line "unsubscribe linux-serial" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
