diff options
author | Michael Tretter <m.tretter@pengutronix.de> | 2021-09-08 15:03:10 +0200 |
---|---|---|
committer | Mauro Carvalho Chehab <mchehab+huawei@kernel.org> | 2021-10-20 16:52:13 +0200 |
commit | 1ecda6393db4be44aba27a243e648dc98c9b92e3 (patch) | |
tree | ae9433d743f222852c37dd20c234d9bbd5df4439 /drivers/media | |
parent | media: ite-cir: IR receiver stop working after receive overflow (diff) | |
download | linux-1ecda6393db4be44aba27a243e648dc98c9b92e3.tar.xz linux-1ecda6393db4be44aba27a243e648dc98c9b92e3.zip |
media: allegro: ignore interrupt if mailbox is not initialized
The mailbox is initialized after the interrupt handler is installed. As
the firmware is loaded and started even later, it should not happen that
the interrupt occurs without the mailbox being initialized.
As the Linux Driver Verification project (linuxtesting.org) keeps
reporting this as an error, add a check to ignore interrupts before the
mailbox is initialized to fix this potential null pointer dereference.
Reported-by: Yuri Savinykh <s02190703@gse.cs.msu.ru>
Reported-by: Nadezda Lutovinova <lutovinova@ispras.ru>
Signed-off-by: Michael Tretter <m.tretter@pengutronix.de>
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Diffstat (limited to 'drivers/media')
-rw-r--r-- | drivers/media/platform/allegro-dvt/allegro-core.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/drivers/media/platform/allegro-dvt/allegro-core.c b/drivers/media/platform/allegro-dvt/allegro-core.c index 887b492e4ad1..14a119b43bca 100644 --- a/drivers/media/platform/allegro-dvt/allegro-core.c +++ b/drivers/media/platform/allegro-dvt/allegro-core.c @@ -2185,6 +2185,15 @@ static irqreturn_t allegro_irq_thread(int irq, void *data) { struct allegro_dev *dev = data; + /* + * The firmware is initialized after the mailbox is setup. We further + * check the AL5_ITC_CPU_IRQ_STA register, if the firmware actually + * triggered the interrupt. Although this should not happen, make sure + * that we ignore interrupts, if the mailbox is not initialized. + */ + if (!dev->mbox_status) + return IRQ_NONE; + allegro_mbox_notify(dev->mbox_status); return IRQ_HANDLED; |