From 0a6d38795a405c49ea0012f04173613382def58c Mon Sep 17 00:00:00 2001 From: Axel Lin Date: Wed, 2 Apr 2014 22:21:04 +0800 Subject: spi: Always check complete callback before calling it Since commit 1e25cd4729bd "spi: Do not require a completion", this checking is required to prevent NULL pointer dereference. Signed-off-by: Axel Lin Signed-off-by: Mark Brown --- drivers/spi/spi-fsl-espi.c | 3 ++- drivers/spi/spi-fsl-spi.c | 3 ++- drivers/spi/spi-mpc512x-psc.c | 3 ++- drivers/spi/spi-mpc52xx-psc.c | 3 ++- drivers/spi/spi-mpc52xx.c | 6 ++++-- drivers/spi/spi-sh.c | 6 ++++-- drivers/spi/spi-txx9.c | 3 ++- 7 files changed, 18 insertions(+), 9 deletions(-) diff --git a/drivers/spi/spi-fsl-espi.c b/drivers/spi/spi-fsl-espi.c index 428dc7a..e8e3d34 100644 --- a/drivers/spi/spi-fsl-espi.c +++ b/drivers/spi/spi-fsl-espi.c @@ -446,7 +446,8 @@ static void fsl_espi_do_one_msg(struct spi_message *m) m->actual_length = espi_trans.actual_length; m->status = espi_trans.status; - m->complete(m->context); + if (m->complete) + m->complete(m->context); } static int fsl_espi_setup(struct spi_device *spi) diff --git a/drivers/spi/spi-fsl-spi.c b/drivers/spi/spi-fsl-spi.c index 119f7af..f2af3eb 100644 --- a/drivers/spi/spi-fsl-spi.c +++ b/drivers/spi/spi-fsl-spi.c @@ -404,7 +404,8 @@ static void fsl_spi_do_one_msg(struct spi_message *m) } m->status = status; - m->complete(m->context); + if (m->complete) + m->complete(m->context); if (status || !cs_change) { ndelay(nsecs); diff --git a/drivers/spi/spi-mpc512x-psc.c b/drivers/spi/spi-mpc512x-psc.c index 5032141..8eee745 100644 --- a/drivers/spi/spi-mpc512x-psc.c +++ b/drivers/spi/spi-mpc512x-psc.c @@ -301,7 +301,8 @@ static int mpc512x_psc_spi_msg_xfer(struct spi_master *master, } m->status = status; - m->complete(m->context); + if (m->complete) + m->complete(m->context); if (status || !cs_change) mpc512x_psc_spi_deactivate_cs(spi); diff --git a/drivers/spi/spi-mpc52xx-psc.c b/drivers/spi/spi-mpc52xx-psc.c index 00ba910..d761bc0 100644 --- a/drivers/spi/spi-mpc52xx-psc.c +++ b/drivers/spi/spi-mpc52xx-psc.c @@ -248,7 +248,8 @@ static void mpc52xx_psc_spi_work(struct work_struct *work) } m->status = status; - m->complete(m->context); + if (m->complete) + m->complete(m->context); if (status || !cs_change) mpc52xx_psc_spi_deactivate_cs(spi); diff --git a/drivers/spi/spi-mpc52xx.c b/drivers/spi/spi-mpc52xx.c index 7c675fe..a0de12ac 100644 --- a/drivers/spi/spi-mpc52xx.c +++ b/drivers/spi/spi-mpc52xx.c @@ -235,7 +235,8 @@ static int mpc52xx_spi_fsmstate_transfer(int irq, struct mpc52xx_spi *ms, dev_err(&ms->master->dev, "mode fault\n"); mpc52xx_spi_chipsel(ms, 0); ms->message->status = -EIO; - ms->message->complete(ms->message->context); + if (ms->message->complete) + ms->message->complete(ms->message->context); ms->state = mpc52xx_spi_fsmstate_idle; return FSM_CONTINUE; } @@ -289,7 +290,8 @@ mpc52xx_spi_fsmstate_wait(int irq, struct mpc52xx_spi *ms, u8 status, u8 data) ms->msg_count++; mpc52xx_spi_chipsel(ms, 0); ms->message->status = 0; - ms->message->complete(ms->message->context); + if (ms->message->complete) + ms->message->complete(ms->message->context); ms->state = mpc52xx_spi_fsmstate_idle; return FSM_CONTINUE; } diff --git a/drivers/spi/spi-sh.c b/drivers/spi/spi-sh.c index f6f2c70..03edf5e 100644 --- a/drivers/spi/spi-sh.c +++ b/drivers/spi/spi-sh.c @@ -322,7 +322,8 @@ static void spi_sh_work(struct work_struct *work) spin_lock_irqsave(&ss->lock, flags); mesg->status = 0; - mesg->complete(mesg->context); + if (mesg->complete) + mesg->complete(mesg->context); } clear_fifo(ss); @@ -340,7 +341,8 @@ static void spi_sh_work(struct work_struct *work) error: mesg->status = ret; - mesg->complete(mesg->context); + if (mesg->complete) + mesg->complete(mesg->context); spi_sh_clear_bit(ss, SPI_SH_SSA | SPI_SH_SSDB | SPI_SH_SSD, SPI_SH_CR1); diff --git a/drivers/spi/spi-txx9.c b/drivers/spi/spi-txx9.c index 6191ced..57a1497 100644 --- a/drivers/spi/spi-txx9.c +++ b/drivers/spi/spi-txx9.c @@ -265,7 +265,8 @@ static void txx9spi_work_one(struct txx9spi *c, struct spi_message *m) exit: m->status = status; - m->complete(m->context); + if (m->complete) + m->complete(m->context); /* normally deactivate chipselect ... unless no error and * cs_change has hinted that the next message will probably -- cgit v1.1