cpuidle: add checks to avoid NULL pointer dereference

The existing check for dev == NULL in __cpuidle_register_device() is
rendered useless because dev is dereferenced before the check itself.
Moreover, correctly speaking, it is the job of the callers of this
function, i.e., cpuidle_register_device() & cpuidle_enable_device() (which
also happen to be exported functions) to ensure that
__cpuidle_register_device() is called with a non-NULL dev.

So add the necessary dev == NULL checks in the two callers and remove the
(useless) check from __cpuidle_register_device().

Signed-off-by: Srivatsa S. Bhat <srivatsa.bhat@linux.vnet.ibm.com>
Acked-by: Daniel Lezcano <daniel.lezcano@linaro.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Len Brown <len.brown@intel.com>

diff --git a/drivers/cpuidle/cpuidle.c b/drivers/cpuidle/cpuidle.c
index 588b44aa1de4240c861b9c25f75a6dcfa02b0f4a..8ffef26ffdcfb587ad23e2bf8cb40db5574c757f 100644 (file)
--- a/drivers/cpuidle/cpuidle.c
+++ b/drivers/cpuidle/cpuidle.c
@@ -285,6 +285,9 @@ int cpuidle_enable_device(struct cpuidle_device *dev)
        int ret, i;
        struct cpuidle_driver *drv = cpuidle_get_driver();
 
+       if (!dev)
+               return -EINVAL;
+
        if (dev->enabled)
                return 0;
        if (!drv || !cpuidle_curr_governor)
@@ -369,8 +372,6 @@ static int __cpuidle_register_device(struct cpuidle_device *dev)
        struct device *cpu_dev = get_cpu_device((unsigned long)dev->cpu);
        struct cpuidle_driver *cpuidle_driver = cpuidle_get_driver();
 
-       if (!dev)
-               return -EINVAL;
        if (!try_module_get(cpuidle_driver->owner))
                return -EINVAL;
 
@@ -395,6 +396,9 @@ int cpuidle_register_device(struct cpuidle_device *dev)
 {
        int ret;
 
+       if (!dev)
+               return -EINVAL;
+
        mutex_lock(&cpuidle_lock);
 
        if ((ret = __cpuidle_register_device(dev))) {