Re: [PATCH] HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version()

From: Jiri Kosina <jikos@kernel.org>
Date: 2025-08-12 12:46:26
Also in: lkml

On Thu, 17 Jul 2025, Minjong Kim wrote:

quoted hunk ↗ jump to hunk

in ntrig_report_version(), hdev parameter passed from hid_probe().
sending descriptor to /dev/uhid can make hdev->dev.parent->parent to null
if hdev->dev.parent->parent is null, usb_dev has
invalid address(0xffffffffffffff58) that hid_to_usb_dev(hdev) returned
when usb_rcvctrlpipe() use usb_dev,it trigger
page fault error for address(0xffffffffffffff58)

add null check logic to ntrig_report_version()
before calling hid_to_usb_dev()

Signed-off-by: Minjong Kim <redacted>
---
 drivers/hid/hid-ntrig.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/drivers/hid/hid-ntrig.c b/drivers/hid/hid-ntrig.c
index 2738ce947434f904f32e9a1979b1681c66972ff9..96d3300655b5aa1621015b8e1fb511e6f616a713 100644
--- a/drivers/hid/hid-ntrig.c
+++ b/drivers/hid/hid-ntrig.c

@@ -139,6 +139,10 @@ static inline void ntrig_set_mode(struct hid_device *hdev, const int mode)
 
 static void ntrig_report_version(struct hid_device *hdev)
 {
+
+	if (!hdev->dev.parent->parent)
+		return;
+
 	int ret;
 	char buf[20];
 	struct usb_device *usb_dev = hid_to_usb_dev(hdev);

I know that mixing declarations and code is fine these days, but we 
haven't been progressive enough to switch to that coding style in HID 
subsystem yet :) Would you be willing to move it below the declarations?

Thanks,

-- 
Jiri Kosina
SUSE Labs

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help