Hi,

Gesendet: Montag, 13. September 2021 um 22:25 Uhr
Von: "Jarkko Sakkinen" [off-list ref]
An: "Lino Sanfilippo" [off-list ref], peterhuewe@gmx.de, jgg@ziepe.ca
Cc: p.rosenberger@kunbus.com, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org
Betreff: Re: [PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device()

On Fri, 2021-09-10 at 20:04 +0200, Lino Sanfilippo wrote:

quoted

In tpm_del_char_device() make sure that chip->ops is still valid.
This check is needed since in case of a system shutdown
tpm_class_shutdown() has already been called and set chip->ops to NULL.
This leads to a NULL pointer access as soon as tpm_del_char_device()
tries to access chip->ops in case of TPM 2.

Fixes: dcbeab1946454 ("tpm: fix crash in tpm_tis deinitialization")
Cc: stable@vger.kernel.org
Signed-off-by: Lino Sanfilippo <LinoSanfilippo@gmx.de>
---

Have you been able to reproduce this in some environment?

/Jarkko

Yes, this bug is reproducable on my system that is running a 5.10 raspberry kernel.
I use a SLB 9670 which is connected via SPI.

Regards,
Lino