From patchwork Mon Aug 30 17:15:28 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chase Douglas X-Patchwork-Id: 63091 X-Patchwork-Delegate: leann.ogasawara@canonical.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from chlorine.canonical.com (chlorine.canonical.com [91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id 9356DB7100 for ; Tue, 31 Aug 2010 03:15:44 +1000 (EST) Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com) by chlorine.canonical.com with esmtp (Exim 4.69) (envelope-from ) id 1Oq7xK-0002Z3-TH; Mon, 30 Aug 2010 18:15:38 +0100 Received: from adelie.canonical.com ([91.189.90.139]) by chlorine.canonical.com with esmtp (Exim 4.69) (envelope-from ) id 1Oq7xJ-0002Yj-G6 for kernel-team@lists.ubuntu.com; Mon, 30 Aug 2010 18:15:37 +0100 Received: from hutte.canonical.com ([91.189.90.181]) by adelie.canonical.com with esmtp (Exim 4.69 #1 (Debian)) id 1Oq7xJ-0002SP-EV for ; Mon, 30 Aug 2010 18:15:37 +0100 Received: from cpe-75-180-27-10.columbus.res.rr.com ([75.180.27.10] helo=canonical.com) by hutte.canonical.com with esmtpsa (TLS-1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.69) (envelope-from ) id 1Oq7xJ-0004Wc-44 for kernel-team@lists.ubuntu.com; Mon, 30 Aug 2010 18:15:37 +0100 From: Chase Douglas To: kernel-team@lists.ubuntu.com Subject: [PATCH 1/6] HID: magicmouse: don't allow hidinput to initialize Date: Mon, 30 Aug 2010 13:15:28 -0400 Message-Id: <1283188533-4607-2-git-send-email-chase.douglas@canonical.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1283188533-4607-1-git-send-email-chase.douglas@canonical.com> References: <1283188533-4607-1-git-send-email-chase.douglas@canonical.com> X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.9 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: kernel-team-bounces@lists.ubuntu.com Errors-To: kernel-team-bounces@lists.ubuntu.com From: Chase Douglas The driver listens only for raw events from the device. If we allow the hidinput layer to initialize, we can hit NULL pointer dereferences in the hidinput layer because disconnecting only removes the input devices from the hid device while leaving the hid fields around. Signed-off-by: Chase Douglas --- drivers/hid/hid-magicmouse.c | 6 ++---- 1 files changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/hid/hid-magicmouse.c b/drivers/hid/hid-magicmouse.c index ee78787..2d8532d 100644 --- a/drivers/hid/hid-magicmouse.c +++ b/drivers/hid/hid-magicmouse.c @@ -404,15 +404,13 @@ static int magicmouse_probe(struct hid_device *hdev, goto err_free; } - ret = hid_hw_start(hdev, HID_CONNECT_DEFAULT); + /* we are handling the input ourselves */ + ret = hid_hw_start(hdev, HID_CONNECT_HIDRAW | HID_CONNECT_HIDDEV); if (ret) { dev_err(&hdev->dev, "magicmouse hw start failed\n"); goto err_free; } - /* we are handling the input ourselves */ - hidinput_disconnect(hdev); - report = hid_register_report(hdev, HID_INPUT_REPORT, TOUCH_REPORT_ID); if (!report) { dev_err(&hdev->dev, "unable to register touch report\n");