From 29ef90251a03e51239d397b6ccafd8d406e4f1cd Mon Sep 17 00:00:00 2001
From: William Wu <william.wu@rock-chips.com>
Date: Thu, 30 Apr 2020 10:24:04 +0800
Subject: [PATCH] usb: gadget: udc: core: fix possible NULL pointer dereference

This patch fixes the following panic when use uvc function and
do reboot during uvc preview.

Unable to handle kernel NULL pointer dereference at virtual address 000001fd
pgd = 85dd55c1
[000001fd] *pgd=00000000
Internal error: Oops: 17 [#1] PREEMPT SMP ARM
Modules linked in: galcore(O)
CPU: 0 PID: 716 Comm: xc:RkAiqCoreThr Tainted: G        W  O      4.19.111 #18
Hardware name: Generic DT based system
PC is at usb_gadget_deactivate+0x0/0x6c
LR is at usb_function_deactivate+0x54/0x74

It's because that do reboot operation will call configfs_composite_unbind()
to set cdev->gadget to NULL.

Change-Id: I6fbfe9b58f865113d04ca7ce0b74b00f8d89227c
Signed-off-by: William Wu <william.wu@rock-chips.com>
Signed-off-by: Frank Wang <frank.wang@rock-chips.com>
---
 drivers/usb/gadget/udc/core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/usb/gadget/udc/core.c b/drivers/usb/gadget/udc/core.c
index 1ecb94f2737f..f0b839803ba1 100644
--- a/drivers/usb/gadget/udc/core.c
+++ b/drivers/usb/gadget/udc/core.c
@@ -757,7 +757,7 @@ int usb_gadget_deactivate(struct usb_gadget *gadget)
 {
 	int ret = 0;
 
-	if (gadget->deactivated)
+	if (!gadget || gadget->deactivated)
 		goto out;
 
 	if (gadget->connected) {