CVE-2025-68220

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: ti: netcp: Standardize knavdmaopen_channel to return NULL on error

Make knavdmaopenchannel consistently return NULL on error instead of ERRPTR. Currently the header include/linux/soc/ti/knavdma.h returns NULL when the driver is disabled, but the driver implementation does not even return NULL or ERRPTR on failure, causing inconsistency in the users. This results in a crash in netcpfreenavigator_resources as followed (trimmed):

Unhandled fault: alignment exception (0x221) at 0xfffffff2 [fffffff2] *pgd=80000800207003, *pmd=82ffda003, *pte=00000000 Internal error: : 221 [#1] SMP ARM Modules linked in: CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.17.0-rc7 #1 NONE Hardware name: Keystone PC is at knavdmaclosechannel+0x30/0x19c LR is at netcpfreenavigatorresources+0x2c/0x28c

[... TRIM...]

Call trace: knavdmaclosechannel from netcpfreenavigatorresources+0x2c/0x28c netcpfreenavigatorresources from netcpndoopen+0x430/0x46c netcpndo_open from __dev_open+0x114/0x29c __dev_open from __devchangeflags+0x190/0x208 __devchangeflags from netifchangeflags+0x1c/0x58 netifchangeflags from devchangeflags+0x38/0xa0 devchangeflags from ipautoconfig+0x2c4/0x11f0 ipautoconfig from dooneinitcall+0x58/0x200 dooneinitcall from kernelinitfreeable+0x1cc/0x238 kernelinitfreeable from kernelinit+0x1c/0x12c kernelinit from retfromfork+0x14/0x38 [... TRIM...]

Standardize the error handling by making the function return NULL on all error conditions. The API is used in just the netcp_core.c so the impact is limited.

Note, this change, in effect reverts commit 5b6cb43b4d62 ("net: ethernet: ti: netcp_core: return error while dma channel open issue"), but provides a less error prone implementation.