CVE-2022-49507

In the Linux kernel, the following vulnerability has been resolved:

regulator: da9121: Fix uninit-value in da9121assignchip_model()

KASAN report slab-out-of-bounds in _regmapinit as follows:

BUG: KASAN: slab-out-of-bounds in _regmapinit drivers/base/regmap/regmap.c:841 Read of size 1 at addr ffff88803678cdf1 by task xrun/9137

CPU: 0 PID: 9137 Comm: xrun Tainted: G W 5.18.0-rc2 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 Call Trace: <TASK> dumpstacklvl+0xe8/0x15a lib/dumpstack.c:88 printreport.cold+0xcd/0x69b mm/kasan/report.c:313 kasanreport+0x8e/0xc0 mm/kasan/report.c:491 _regmapinit+0x4540/0x4ba0 drivers/base/regmap/regmap.c:841 _devmregmapinit+0x7a/0x100 drivers/base/regmap/regmap.c:1266 _devmregmapiniti2c+0x65/0x80 drivers/base/regmap/regmap-i2c.c:394 da9121i2cprobe+0x386/0x6d1 drivers/regulator/da9121-regulator.c:1039 i2cdeviceprobe+0x959/0xac0 drivers/i2c/i2c-core-base.c:563

This happend when da9121 device is probe by da9121i2cid, but with invalid dts. Thus, chip->subvariantid is set to -EINVAL, and later da9121assignchipmodel() will access 'regmap' without init it.

Fix it by return -EINVAL from da9121assignchipmodel() if 'chip->subvariantid' is invalid.