Skip to content

L
linux
Commit ab67b6c2 authored by Tony Luck's avatar Tony Luck Committed by Borislav Petkov
Browse files
Options

EDAC: Fix used after kfree() error in edac_unregister_sysfs() 

Code flow looks like this:

  device_unregister(&mci->dev);
   -> kobject_put+0x25/0x50
    -> kobject_cleanup+0x77/0x190
      -> device_release+0x32/0xa0
	-> mci_attr_release+0x36/0x70
	  -> kfree(mci);
  bus_unregister(mci->bus);

Fix is to grab a local copy of "mci->bus" and use that when we call
bus_unregister().
Signed-off-by: default avatarTony Luck <tony.luck@intel.com>
Acked-by: default avatarAristeu Rozanski <aris@redhat.com>
Cc: Mauro Carvalho Chehab <mchehab@osg.samsung.com>
Cc: linux-edac <linux-edac@vger.kernel.org>
Link: http://lkml.kernel.org/r/21d595b0ab3d718d9cb206647f4ec91c05e62ec4.1461261078.git.tony.luck@intel.comSigned-off-by: default avatarBorislav Petkov <bp@suse.de>
parent 1aa6eb5c
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 1 deletion
drivers/edac/edac_mc_sysfs.c
View file @ ab67b6c2
......@@ -998,11 +998,12 @@ void edac_remove_sysfs_mci_device(struct mem_ctl_info *mci)
void edac_unregister_sysfs(struct mem_ctl_info *mci)
{
struct bus_type *bus = mci->bus;
const char *name = mci->bus->name;
edac_dbg(1, "Unregistering device %s\n", dev_name(&mci->dev));
device_unregister(&mci->dev);
bus_unregister(mci->bus);
bus_unregister(bus);
kfree(name);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7