FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2024-12-16 05:50:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
b8cb62f821
linux/drivers
History
Seiji Aguchi d51df2c5d3 efivar: fix oops in efivar_update_sysfs_entries() caused by memory reuse 
The loop in efivar_update_sysfs_entries() reuses the same allocation for
entries each time it calls efivar_create_sysfs_entry(entry).  This is
wrong because efivar_create_sysfs_entry() expects to keep the memory it
was passed, so the caller may not free it (and may not pass the same
memory in multiple times).  This leads to the oops below.  Fix by
getting a new allocation each time we go around the loop.

---[ end trace ba4907d5c519d111 ]---
BUG: unable to handle kernel NULL pointer dereference at           (null)
IP: [<ffffffff8142f81f>] efivar_entry_find+0x14f/0x2d0
PGD 0
Oops: 0000 [#2] SMP
Modules linked in: oops(OF+) ebtable_nat ebtables xt_CHECKSUM [...]
CPU: 0 PID: 301 Comm: kworker/0:2 Tainted: GF     D    O 3.9.0+ #1
Hardware name: LENOVO 4291EV7/4291EV7, BIOS 8DET52WW (1.22 ) 09/15/2011
Workqueue: events efivar_update_sysfs_entries
task: ffff8801955920c0 ti: ffff88019413e000 task.ti: ffff88019413e000
RIP: 0010:[<ffffffff8142f81f>]  [<ffffffff8142f81f>] efivar_entry_find+0x14f/0x2d0
RSP: 0018:ffff88019413fa48  EFLAGS: 00010006
RAX: 0000000000000000 RBX: ffff880195d87c00 RCX: ffffffff81ab6f60
RDX: ffff88019413fb88 RSI: 0000000000000400 RDI: ffff880196254000
RBP: ffff88019413fbd8 R08: 0000000000000000 R09: ffff8800dad99037
R10: ffff880195d87c00 R11: 0000000000000430 R12: ffffffff81ab6f60
R13: fffffffffffff7d8 R14: ffff880196254000 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff88019e200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 0000000001a0b000 CR4: 00000000000407f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Stack:
 ffff88019413fb78 ffff88019413fb88 ffffffff81e85d60 03000000972b5c00
 ffff88019413fa29 ffffffff81e85d60 ffff88019413fbfb 0000000197087280
 00000000000000fe 0000000000000001 ffffffff81e85dd9 ffff880197087280
Call Trace:
 [<ffffffff81254371>] ? idr_get_empty_slot+0x131/0x240
 [<ffffffff8125b6d2>] ? put_dec+0x72/0x90
 [<ffffffff81158e40>] ? cache_alloc_refill+0x170/0x2f0
 [<ffffffff81430420>] efivar_update_sysfs_entry+0x150/0x220
 [<ffffffff8103dd29>] ? efi_call2+0x9/0x70
 [<ffffffff8103d787>] ? virt_efi_get_next_variable+0x47/0x1b0
 [<ffffffff8115a8df>] ? kmem_cache_alloc_trace+0x1af/0x1c0
 [<ffffffff81430033>] efivar_init+0x2c3/0x380
 [<ffffffff814302d0>] ? efivar_delete+0xd0/0xd0
 [<ffffffff8143111f>] efivar_update_sysfs_entries+0x6f/0x90
 [<ffffffff810605f3>] process_one_work+0x183/0x490
 [<ffffffff81061780>] worker_thread+0x120/0x3a0
 [<ffffffff81061660>] ? manage_workers+0x160/0x160
 [<ffffffff8106752e>] kthread+0xce/0xe0
 [<ffffffff81067460>] ? kthread_freezable_should_stop+0x70/0x70
 [<ffffffff81543c5c>] ret_from_fork+0x7c/0xb0
 [<ffffffff81067460>] ? kthread_freezable_should_stop+0x70/0x70
Code: 8d 55 b0 48 8d 45 a0 49 81 ed 28 08 00 00 48 89 95 78 fe [...]
RIP  [<ffffffff8142f81f>] efivar_entry_find+0x14f/0x2d0
 RSP <ffff88019413fa48>
CR2: 0000000000000000
---[ end trace ba4907d5c519d112 ]---

Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Cc: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
Signed-off-by: Seiji Aguchi <seiji.aguchi@hds.com>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
2013-05-13 20:20:02 +01:00
..
accessibility
acpi ACPICA fixes for 3.10-rc1 2013-05-09 16:33:42 -07:00
amba
ata ARM: arm-soc: late cleanups 2013-05-07 11:22:14 -07:00
atm
auxdisplay
base
bcma - Lots of cleanups from Artem, including deletion of some obsolete drivers 2013-05-09 10:15:46 -07:00
block Merge git://git.infradead.org/users/willy/linux-nvme 2013-05-09 16:35:00 -07:00
bluetooth
bus
cdrom block_device_operations->release() should return void 2013-05-07 02:16:21 -04:00
char aio: don't include aio.h in sched.h 2013-05-07 20:16:25 -07:00
clk ARM: late Exynos multiplatform changes 2013-05-07 11:28:42 -07:00
clocksource ARM: late Exynos multiplatform changes 2013-05-07 11:28:42 -07:00
connector
cpufreq
cpuidle
crypto Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2013-05-02 14:53:12 -07:00
dca
devfreq
dio
dma Merge branch 'for-linus' of git://git.infradead.org/users/vkoul/slave-dma 2013-05-09 09:46:45 -07:00
edac Two small EDAC fixes. 2013-05-09 10:11:08 -07:00
eisa
extcon Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
firewire IEEE 1394 (FireWire) subsystem changes: 2013-05-09 10:11:48 -07:00
firmware efivar: fix oops in efivar_update_sysfs_entries() caused by memory reuse 2013-05-13 20:20:02 +01:00
gpio Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
gpu Merge branch 'drm-next' of git://people.freedesktop.org/~airlied/linux 2013-05-02 19:40:34 -07:00
hid HID: debug: fix RCU preemption issue 2013-05-06 13:07:33 +02:00
hsi
hv
hwmon Merge branch 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging 2013-05-04 13:44:38 -07:00
hwspinlock A single patch from Vincent extending OMAP's hwspinlock support to OMAP5. 2013-05-07 14:01:27 -07:00
i2c Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
ide block_device_operations->release() should return void 2013-05-07 02:16:21 -04:00
idle Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux 2013-05-11 15:23:17 -07:00
iio
infiniband InfiniBand/RDMA changes for the 3.10 merge window: 2013-05-08 15:29:48 -07:00
input Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
iommu IOMMU Updates for Linux v3.10 2013-05-06 14:59:13 -07:00
ipack
irqchip ARM: late Exynos multiplatform changes 2013-05-07 11:28:42 -07:00
isdn Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
leds Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
lguest Lots of virtio work which wasn't quite ready for last merge window. Plus 2013-05-02 14:14:04 -07:00
macintosh Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2013-05-02 10:16:16 -07:00
mailbox
md dm cache: set config value 2013-05-10 14:37:21 +01:00
media Merge branch 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2013-05-02 14:38:53 -07:00
memory
memstick block_device_operations->release() should return void 2013-05-07 02:16:21 -04:00
message Merge branch 'for-3.10/core' of git://git.kernel.dk/linux-block 2013-05-08 10:13:35 -07:00
mfd For 3.10 we have a few new MFD drivers for: 2013-05-05 17:36:20 -07:00
misc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
mmc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-07 15:14:53 -07:00
mtd - Lots of cleanups from Artem, including deletion of some obsolete drivers 2013-05-09 10:15:46 -07:00
net Merge branch 'stable' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile 2013-05-09 14:34:58 -07:00
nfc
ntb
nubus nubus: Kill nubus_proc_detach_device() 2013-05-04 14:47:26 -04:00
of net: of_mdio: fix behavior on missing phy device 2013-05-08 13:13:29 -07:00
oprofile
parisc parisc: fix partly 16/64k PAGE_SIZE boot 2013-05-06 23:08:32 +02:00
parport
pci PCI updates for v3.10: 2013-05-09 10:21:44 -07:00
pcmcia
pinctrl Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
platform - Artem's removal of dead code continues (RPX, MBX860) 2013-05-10 09:09:47 -07:00
pnp Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2013-05-02 10:16:16 -07:00
power For 3.10 we have a few new MFD drivers for: 2013-05-05 17:36:20 -07:00
pps Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
ps3
ptp
pwm
rapidio
regulator Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
remoteproc This pull request contains: 2013-05-07 14:04:56 -07:00
reset
rpmsg A small pull request consisting of: 2013-05-07 14:02:00 -07:00
rtc Merge branch 'stable' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile 2013-05-09 14:34:58 -07:00
s390 Merge branch 'for-3.10/core' of git://git.kernel.dk/linux-block 2013-05-08 10:13:35 -07:00
sbus
scsi Merge branch 'postmerge' into for-linus 2013-05-10 07:54:01 -07:00
sfi
sh
sn
spi Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
ssb - Lots of cleanups from Artem, including deletion of some obsolete drivers 2013-05-09 10:15:46 -07:00
ssbi
staging Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
target Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
tc
thermal
tty Merge git://git.infradead.org/users/eparis/audit 2013-05-11 14:29:11 -07:00
uio
usb Merge branch 'stable' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile 2013-05-09 14:34:58 -07:00
uwb
vfio vfio updates for v3.10 2013-05-02 14:02:32 -07:00
vhost vhost: more fixes for 3.10 2013-05-07 10:13:52 -07:00
video Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2013-05-10 07:48:05 -07:00
virt
virtio
vlynq
vme
w1 Removal of GENERIC_GPIO for v3.10 2013-05-09 09:59:16 -07:00
watchdog watchdog: Fix race condition in registration code 2013-05-09 08:13:41 +02:00
xen Bug-fixes: 2013-05-11 16:19:30 -07:00
zorro
Kconfig ARM: arm-soc driver changes for 3.10 2013-05-04 12:31:18 -07:00
Makefile ARM: arm-soc driver changes for 3.10 2013-05-04 12:31:18 -07:00