authorMing Lei <ming.lei@canonical.com>2013-04-04 22:22:37 +0800
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2013-04-05 15:35:52 -0700
commitbb2b0051d7b0772ea9d0b4be900c2d965093f5d7 (patch)
treeea77b283a68b2b2a5cbcf29706d8c2d6361d18e6 /block
parentbcfb87fb75fa3a9b96c8a73d19166897d167fe3f (diff)
sysfs: check if one entry has been removed before freeing
It might be a kernel disaster if one sysfs entry is freed but still referenced by sysfs tree. Recently Dave and Sasha reported one use-after-free problem on sysfs entry, and the problem has been troubleshooted with help of debug message added in this patch. Given sysfs_get_dirent/sysfs_put are exported APIs, even inside sysfs they are called in many contexts(kobject/attribe add/delete, inode init/drop, dentry lookup/release, readdir, ...), it is healthful to check the removed flag before freeing one entry and dump message if it is freeing without being removed first. Cc: Dave Jones <davej@redhat.com> Cc: Sasha Levin <levinsasha928@gmail.com> Signed-off-by: Ming Lei <ming.lei@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
0 files changed, 0 insertions, 0 deletions