• Ming Lei's avatar
    sysfs: check if one entry has been removed before freeing · bb2b0051
    Ming Lei authored
    It might be a kernel disaster if one sysfs entry is freed but
    still referenced by sysfs tree.
    
    Recently Dave and Sasha reported one use-after-free problem on
    sysfs entry, and the problem has been troubleshooted with help
    of debug message added in this patch.
    
    Given sysfs_get_dirent/sysfs_put are exported APIs, even inside
    sysfs they are called in many contexts(kobject/attribe add/delete,
    inode init/drop, dentry lookup/release, readdir, ...), it is healthful
    to check the removed flag before freeing one entry and dump message
    if it is freeing without being removed first.
    
    Cc: Dave Jones <davej@redhat.com>
    Cc: Sasha Levin <levinsasha928@gmail.com>
    Signed-off-by: 's avatarMing Lei <ming.lei@canonical.com>
    Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    bb2b0051
Name
Last commit
Last update
..
Kconfig Loading commit data...
Makefile Loading commit data...
bin.c Loading commit data...
dir.c Loading commit data...
file.c Loading commit data...
group.c Loading commit data...
inode.c Loading commit data...
mount.c Loading commit data...
symlink.c Loading commit data...
sysfs.h Loading commit data...