summaryrefslogtreecommitdiff
path: root/scripts/gcc-plugins/gcc-common.h
diff options
context:
space:
mode:
authorPavel Skripkin <paskripkin@gmail.com>2021-07-21 22:34:47 +0300
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2021-07-27 16:15:24 +0300
commite9e6aa51b2735d83a67d9fa0119cf11abef80d99 (patch)
treed6bcb31c49b720bd17ff5e0b6161f65366cc64a6 /scripts/gcc-plugins/gcc-common.h
parent9be550ee43919b070bcd77f9228bdbbbc073245b (diff)
downloadlinux-e9e6aa51b2735d83a67d9fa0119cf11abef80d99.tar.xz
staging: rtl8712: error handling refactoring
There was strange error handling logic in case of fw load failure. For some reason fw loader callback was doing clean up stuff when fw is not available. I don't see any reason behind doing this. Since this driver doesn't have EEPROM firmware let's just disconnect it in case of fw load failure. Doing clean up stuff in 2 different place which can run concurently is not good idea and syzbot found 2 bugs related to this strange approach. So, in this pacth I deleted all clean up code from fw callback and made a call to device_release_driver() under device_lock(parent) in case of fw load failure. This approach is more generic and it defend driver from UAF bugs, since all clean up code is moved to one place. Fixes: e02a3b945816 ("staging: rtl8712: fix memory leak in rtl871x_load_fw_cb") Fixes: 8c213fa59199 ("staging: r8712u: Use asynchronous firmware loading") Cc: stable <stable@vger.kernel.org> Reported-and-tested-by: syzbot+5872a520e0ce0a7c7230@syzkaller.appspotmail.com Reported-and-tested-by: syzbot+cc699626e48a6ebaf295@syzkaller.appspotmail.com Signed-off-by: Pavel Skripkin <paskripkin@gmail.com> Link: https://lore.kernel.org/r/d49ecc56e97c4df181d7bd4d240b031f315eacc3.1626895918.git.paskripkin@gmail.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'scripts/gcc-plugins/gcc-common.h')
0 files changed, 0 insertions, 0 deletions