[separate reply because the asked about part isn't in my patch it's in
existing code]
On Wed, 2021-01-13 at 08:50 +0100, Greg KH wrote:
> On Tue, Jan 12, 2021 at 05:59:58PM -0800, James Bottomley wrote:
[...]
> > void tpm_sysfs_add_device(struct tpm_chip *chip)
> > {
> > + int i;
> > +
> > WARN_ON(chip->groups_cnt != 0);
> > +
>
> How can that WARN_ON happen?
If tpm_sysfs_add_device gets called more than once, say because reuse
of the chip structure that causes it to be initialized again without
properly being torn down. I think it's a reasonable assert given that
we'll run off the end of the chip->groups array if it isn't true ...
which does really argue it should be a BUG_ON because the machine will
be compromised and likely unrecoverable if it triggers.
James
