Hi Lv,
I fear gasket is no more on staging tree, I think it's no more on
kernel. Try fetch again from remote.
On Tue, Apr 27, 2021 at 07:11:29AM -0700, Lv Yunlong wrote:
> In gasket_enable_device, it calls gasket_interrupt_init().
> Inside gasket_interrupt_init, interrupt_data is allocated via
> kzalloc() and then is assigned to gasket_dev->interrupt_data.
> If the later two kzalloc() failed, interrupt_data will be freed
> and gasket_dev->interrupt_data will point to a freed memory.
>
> After gasket_enable_device received the error, the freed
> gasket_dev->interrupt_data is freed again in
> gasket_interrupt_cleanup(gasket_dev).
>
> My patch moves the "gasket_dev->interrupt_data = interrupt_data"
> assignment behind the later kzalloc() all successd, to avoid
> gasket_dev->interrupt_data pointing to a freed memory
>
> Fixes: 80666096eb78f ("staging: gasket: core: remove static function forward declarations")
> Signed-off-by: Lv Yunlong <lyl2019@xxxxxxxxxxxxxxxx>
> ---
> drivers/staging/gasket/gasket_interrupt.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/staging/gasket/gasket_interrupt.c b/drivers/staging/gasket/gasket_interrupt.c
> index 864342acfd86..d4993d7abb87 100644
> --- a/drivers/staging/gasket/gasket_interrupt.c
> +++ b/drivers/staging/gasket/gasket_interrupt.c
> @@ -322,7 +322,6 @@ int gasket_interrupt_init(struct gasket_dev *gasket_dev)
> interrupt_data = kzalloc(sizeof(*interrupt_data), GFP_KERNEL);
> if (!interrupt_data)
> return -ENOMEM;
> - gasket_dev->interrupt_data = interrupt_data;
> interrupt_data->name = driver_desc->name;
> interrupt_data->type = driver_desc->interrupt_type;
> interrupt_data->pci_dev = gasket_dev->pci_dev;
> @@ -349,6 +348,8 @@ int gasket_interrupt_init(struct gasket_dev *gasket_dev)
> return -ENOMEM;
> }
>
> + gasket_dev->interrupt_data = interrupt_data;
> +
> switch (interrupt_data->type) {
> case PCI_MSIX:
> ret = gasket_interrupt_msix_init(interrupt_data);
> --
> 2.25.1
>
>
>
thank you,
fabio
