This is a note to let you know that I've just added the patch titled fail_function: Remove a redundant mutex unlock to the 5.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: fail_function-remove-a-redundant-mutex-unlock.patch and it can be found in the queue-5.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. commit eac0e7cc5da10bbc812234781a0b7f8b7140903e Author: Luo Meng <luomeng12@xxxxxxxxxx> Date: Wed Nov 18 22:49:31 2020 +0900 fail_function: Remove a redundant mutex unlock [ Upstream commit 2801a5da5b25b7af9dd2addd19b2315c02d17b64 ] Fix a mutex_unlock() issue where before copy_from_user() is not called mutex_locked. Fixes: 4b1a29a7f542 ("error-injection: Support fault injection framework") Reported-by: Hulk Robot <hulkci@xxxxxxxxxx> Signed-off-by: Luo Meng <luomeng12@xxxxxxxxxx> Signed-off-by: Masami Hiramatsu <mhiramat@xxxxxxxxxx> Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxx> Acked-by: Masami Hiramatsu <mhiramat@xxxxxxxxxx> Link: https://lore.kernel.org/bpf/160570737118.263807.8358435412898356284.stgit@devnote2 Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> diff --git a/kernel/fail_function.c b/kernel/fail_function.c index 63b349168da72..b0b1ad93fa957 100644 --- a/kernel/fail_function.c +++ b/kernel/fail_function.c @@ -253,7 +253,7 @@ static ssize_t fei_write(struct file *file, const char __user *buffer, if (copy_from_user(buf, buffer, count)) { ret = -EFAULT; - goto out; + goto out_free; } buf[count] = '\0'; sym = strstrip(buf); @@ -307,8 +307,9 @@ static ssize_t fei_write(struct file *file, const char __user *buffer, ret = count; } out: - kfree(buf); mutex_unlock(&fei_lock); +out_free: + kfree(buf); return ret; }