On Thu, Jul 14, 2016 at 10:15 PM, joeyli <jlee@xxxxxxxx> wrote: > Hi Dan, > > On Thu, Jul 14, 2016 at 08:28:57PM -0700, Dan Williams wrote: >> acpi_evaluate_object() allocates memory. Free the buffer allocated >> during acpi_nfit_add(). >> >> Cc: <stable@xxxxxxxxxxxxxxx> >> Cc: Vishal Verma <vishal.l.verma@xxxxxxxxx> >> Reported-by: Xiao Guangrong <guangrong.xiao@xxxxxxxxx> >> Reported-by: Haozhong Zhang <haozhong.zhang@xxxxxxxxx> >> Signed-off-by: Dan Williams <dan.j.williams@xxxxxxxxx> >> --- >> drivers/acpi/nfit.c | 7 +++++-- >> 1 file changed, 5 insertions(+), 2 deletions(-) >> >> diff --git a/drivers/acpi/nfit.c b/drivers/acpi/nfit.c >> index 0497175ee6cb..008dbaaa2b75 100644 >> --- a/drivers/acpi/nfit.c >> +++ b/drivers/acpi/nfit.c >> @@ -2414,12 +2414,15 @@ static int acpi_nfit_add(struct acpi_device *adev) >> acpi_desc->nfit = >> (struct acpi_nfit_header *)obj->buffer.pointer; >> sz = obj->buffer.length; >> + rc = acpi_nfit_init(acpi_desc, sz); >> } else >> dev_dbg(dev, "%s invalid type %d, ignoring _FIT\n", >> __func__, (int) obj->type); >> - } >> + kfree(buf.pointer); >> + acpi_desc->nfit = NULL; > > Looks "acpi_desc->nfit = NULL" statement will be removed in [PATCH 2/2] > immediately. Why add it in PATCH 1? I was debating it, but for code readability of -stable kernels (where patch2 will not be included) I want to make it clear that nothing uses the value of ->nfit outside of acpi_nfit_init(). > >> + } else >> + rc = acpi_nfit_init(acpi_desc, sz); >> >> - rc = acpi_nfit_init(acpi_desc, sz); >> if (rc) { >> nvdimm_bus_unregister(acpi_desc->nvdimm_bus); >> return rc; >> > > Other parts are no problem to me. Thanks. -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html