When the main loop in linehandle_create() encounters an error, it
fails to free one of the previously-requested GPIO descriptors.
This renders the unfreed GPIO unusable until reboot, and leaves
its label pointing to free'd kernel memory.
Cc: [email protected]
Fixes: ab3dbcf78f60 ("gpioib: do not free unrequested descriptors")
Signed-off-by: Jim Paris <[email protected]>
---
drivers/gpio/gpiolib.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c
index e8f8a1999393..a57300c1d649 100644
--- a/drivers/gpio/gpiolib.c
+++ b/drivers/gpio/gpiolib.c
@@ -571,7 +571,7 @@ static int linehandle_create(struct gpio_device *gdev, void __user *ip)
if (ret)
goto out_free_descs;
lh->descs[i] = desc;
- count = i;
+ count = i + 1;
if (lflags & GPIOHANDLE_REQUEST_ACTIVE_LOW)
set_bit(FLAG_ACTIVE_LOW, &desc->flags);
--
2.18.0
Hi Jim
I have sent an identical patch 3 hours before you [1] ;)
Seems that we are working on the same stuff.
Cheers
[1] https://www.spinics.net/lists/linux-gpio/msg32541.html
On Thu, Sep 13, 2018 at 6:42 PM Jim Paris <[email protected]> wrote:
>
> When the main loop in linehandle_create() encounters an error, it
> fails to free one of the previously-requested GPIO descriptors.
> This renders the unfreed GPIO unusable until reboot, and leaves
> its label pointing to free'd kernel memory.
>
> Cc: [email protected]
> Fixes: ab3dbcf78f60 ("gpioib: do not free unrequested descriptors")
> Signed-off-by: Jim Paris <[email protected]>
> ---
> drivers/gpio/gpiolib.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c
> index e8f8a1999393..a57300c1d649 100644
> --- a/drivers/gpio/gpiolib.c
> +++ b/drivers/gpio/gpiolib.c
> @@ -571,7 +571,7 @@ static int linehandle_create(struct gpio_device *gdev, void __user *ip)
> if (ret)
> goto out_free_descs;
> lh->descs[i] = desc;
> - count = i;
> + count = i + 1;
>
> if (lflags & GPIOHANDLE_REQUEST_ACTIVE_LOW)
> set_bit(FLAG_ACTIVE_LOW, &desc->flags);
> --
> 2.18.0
>
--
Ricardo Ribalda
On Thu, Sep 13, 2018 at 9:56 PM Ricardo Ribalda Delgado
<[email protected]> wrote:
> Hi Jim
>
> I have sent an identical patch 3 hours before you [1] ;)
> Seems that we are working on the same stuff.
Haha w00t but I'm grateful that you fine people are taking the
chardev ABI for a ride!
I recorded Jim's contribution as Reported-by on your patch.
Yours,
Linus Walleij