projects / profile / mobile / platform / kernel / linux-3.10-sc7730.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 12e6e19)
regulator: core: Fix regualtor_ena_gpio_free not to access pin after freeing 43/154643/1
authorSeung-Woo Kim <sw0312.kim@samsung.com>
Thu, 4 Dec 2014 10:17:17 +0000 (19:17 +0900)
committerSeung-Woo Kim <sw0312.kim@samsung.com>
Wed, 11 Oct 2017 02:31:04 +0000 (11:31 +0900)
After freeing pin from regulator_ena_gpio_free, loop can access
the pin. So this patch fixes not to access pin after freeing.

Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Signed-off-by: Mark Brown <broonie@kernel.org>
[sw0312.kim: cherry-pick from mainline to fix CVE-2014-9940]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Change-Id: Id4cbf09593e15909f33337ac09081bcbf0ce71ea

drivers/regulator/core.c patch | blob | history

diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c
index cfc3b75..7e27b58 100755 (executable)
--- a/drivers/regulator/core.c
+++ b/drivers/regulator/core.c
@@ -1535,6 +1535,8 @@ static void regulator_ena_gpio_free(struct regulator_dev *rdev)
                                gpio_free(pin->gpio);
                                list_del(&pin->list);
                                kfree(pin);
+                               rdev->ena_pin = NULL;
+                               return;
                        } else {
                                pin->request_count--;
                        }
Domain: System / Kernel;