efi, pstore: Remove entry from list when erasing

We need to remove the entry from the EFI variable list before we erase
it from the variable store and free the associated state, otherwise it's
possible to hit the following crash,

  BUG: unable to handle kernel NULL pointer dereference at (null)
  IP: [<ffffffff8142ea0f>] __efivar_entry_iter+0xcf/0x120
  PGD 19483f067 PUD 195426067 PMD 0
  Oops: 0000 [#1] SMP
  [...]
  Call Trace:
   [<ffffffff81430ebf>] efi_pstore_erase+0xef/0x140
   [<ffffffff81003138>] ? math_error+0x288/0x2d0
   [<ffffffff811ea491>] pstore_unlink+0x41/0x60
   [<ffffffff811741ff>] vfs_unlink+0x9f/0x110
   [<ffffffff8117813b>] do_unlinkat+0x18b/0x280
   [<ffffffff8116d7e6>] ? sys_newfstatat+0x36/0x50
   [<ffffffff81178472>] sys_unlinkat+0x22/0x40
   [<ffffffff81543282>] system_call_fastpath+0x16/0x1b

Reported-by: Seiji Aguchi <seiji.aguchi@hds.com>
Tested-by: Seiji Aguchi <seiji.aguchi@hds.com>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Matthew Garrett <matthew.garrett@nebula.com>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>

diff --git a/drivers/firmware/efi/efi-pstore.c b/drivers/firmware/efi/efi-pstore.c
index 583ee80..af45c42 100644 (file)
--- a/drivers/firmware/efi/efi-pstore.c
+++ b/drivers/firmware/efi/efi-pstore.c
@@ -167,6 +167,8 @@ static int efi_pstore_erase_func(struct efivar_entry *entry, void *data)
 
        /* found */
        __efivar_entry_delete(entry);
+       list_del(&entry->list);
+
        return 1;
 }