Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a66c38a1 authored by Paolo Valente's avatar Paolo Valente Committed by Jens Axboe
Browse files

block, bfq: use pointer entity->sched_data only if set 



In the function __bfq_deactivate_entity, the pointer
entity->sched_data could happen to be used before being properly
initialized. This led to a NULL pointer dereference. This commit fixes
this bug by just using this pointer only where it is safe to do so.

Reported-by: default avatarTom Harrison <l12436.tw@gmail.com>
Tested-by: default avatarTom Harrison <l12436.tw@gmail.com>
Signed-off-by: default avatarPaolo Valente <paolo.valente@linaro.org>
Signed-off-by: default avatarJens Axboe <axboe@fb.com>
parent fba704b4

block/bfq-wf2q.c

+11 −2
Original line number Diff line number Diff line
@@ -1114,12 +1114,21 @@ static void bfq_activate_requeue_entity(struct bfq_entity *entity, 
bool __bfq_deactivate_entity(struct bfq_entity *entity, bool ins_into_idle_tree)

{

	struct bfq_sched_data *sd = entity->sched_data;

	struct bfq_service_tree *st = bfq_entity_service_tree(entity);

	int is_in_service = entity == sd->in_service_entity;

	struct bfq_service_tree *st;

	bool is_in_service;



	if (!entity->on_st) /* entity never activated, or already inactive */

		return false;



	/*

	 * If we get here, then entity is active, which implies that

	 * bfq_group_set_parent has already been invoked for the group

	 * represented by entity. Therefore, the field

	 * entity->sched_data has been set, and we can safely use it.

	 */

	st = bfq_entity_service_tree(entity);

	is_in_service = entity == sd->in_service_entity;



	if (is_in_service)

		bfq_calc_finish(entity, entity->service);