Commit 12abcfde authored Apr 29, 2013 by Matt Fleming

efi, pstore: Remove entry from list when erasing



We need to remove the entry from the EFI variable list before we erase
it from the variable store and free the associated state, otherwise it's
possible to hit the following crash,

  BUG: unable to handle kernel NULL pointer dereference at (null)
  IP: [<ffffffff8142ea0f>] __efivar_entry_iter+0xcf/0x120
  PGD 19483f067 PUD 195426067 PMD 0
  Oops: 0000 [#1] SMP
  [...]
  Call Trace:
   [<ffffffff81430ebf>] efi_pstore_erase+0xef/0x140
   [<ffffffff81003138>] ? math_error+0x288/0x2d0
   [<ffffffff811ea491>] pstore_unlink+0x41/0x60
   [<ffffffff811741ff>] vfs_unlink+0x9f/0x110
   [<ffffffff8117813b>] do_unlinkat+0x18b/0x280
   [<ffffffff8116d7e6>] ? sys_newfstatat+0x36/0x50
   [<ffffffff81178472>] sys_unlinkat+0x22/0x40
   [<ffffffff81543282>] system_call_fastpath+0x16/0x1b

Reported-by: Seiji Aguchi <seiji.aguchi@hds.com>
Tested-by: Seiji Aguchi <seiji.aguchi@hds.com>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Matthew Garrett <matthew.garrett@nebula.com>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>

parent 4ee39e97

drivers/firmware/efi/efi-pstore.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -167,6 +167,8 @@ static int efi_pstore_erase_func(struct efivar_entry entry, void data)

		/* found */
		__efivar_entry_delete(entry);
		list_del(&entry->list);

		return 1;
		}