From: Bhavna Sarathy <bnagendr@redhat.com>
Date: Thu, 5 Aug 2010 18:03:41 -0400
Subject: [edac] amd64_edac: fix driver instance freeing
Message-id: <20100805180917.6566.10104.sendpatchset@localhost.localdomain>
Patchwork-id: 27417
O-Subject: [RHEL5.6 PATCH 3/10] amd64_edac - Fix driver instance freeing
Bugzilla: 568576
RH-Acked-by: Mauro Carvalho Chehab <mchehab@redhat.com>
>From 56899da1bc0247a832bec6738ad088f01a678681 Mon Sep 17 00:00:00 2001
From: Borislav Petkov <borislav.petkov@amd.com>
Date: Sat, 31 Jul 2010 03:12:38 +0200
Subject: [PATCH] amd64_edac: Fix driver instance freeing
(Upstream commit 8f68ed9728193b1f2fb53ba06031b06bd8b3d1b4)
Fix use-after-free errors by pushing all memory-freeing calls to the end
of amd64_remove_one_instance().
Reported-by: Darren Jenkins <darrenrjenkins@gmail.com>
LKML-Reference: <1261370306.11354.52.camel@ICE-BOX>
Signed-off-by: Borislav Petkov <borislav.petkov@amd.com>
diff --git a/drivers/edac/amd64_edac.c b/drivers/edac/amd64_edac.c
index 3d4ec39..c8642b2 100644
--- a/drivers/edac/amd64_edac.c
+++ b/drivers/edac/amd64_edac.c
@@ -2746,16 +2746,15 @@ static void __devexit amd64_remove_one_instance(struct pci_dev *pdev)
amd64_free_mc_sibling_devices(pvt);
- kfree(pvt);
- mci->pvt_info = NULL;
-
- mci_lookup[pvt->mc_node_id] = NULL;
-
/* unregister from EDAC MCE */
amd_report_gart_errors(false);
amd_unregister_ecc_decoder(amd64_decode_bus_error);
/* Free the EDAC CORE resources */
+ mci->pvt_info = NULL;
+ mci_lookup[pvt->mc_node_id] = NULL;
+
+ kfree(pvt);
edac_mc_free(mci);
}
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
27922b4260f65d317aabda37e42bbbff
>
files
>
734
