summaryrefslogtreecommitdiff
path: root/arch/powerpc/platforms/pseries/dlpar.c
diff options
context:
space:
mode:
authorJulia Lawall <julia@diku.dk>2010-04-02 02:47:13 +0000
committerBenjamin Herrenschmidt <benh@kernel.crashing.org>2010-04-07 18:00:41 +1000
commita7df5c5e52a545774c4db1f2adf09ede018ab139 (patch)
treeb02fab55d085a9057a5a62bafe35ae69f1cc1bdd /arch/powerpc/platforms/pseries/dlpar.c
parentab30f78c0afbb86584144925e25c7ca68ba9a91f (diff)
powerpc/pseries/dlpar: Eliminate use after free
dlpar_free_cc_nodes frees its argument, so dlpar_online_cpu should not be called on the same value. Skip over the call to dlpar_online_cpu by jumping directly to out. A simplified version of the semantic patch that finds this problem is as follows: (http://coccinelle.lip6.fr/) // <smpl> @@ expression E,E2; @@ dlpar_free_cc_nodes(E) ... ( E = E2 | * E ) // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Diffstat (limited to 'arch/powerpc/platforms/pseries/dlpar.c')
-rw-r--r--arch/powerpc/platforms/pseries/dlpar.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/powerpc/platforms/pseries/dlpar.c b/arch/powerpc/platforms/pseries/dlpar.c
index e1682bc168a3..1540a41d1a85 100644
--- a/arch/powerpc/platforms/pseries/dlpar.c
+++ b/arch/powerpc/platforms/pseries/dlpar.c
@@ -433,6 +433,7 @@ static ssize_t dlpar_cpu_probe(const char *buf, size_t count)
if (rc) {
dlpar_release_drc(drc_index);
dlpar_free_cc_nodes(dn);
+ goto out;
}
rc = dlpar_online_cpu(dn);
generated by cgit v1.2.3 (git 2.0.4) at 2024-05-25 02:08:55 +0000