ACK: [CVE-2014-9940][PATCH Trusty] regulator: core: Fix regualtor_ena_gpio_free not to access pin after freeing
Colin Ian King
colin.king at canonical.com
Thu Jun 8 06:48:43 UTC 2017
On 08/06/17 07:29, Po-Hsu Lin wrote:
> From: Seung-Woo Kim <sw0312.kim at samsung.com>
>
> CVE-2014-9940
>
> After freeing pin from regulator_ena_gpio_free, loop can access
> the pin. So this patch fixes not to access pin after freeing.
>
> Signed-off-by: Seung-Woo Kim <sw0312.kim at samsung.com>
> Signed-off-by: Mark Brown <broonie at kernel.org>
> (cherry picked from commit 60a2362f769cf549dc466134efe71c8bf9fbaaba)
>
> Signed-off-by: Po-Hsu Lin <po-hsu.lin at canonical.com>
> ---
> drivers/regulator/core.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c
> index d1db4fb..2d396dc 100644
> --- a/drivers/regulator/core.c
> +++ b/drivers/regulator/core.c
> @@ -1702,6 +1702,8 @@ static void regulator_ena_gpio_free(struct regulator_dev *rdev)
> gpio_free(pin->gpio);
> list_del(&pin->list);
> kfree(pin);
> + rdev->ena_pin = NULL;
> + return;
> } else {
> pin->request_count--;
> }
>
Acked-by: Colin Ian King <colin.king at canonical.com>
More information about the kernel-team
mailing list