From 1bcbe7300815e91fef18ee905b04f65490ad38c9 Mon Sep 17 00:00:00 2001 From: Anson Huang Date: Fri, 14 Jun 2019 16:07:47 +0800 Subject: [PATCH] soc: imx8: Fix potential kernel dump in error path When SoC's revision value is 0, SoC driver will print out "unknown" in sysfs's revision node, this "unknown" is a static string which can NOT be freed, this will caused below kernel dump in later error path which calls kfree: kernel BUG at mm/slub.c:3942! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP Modules linked in: CPU: 2 PID: 1 Comm: swapper/0 Not tainted 5.2.0-rc4-next-20190611-00023-g705146c-dirty #2197 Hardware name: NXP i.MX8MQ EVK (DT) pstate: 60000005 (nZCv daif -PAN -UAO) pc : kfree+0x170/0x1b0 lr : imx8_soc_init+0xc0/0xe4 sp : ffff00001003bd10 x29: ffff00001003bd10 x28: ffff00001121e0a0 x27: ffff000011482000 x26: ffff00001117068c x25: ffff00001121e100 x24: ffff000011482000 x23: ffff000010fe2b58 x22: ffff0000111b9ab0 x21: ffff8000bd9dfba0 x20: ffff0000111b9b70 x19: ffff7e000043f880 x18: 0000000000001000 x17: ffff000010d05fa0 x16: ffff0000122e0000 x15: 0140000000000000 x14: 0000000030360000 x13: ffff8000b94b5bb0 x12: 0000000000000038 x11: ffffffffffffffff x10: ffffffffffffffff x9 : 0000000000000003 x8 : ffff8000b9488147 x7 : ffff00001003bc00 x6 : 0000000000000000 x5 : 0000000000000003 x4 : 0000000000000003 x3 : 0000000000000003 x2 : b8793acd604edf00 x1 : ffff7e000043f880 x0 : ffff7e000043f888 Call trace: kfree+0x170/0x1b0 imx8_soc_init+0xc0/0xe4 do_one_initcall+0x58/0x1b8 kernel_init_freeable+0x1cc/0x288 kernel_init+0x10/0x100 ret_from_fork+0x10/0x18 This patch fixes this potential kernel dump when a chip's revision is "unknown", it is done by checking whether the revision space can be freed. Fixes: a7e26f356ca1 ("soc: imx: Add generic i.MX8 SoC driver") Signed-off-by: Anson Huang Signed-off-by: Shawn Guo --- drivers/soc/imx/soc-imx8.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/soc/imx/soc-imx8.c b/drivers/soc/imx/soc-imx8.c index 0a8681f208d3..ef2406fb005f 100644 --- a/drivers/soc/imx/soc-imx8.c +++ b/drivers/soc/imx/soc-imx8.c @@ -141,7 +141,8 @@ static int __init imx8_soc_init(void) return 0; free_rev: - kfree(soc_dev_attr->revision); + if (strcmp(soc_dev_attr->revision, "unknown")) + kfree(soc_dev_attr->revision); free_soc: kfree(soc_dev_attr); of_node_put(root);