Hi Luo,
On Tue, 10 Nov 2020 16:42:45 +0800
Luo Meng <luomen...@huawei.com> wrote:
> Fix a mutex_unlock() issue where before copy_from_user() is
> not called mutex_locked.
Oops, thank you for the fix.
Acked-by: Masami Hiramatsu <mhira...@kernel.org>
>
> Fixes: 4b1a29a7f542 ("error-injection: Support fault injection framework")
> Reported-by: Hulk Robot <hul...@huawei.com>
> Signed-off-by: Luo Meng <luomen...@huawei.com>
> ---
> kernel/fail_function.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/fail_function.c b/kernel/fail_function.c
> index 63b349168da7..b0b1ad93fa95 100644
> --- a/kernel/fail_function.c
> +++ b/kernel/fail_function.c
> @@ -253,7 +253,7 @@ static ssize_t fei_write(struct file *file, const char
> __user *buffer,
>
> if (copy_from_user(buf, buffer, count)) {
> ret = -EFAULT;
> - goto out;
> + goto out_free;
> }
> buf[count] = '\0';
> sym = strstrip(buf);
> @@ -307,8 +307,9 @@ static ssize_t fei_write(struct file *file, const char
> __user *buffer,
> ret = count;
> }
> out:
> - kfree(buf);
> mutex_unlock(&fei_lock);
> +out_free:
> + kfree(buf);
> return ret;
> }
>
> --
> 2.25.4
>
--
Masami Hiramatsu <mhira...@kernel.org>
