[PATCH 10/14] mtd: utilize new device_add_cdev helper function

Mon, 20 Feb 2017 21:04:10 -0800 

Note: neither of the cdev instances in the mtd tree originally
set the kobject parent. Thus, I'm reasonably confident that
both these instances would have suffered from a minor use after
free bug if the cdevs were open when the backing device was released.

Signed-off-by: Logan Gunthorpe <log...@deltatee.com>
---
 drivers/mtd/ubi/build.c |  8 +++++---
 drivers/mtd/ubi/vmt.c   | 10 +++++-----
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/drivers/mtd/ubi/build.c b/drivers/mtd/ubi/build.c
index 85d54f3..a509f15 100644
--- a/drivers/mtd/ubi/build.c
+++ b/drivers/mtd/ubi/build.c
@@ -434,11 +434,10 @@ static int ubi_sysfs_init(struct ubi_device *ubi, int 
*ref)
        int err;
 
        ubi->dev.release = dev_release;
-       ubi->dev.devt = ubi->cdev.dev;
        ubi->dev.class = &ubi_class;
        ubi->dev.groups = ubi_dev_groups;
        dev_set_name(&ubi->dev, UBI_NAME_STR"%d", ubi->ubi_num);
-       err = device_register(&ubi->dev);
+       err = device_add(&ubi->dev);
        if (err)
                return err;
 
@@ -508,12 +507,15 @@ static int uif_init(struct ubi_device *ubi, int *ref)
                return err;
        }
 
+       device_initialize(&ubi->dev);
+       ubi->dev.devt = dev;
+
        ubi_assert(MINOR(dev) == 0);
        cdev_init(&ubi->cdev, &ubi_cdev_operations);
        dbg_gen("%s major is %u", ubi->ubi_name, MAJOR(dev));
        ubi->cdev.owner = THIS_MODULE;
 
-       err = cdev_add(&ubi->cdev, dev, 1);
+       err = device_add_cdev(&ubi->dev, &ubi->cdev);
        if (err) {
                ubi_err(ubi, "cannot add character device");
                goto out_unreg;
diff --git a/drivers/mtd/ubi/vmt.c b/drivers/mtd/ubi/vmt.c
index 7ac78c1..df84ba7 100644
--- a/drivers/mtd/ubi/vmt.c
+++ b/drivers/mtd/ubi/vmt.c
@@ -159,7 +159,6 @@ int ubi_create_volume(struct ubi_device *ubi, struct 
ubi_mkvol_req *req)
        struct ubi_volume *vol;
        struct ubi_vtbl_record vtbl_rec;
        struct ubi_eba_table *eba_tbl = NULL;
-       dev_t dev;
 
        if (ubi->ro_mode)
                return -EROFS;
@@ -265,11 +264,13 @@ int ubi_create_volume(struct ubi_device *ubi, struct 
ubi_mkvol_req *req)
                        vol->last_eb_bytes = vol->usable_leb_size;
        }
 
+       device_initialize(&vol->dev);
+       vol->dev.devt = MKDEV(MAJOR(ubi->cdev.dev), vol_id + 1);
+
        /* Register character device for the volume */
        cdev_init(&vol->cdev, &ubi_vol_cdev_operations);
        vol->cdev.owner = THIS_MODULE;
-       dev = MKDEV(MAJOR(ubi->cdev.dev), vol_id + 1);
-       err = cdev_add(&vol->cdev, dev, 1);
+       err = device_add_cdev(&vol->dev, &vol->cdev);
        if (err) {
                ubi_err(ubi, "cannot add character device");
                goto out_mapping;
@@ -277,12 +278,11 @@ int ubi_create_volume(struct ubi_device *ubi, struct 
ubi_mkvol_req *req)
 
        vol->dev.release = vol_release;
        vol->dev.parent = &ubi->dev;
-       vol->dev.devt = dev;
        vol->dev.class = &ubi_class;
        vol->dev.groups = volume_dev_groups;
 
        dev_set_name(&vol->dev, "%s_%d", ubi->ubi_name, vol->vol_id);
-       err = device_register(&vol->dev);
+       err = device_add(&vol->dev);
        if (err) {
                ubi_err(ubi, "cannot register device");
                goto out_cdev;
-- 
2.1.4

_______________________________________________
Linux-nvdimm mailing list
Linux-nvdimm@lists.01.org
https://lists.01.org/mailman/listinfo/linux-nvdimm

Reply via email to