[tip:x86/efi] x86, efi: Only close open files in error path

[tip-bot for Matt Fleming]

Commit-ID:  30dc0d0fe5d08396dbdaa2d70972149131340960
Gitweb:     http://git.kernel.org/tip/30dc0d0fe5d08396dbdaa2d70972149131340960
Author:     Matt Fleming <matt.fleming@xxxxxxxxx>
AuthorDate: Thu, 15 Mar 2012 19:13:25 +0000
Committer:  H. Peter Anvin <hpa@xxxxxxxxx>
CommitDate: Fri, 1 Jun 2012 09:11:10 -0700

x86, efi: Only close open files in error path

The loop at the 'close_handles' label in handle_ramdisks() should be
using 'i', which represents the number of initrd files that were
successfully opened, not 'nr_initrds' which is the number of initrd=
arguments passed on the command line.

Currently, if we execute the loop to close all file handles and we
failed to open any initrds we'll try to call the close function on a
garbage pointer, causing the machine to hang.

Cc: Matthew Garrett <mjg@xxxxxxxxxx>
Signed-off-by: Matt Fleming <matt.fleming@xxxxxxxxx>
Link: http://lkml.kernel.org/r/1331907517-3985-2-git-send-email-matt@xxxxxxxxxxxxxxxxx
Signed-off-by: H. Peter Anvin <hpa@xxxxxxxxx>
---
 arch/x86/boot/compressed/eboot.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
index 2c14e76..52a4e66 100644
--- a/arch/x86/boot/compressed/eboot.c
+++ b/arch/x86/boot/compressed/eboot.c
@@ -674,7 +674,7 @@ free_initrd_total:
 	low_free(initrd_total, initrd_addr);
 
 close_handles:
-	for (k = j; k < nr_initrds; k++)
+	for (k = j; k < i; k++)
 		efi_call_phys1(fh->close, initrds[k].handle);
 free_initrds:
 	efi_call_phys1(sys_table->boottime->free_pool, initrds);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/