[PATCH] fs: sysfs: do not remove files if group is null
From: Daniel Steger
Date: Tue Aug 17 2021 - 21:08:18 EST
The current implementation allows the remove_files() API to be
called without checking if the grp->name is null. Ensure that
the group name is valid prior to removing files.
This patch fixes a race condition where device_del() will cleanup
sysfs entries prior to device managed sysfs entries. This results
in a NULL group->name and a system error during device cleanup.
To reproduce the issue, simply create a new child device in a
platform driver of your choice. Add a sysfs file group using
devm API. On driver exist ensure to unregister your child device.
Do not call devm_device_remove_group() and leave it up to the
implementation to automatically clean up the files. Here is where
you will see a kernel error complaining that the files have already
been removed.
Signed-off-by: Daniel Steger <daniel.steger@xxxxxxxxxx>
---
fs/sysfs/group.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/sysfs/group.c b/fs/sysfs/group.c
index 64e6a6698935..023b40840f36 100644
--- a/fs/sysfs/group.c
+++ b/fs/sysfs/group.c
@@ -286,9 +286,10 @@ void sysfs_remove_group(struct kobject *kobj,
kernfs_get(kn);
}
- remove_files(kn, grp);
- if (grp->name)
+ if (grp->name) {
+ remove_files(kn, grp);
kernfs_remove(kn);
+ }
kernfs_put(kn);
}
--
2.25.1
This email and any attachments are intended for the sole use of the named recipient(s) and contain(s) confidential information that may be proprietary, privileged or copyrighted under applicable law. If you are not the intended recipient, do not read, copy, or forward this email message or any attachments. Delete this email message and any attachments immediately.