[PATCH 5.14 137/168] watchdog: Fix NULL pointer dereference when releasing cdev
From: Greg Kroah-Hartman
Date: Mon Sep 20 2021 - 14:52:00 EST
From: Curtis Klein <curtis.klein@xxxxxxx>
[ Upstream commit c7b178dae139f8857edc50888cfbf251cd974a38 ]
watchdog_hrtimer_pretimeout_stop needs the watchdog device to have a
valid pointer to the watchdog core data to stop the pretimeout hrtimer.
Therefore it needs to be called before the pointers are cleared in
watchdog_cdev_unregister.
Fixes: 7b7d2fdc8c3e ("watchdog: Add hrtimer-based pretimeout feature")
Reported-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
Signed-off-by: Curtis Klein <curtis.klein@xxxxxxx>
Reviewed-by: Guenter Roeck <linux@xxxxxxxxxxxx>
Link: https://lore.kernel.org/r/1624429583-5720-1-git-send-email-curtis.klein@xxxxxxx
Signed-off-by: Guenter Roeck <linux@xxxxxxxxxxxx>
Signed-off-by: Wim Van Sebroeck <wim@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
drivers/watchdog/watchdog_dev.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/watchdog/watchdog_dev.c b/drivers/watchdog/watchdog_dev.c
index 6c73160386b9..0cc07d957b64 100644
--- a/drivers/watchdog/watchdog_dev.c
+++ b/drivers/watchdog/watchdog_dev.c
@@ -1096,6 +1096,8 @@ static void watchdog_cdev_unregister(struct watchdog_device *wdd)
watchdog_stop(wdd);
}
+ watchdog_hrtimer_pretimeout_stop(wdd);
+
mutex_lock(&wd_data->lock);
wd_data->wdd = NULL;
wdd->wd_data = NULL;
@@ -1103,7 +1105,6 @@ static void watchdog_cdev_unregister(struct watchdog_device *wdd)
hrtimer_cancel(&wd_data->timer);
kthread_cancel_work_sync(&wd_data->work);
- watchdog_hrtimer_pretimeout_stop(wdd);
put_device(&wd_data->dev);
}
--
2.30.2