[PATCH v2] mmc: sdio: fix kernel panic when remove non-standard SDIO card

From: Weizhao Ouyang
Date: Thu Oct 13 2022 - 23:50:13 EST


From: Weizhao Ouyang <o451686892@xxxxxxxxx>

From: Matthew Ma <mahongwei@xxxxxxxx>

SDIO tuple is only allocated for standard SDIO card, especially it
causes memory corruption issues when the non-standard SDIO card has
removed since the card device's reference counter does not increase for
it at sdio_init_func(), but all SDIO card device reference counter has
decreased at sdio_release_func().

Fixes: 6f51be3d37df ("sdio: allow non-standard SDIO cards")
Signed-off-by: Matthew Ma <mahongwei@xxxxxxxx>
Reviewed-by: Weizhao Ouyang <ouyangweizhao@xxxxxxxx>
Reviewed-by: John Wang <wangdayu@xxxxxxxx>
---
Changes in v2:
-- update Fixes tag

drivers/mmc/core/sdio_bus.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/mmc/core/sdio_bus.c b/drivers/mmc/core/sdio_bus.c
index c6268c38c69e..babf21a0adeb 100644
--- a/drivers/mmc/core/sdio_bus.c
+++ b/drivers/mmc/core/sdio_bus.c
@@ -291,7 +291,8 @@ static void sdio_release_func(struct device *dev)
{
struct sdio_func *func = dev_to_sdio_func(dev);

- sdio_free_func_cis(func);
+ if (!(func->card->quirks & MMC_QUIRK_NONSTD_SDIO))
+ sdio_free_func_cis(func);

kfree(func->info);
kfree(func->tmpbuf);
--
2.25.1