perf: hisi: Fix use-after-free when register pmu fails
maillist inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I8BOML CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/will/linux.git/commit/?h=for-next/perf&id=b805cafc604bfdb671fae7347a57f51154afa735 -------------------------------- When we fail to register the uncore pmu, the pmu context may not been allocated. The error handing will call cpuhp_state_remove_instance() to call uncore pmu offline callback, which migrate the pmu context. Since that's liable to lead to some kind of use-after-free. Use cpuhp_state_remove_instance_nocalls() instead of cpuhp_state_remove_instance() so that the notifiers don't execute after the PMU device has been failed to register. Fixes: a0ab25cd ("drivers/perf: hisi: Add support for HiSilicon PA PMU driver") FIxes: 3bf30882 ("drivers/perf: hisi: Add support for HiSilicon SLLC PMU driver") Signed-off-by:Junhao He <hejunhao3@huawei.com> Link: https://lore.kernel.org/r/20231024113630.13472-1-hejunhao3@huawei.com Signed-off-by:
Loading
Please sign in to comment