iflib: fix dangling device softc pointer
Commit text by Jake: If a driver's IFDI_ATTACH_PRE function fails, the iflib_device_register function will free the ctx pointer. However, it does not reset the device softc pointer to NULL. This will result in memory corruption as a future access to the now invalid pointer will corrupt memory that is later allocated on top of the same memory location. The iflib_device_deregister function correctly resets the softc pointer by using device_set_softc(). This clears up the invalid dangling pointer and prevents memory corruption that could lead to a panic or undefined behavior if the device's driver failed to attach. Signed-off-by: Jacob Keller <jacob.e.keller@intel.com> Submitted by: Jacob Keller <jacob.e.keller@intel.com> Reviewed by: erj@, gallatin@ MFC after: 1 week Sponsored by: Intel Corporation Differential Revision: https://reviews.freebsd.org/D21003
This commit is contained in:
erj
parent
b7fc72efad
commit
9bf94a5091
@ -4785,6 +4785,7 @@ fail_queues:
|
||||
fail_unlock:
|
||||
CTX_UNLOCK(ctx);
|
||||
fail_ctx_free:
|
||||
device_set_softc(ctx->ifc_dev, NULL);
|
||||
if (ctx->ifc_flags & IFC_SC_ALLOCATED)
|
||||
free(ctx->ifc_softc, M_IFLIB);
|
||||
free(ctx, M_IFLIB);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user