memrar: Address kernel oops during resource cleanup

Some delayed initialization is performed in this driver.  Make sure
resources that are used during driver clean-up (e.g. during driver's
release() function) are fully initialized before first use.  This is
particularly important for the case when the delayed initialization
isn't completed, leaving behind a partially initialized driver.

Such a scenario can occur when RAR is not available on the platform,
and the driver is release()d.

Signed-off-by: Ossama Othman <ossama.othman@intel.com>
Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

diff --git a/drivers/staging/memrar/memrar_handler.c b/drivers/staging/memrar/memrar_handler.c
index 22208cde2ca521f95ea1bbe549f1c46c90872bba..dd5d2c8d13ad7ddc5756ae777861e616a39cb389 100644 (file)
--- a/drivers/staging/memrar/memrar_handler.c
+++ b/drivers/staging/memrar/memrar_handler.c
@@ -279,15 +279,6 @@ static int memrar_init_rar_resources(int rarnum, char const *devname)
        BUG_ON(!memrar_is_valid_rar_type(rarnum));
        BUG_ON(rar->allocated);
 
-       mutex_init(&rar->lock);
-
-       /*
-        * Initialize the process table before we reach any
-        * code that exit on failure since the finalization
-        * code requires an initialized list.
-        */
-       INIT_LIST_HEAD(&rar->buffers.list);
-
        if (rar_get_address(rarnum, &low, &high) != 0)
                /* No RAR is available. */
                return -ENODEV;
@@ -941,9 +932,28 @@ static int memrar_registration_callback(unsigned long rar)
 static int __init memrar_init(void)
 {
        int err;
+       int i;
 
        printk(banner);
 
+       /*
+        * Some delayed initialization is performed in this driver.
+        * Make sure resources that are used during driver clean-up
+        * (e.g. during driver's release() function) are fully
+        * initialized before first use.  This is particularly
+        * important for the case when the delayed initialization
+        * isn't completed, leaving behind a partially initialized
+        * driver.
+        *
+        * Such a scenario can occur when RAR is not available on the
+        * platform, and the driver is release()d.
+        */
+       for (i = 0; i != ARRAY_SIZE(memrars); ++i) {
+               struct memrar_rar_info * const rar = &memrars[i];
+               mutex_init(&rar->lock);
+               INIT_LIST_HEAD(&rar->buffers.list);
+       }
+
        err = misc_register(&memrar_miscdev);
        if (err)
                return err;