From: David E. Box Date: Tue, 8 Jul 2014 02:06:24 +0000 (+0800) Subject: ACPICA: Namespace: Properly null terminate objects detached from a namespace node X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=e23d9b8297546c6ceb7e70771e4915f2a41733cd;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git ACPICA: Namespace: Properly null terminate objects detached from a namespace node Fixes a bug exposed by an ACPICA unit test around the acpi_attach_data()/acpi_detach_data() APIs where the failure to null terminate a detached object led to the creation of a circular linked list (and infinite looping) when the object is reattached. Reported in acpica bugzilla #1063 Link: https://bugs.acpica.org/show_bug.cgi?id=1063 Signed-off-by: David E. Box Signed-off-by: Bob Moore Signed-off-by: Lv Zheng Cc: 3.15+ # 3.15+ Signed-off-by: Rafael J. Wysocki --- diff --git a/drivers/acpi/acpica/nsobject.c b/drivers/acpi/acpica/nsobject.c index fe54a8c73b8c..f1ea8e56cd87 100644 --- a/drivers/acpi/acpica/nsobject.c +++ b/drivers/acpi/acpica/nsobject.c @@ -239,6 +239,17 @@ void acpi_ns_detach_object(struct acpi_namespace_node *node) } } + /* + * Detach the object from any data objects (which are still held by + * the namespace node) + */ + + if (obj_desc->common.next_object && + ((obj_desc->common.next_object)->common.type == + ACPI_TYPE_LOCAL_DATA)) { + obj_desc->common.next_object = NULL; + } + /* Reset the node type to untyped */ node->type = ACPI_TYPE_ANY;