From: Paolo 'Blaisorblade' Giarrusso Date: Thu, 19 Jan 2006 01:42:55 +0000 (-0800) Subject: [PATCH] uml: networking - clear transport-specific structure X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=e56a78855a4f72fc658bfd21d08939dd6e09fa4c;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git [PATCH] uml: networking - clear transport-specific structure Pre-clear transport-specific private structure before passing it down. In fact, I just got a slab corruption and kernel panic on exit because kfree() was called on a pointer which probably was never allocated, BUT hadn't been set to NULL by the driver. As the code is full of such errors, I've decided for now to go the safe way (we're talking about drivers), and to do the simple thing. I'm also starting to fix drivers, and already sent a patch for the daemon transport. Signed-off-by: Paolo 'Blaisorblade' Giarrusso Cc: Jeff Dike Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/arch/um/drivers/net_kern.c b/arch/um/drivers/net_kern.c index fb1f9fb9b871..f3442ce29a21 100644 --- a/arch/um/drivers/net_kern.c +++ b/arch/um/drivers/net_kern.c @@ -317,6 +317,11 @@ static int eth_configure(int n, void *init, char *mac, return 1; } + lp = dev->priv; + /* This points to the transport private data. It's still clear, but we + * must memset it to 0 *now*. Let's help the drivers. */ + memset(lp, 0, size); + /* sysfs register */ if (!driver_registered) { platform_driver_register(¨_net_driver); @@ -358,7 +363,6 @@ static int eth_configure(int n, void *init, char *mac, free_netdev(dev); return 1; } - lp = dev->priv; /* lp.user is the first four bytes of the transport data, which * has already been initialized. This structure assignment will