efi, pstore: Remove entry from list when erasing

We need to remove the entry from the EFI variable list before we erase
it from the variable store and free the associated state, otherwise it's
possible to hit the following crash,

  BUG: unable to handle kernel NULL pointer dereference at (null)
  IP: [<ffffffff8142ea0f>] __efivar_entry_iter+0xcf/0x120
  PGD 19483f067 PUD 195426067 PMD 0
  Oops: 0000 [#1] SMP
  [...]
  Call Trace:
   [<ffffffff81430ebf>] efi_pstore_erase+0xef/0x140
   [<ffffffff81003138>] ? math_error+0x288/0x2d0
   [<ffffffff811ea491>] pstore_unlink+0x41/0x60
   [<ffffffff811741ff>] vfs_unlink+0x9f/0x110
   [<ffffffff8117813b>] do_unlinkat+0x18b/0x280
   [<ffffffff8116d7e6>] ? sys_newfstatat+0x36/0x50
   [<ffffffff81178472>] sys_unlinkat+0x22/0x40
   [<ffffffff81543282>] system_call_fastpath+0x16/0x1b

Reported-by: Seiji Aguchi <seiji.aguchi@hds.com>
Tested-by: Seiji Aguchi <seiji.aguchi@hds.com>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Matthew Garrett <matthew.garrett@nebula.com>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>

diff --git a/drivers/firmware/efi/efi-pstore.c b/drivers/firmware/efi/efi-pstore.c
index 583ee8037f4deabe57f0aae6db07d8641517d00a..af45c42086e1e4c7622bcb9dd5ebb50604ab0bdc 100644 (file)
--- a/drivers/firmware/efi/efi-pstore.c
+++ b/drivers/firmware/efi/efi-pstore.c
@@ -167,6 +167,8 @@ static int efi_pstore_erase_func(struct efivar_entry *entry, void *data)
 
        /* found */
        __efivar_entry_delete(entry);
+       list_del(&entry->list);
+
        return 1;
 }