Commit cb6ae457 authored by Ard Biesheuvel's avatar Ard Biesheuvel
Browse files

efivarfs: Defer PM notifier registration until .fill_super 



syzbot reports an issue that turns out to be caused by the fact that the
efivarfs PM notifier may be invoked before the efivarfs_fs_info::sb
field is populated, resulting in a NULL deference.

So defer the registration until efivarfs_fill_super() is invoked.

Reported-by: default avatar <syzbot+00d13e505ef530a45100@syzkaller.appspotmail.com>
Tested-by: default avatar <syzbot+00d13e505ef530a45100@syzkaller.appspotmail.com>
Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
parent d6a2d02a

fs/efivarfs/super.c

+2 −1
Original line number Diff line number Diff line
@@ -367,6 +367,8 @@ static int efivarfs_fill_super(struct super_block *sb, struct fs_context *fc) 
	if (err)

		return err;



	register_pm_notifier(&sfi->pm_nb);



	return efivar_init(efivarfs_callback, sb, true);

}
@@ -552,7 +554,6 @@ static int efivarfs_init_fs_context(struct fs_context *fc) 


	sfi->pm_nb.notifier_call = efivarfs_pm_notify;

	sfi->pm_nb.priority = 0;

	register_pm_notifier(&sfi->pm_nb);



	return 0;

}