From: Jia-Ju Bai <baijiaju1990@gmail.com>
Date: Tue, 12 Dec 2017 12:51:53 +0000 (+0800)
Subject: vme: Fix a possible sleep-in-atomic bug in vme_tsi148
X-Git-Tag: v4.16-rc1~110^2~110
X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=commitdiff_plain;h=97784615ed32c1ef33047e95d4240141258e2cf0;p=linux.git

vme: Fix a possible sleep-in-atomic bug in vme_tsi148

The driver may sleep under a spinlock.
The function call path is:
tsi148_master_write \ tsi148_master_read (acquire the spinlock)
  vme_register_error_handler
    kmalloc(GFP_KERNEL) --> may sleep

To fix it, GFP_KERNEL is replaced with GFP_ATOMIC.

This bug is found by my static analysis tool(DSAC) and checked by my code review.

Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/drivers/vme/vme.c b/drivers/vme/vme.c
index 81246221a13b..92500f6bdad1 100644
--- a/drivers/vme/vme.c
+++ b/drivers/vme/vme.c
@@ -1290,7 +1290,7 @@ struct vme_error_handler *vme_register_error_handler(
 {
 	struct vme_error_handler *handler;
 
-	handler = kmalloc(sizeof(*handler), GFP_KERNEL);
+	handler = kmalloc(sizeof(*handler), GFP_ATOMIC);
 	if (!handler)
 		return NULL;