Wind River Support Network

Description

In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]pps: fix warning in pps_register_cdev when register device fail[EOL][EOL]Similar to previous commit 2a934fdb01db ("media: v4l2-dev: fix error[EOL]handling in __video_register_device()"), the release hook should be set[EOL]before device_register(). Otherwise, when device_register() return error[EOL]and put_device() try to callback the release function, the below warning[EOL]may happen.[EOL][EOL]  ------------[ cut here ]------------[EOL]  WARNING: CPU: 1 PID: 4760 at drivers/base/core.c:2567 device_release+0x1bd/0x240 drivers/base/core.c:2567[EOL]  Modules linked in:[EOL]  CPU: 1 UID: 0 PID: 4760 Comm: syz.4.914 Not tainted 6.17.0-rc3+ #1 NONE[EOL]  RIP: 0010:device_release+0x1bd/0x240 drivers/base/core.c:2567[EOL]  Call Trace:[EOL]   <TASK>[EOL]   kobject_cleanup+0x136/0x410 lib/kobject.c:689[EOL]   kobject_release lib/kobject.c:720 [inline][EOL]   kref_put include/linux/kref.h:65 [inline][EOL]   kobject_put+0xe9/0x130 lib/kobject.c:737[EOL]   put_device+0x24/0x30 drivers/base/core.c:3797[EOL]   pps_register_cdev+0x2da/0x370 drivers/pps/pps.c:402[EOL]   pps_register_source+0x2f6/0x480 drivers/pps/kapi.c:108[EOL]   pps_tty_open+0x190/0x310 drivers/pps/clients/pps-ldisc.c:57[EOL]   tty_ldisc_open+0xa7/0x120 drivers/tty/tty_ldisc.c:432[EOL]   tty_set_ldisc+0x333/0x780 drivers/tty/tty_ldisc.c:563[EOL]   tiocsetd drivers/tty/tty_io.c:2429 [inline][EOL]   tty_ioctl+0x5d1/0x1700 drivers/tty/tty_io.c:2728[EOL]   vfs_ioctl fs/ioctl.c:51 [inline][EOL]   __do_sys_ioctl fs/ioctl.c:598 [inline][EOL]   __se_sys_ioctl fs/ioctl.c:584 [inline][EOL]   __x64_sys_ioctl+0x194/0x210 fs/ioctl.c:584[EOL]   do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline][EOL]   do_syscall_64+0x5f/0x2a0 arch/x86/entry/syscall_64.c:94[EOL]   entry_SYSCALL_64_after_hwframe+0x76/0x7e[EOL]   </TASK>[EOL][EOL]Before commit c79a39dc8d06 ("pps: Fix a use-after-free"),[EOL]pps_register_cdev() call device_create() to create pps->dev, which will[EOL]init dev->release to device_create_release(). Now the comment is outdated,[EOL]just remove it.[EOL][EOL]Thanks for the reminder from Calvin Owens, 'kfree_pps' should be removed[EOL]in pps_register_source() to avoid a double free in the failure case.