Re: [PATCH] ACPI: APEI: Avoid NULL pointer dereference in ghes_estatus_pool_region_free

[Bjorn Helgaas <helgaas@kernel.org>]

On Tue, Feb 03, 2026 at 10:12:32AM +0800, Jiawen Wu wrote:
> The function ghes_estatus_pool_region_free() is exported and be called
> by the PCIe AER recovery path, which unconditionally invokes it to free
> aer_capability_regs memory.
> 
> Although current AER usage assumes memory comes from the GHES pool,
> robustness requires guarding against pool unavailability. Add a NULL check
> before calling gen_pool_free() to prevent crashes when the pool is not
> initialized. This also makes the API safer for potential future use by
> non-GHES callers.

I'm not sure what you mean by "pool unavailability."  I think getting
here with ghes_estatus_pool==NULL means we have a logic error
somewhere, and I don't think we should silently hide that error.

I'm generally in favor of *not* checking so we find out if the caller
forgot to keep track of the pointer correctly.

> Fixes: e2abc47a5a1a ("ACPI: APEI: Fix AER info corruption when error status data has multiple sections")
> Signed-off-by: Jiawen Wu <jiawenwu@trustnetic.com>
> ---
>  drivers/acpi/apei/ghes.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/acpi/apei/ghes.c b/drivers/acpi/apei/ghes.c
> index 0dc767392a6c..e81c007464a9 100644
> --- a/drivers/acpi/apei/ghes.c
> +++ b/drivers/acpi/apei/ghes.c
> @@ -236,7 +236,8 @@ int ghes_estatus_pool_init(unsigned int num_ghes)
>   */
>  void ghes_estatus_pool_region_free(unsigned long addr, u32 size)
>  {
> -	gen_pool_free(ghes_estatus_pool, addr, size);
> +	if (ghes_estatus_pool)
> +		gen_pool_free(ghes_estatus_pool, addr, size);
>  }
>  EXPORT_SYMBOL_GPL(ghes_estatus_pool_region_free);
>  
> -- 
> 2.48.1
>