projects / platform / kernel / linux-rpi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1957ac8)
vfio/mdev: Fix reference count leak in add_mdev_supported_type
authorQiushi Wu <wu000273@umn.edu>
Thu, 28 May 2020 02:01:09 +0000 (21:01 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 24 Jun 2020 15:50:36 +0000 (17:50 +0200)
[ Upstream commit aa8ba13cae3134b8ef1c1b6879f66372531da738 ]

kobject_init_and_add() takes reference even when it fails.
If this function returns an error, kobject_put() must be called to
properly clean up the memory associated with the object. Thus,
replace kfree() by kobject_put() to fix this issue. Previous
commit "b8eb718348b8" fixed a similar problem.

Fixes: 7b96953bc640 ("vfio: Mediated device Core driver")
Signed-off-by: Qiushi Wu <wu000273@umn.edu>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Kirti Wankhede <kwankhede@nvidia.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/vfio/mdev/mdev_sysfs.c patch | blob | history

diff --git a/drivers/vfio/mdev/mdev_sysfs.c b/drivers/vfio/mdev/mdev_sysfs.c
index 7570c76..f32c582 100644 (file)
--- a/drivers/vfio/mdev/mdev_sysfs.c
+++ b/drivers/vfio/mdev/mdev_sysfs.c
@@ -110,7 +110,7 @@ static struct mdev_type *add_mdev_supported_type(struct mdev_parent *parent,
                                   "%s-%s", dev_driver_string(parent->dev),
                                   group->name);
        if (ret) {
-               kfree(type);
+               kobject_put(&type->kobj);
                return ERR_PTR(ret);
        }
 
Domain: System / Kernel;