From: Michal Kubecek <mkubecek@suse.cz>
Date: Fri, 27 Mar 2020 23:01:03 +0000 (+0100)
Subject: ethtool: fix reference leak in ethnl_set_privflags()
X-Git-Tag: v5.15~4200^2~37^2~11
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=b51fb7711a6d0e325d0fdb299cf67c4ec4b88b4b;p=platform%2Fkernel%2Flinux-starfive.git

ethtool: fix reference leak in ethnl_set_privflags()

Andrew noticed that some handlers for *_SET commands leak a netdev
reference if required ethtool_ops callbacks do not exist. One of them is
ethnl_set_privflags(), a simple reproducer would be e.g.

  ip link add veth1 type veth peer name veth2
  ethtool --set-priv-flags veth1 foo on
  ip link del veth1

Make sure dev_put() is called when ethtool_ops check fails.

Fixes: f265d799596a ("ethtool: set device private flags with PRIVFLAGS_SET request")
Reported-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

diff --git a/net/ethtool/privflags.c b/net/ethtool/privflags.c
index e8f03b3..77447dc 100644
--- a/net/ethtool/privflags.c
+++ b/net/ethtool/privflags.c
@@ -175,9 +175,10 @@ int ethnl_set_privflags(struct sk_buff *skb, struct genl_info *info)
 		return ret;
 	dev = req_info.dev;
 	ops = dev->ethtool_ops;
+	ret = -EOPNOTSUPP;
 	if (!ops->get_priv_flags || !ops->set_priv_flags ||
 	    !ops->get_sset_count || !ops->get_strings)
-		return -EOPNOTSUPP;
+		goto out_dev;
 
 	rtnl_lock();
 	ret = ethnl_ops_begin(dev);
@@ -204,6 +205,7 @@ out_ops:
 	ethnl_ops_complete(dev);
 out_rtnl:
 	rtnl_unlock();
+out_dev:
 	dev_put(dev);
 	return ret;
 }