Re: [PATCH] dmaengine: idxd: Fix memory leak in idxd_alloc()

From: Jerry Snitselaar
Date: Fri Sep 16 2022 - 12:17:05 EST


On Fri, Sep 16, 2022 at 08:49:25AM -0700, Dave Jiang wrote:
>
> On 9/16/2022 8:36 AM, Jerry Snitselaar wrote:
> > On Wed, Sep 14, 2022 at 08:08:14PM -0300, Rafael Mendonca wrote:
> > > If the IDA id allocation fails, then the allocated memory for the
> > > idxd_device struct doesn't get freed before returning NULL, which leads to
> > > a memleak.
> > >
> > > Fixes: 47c16ac27d4c ("dmaengine: idxd: fix idxd conf_dev 'struct device' lifetime")
> > > Signed-off-by: Rafael Mendonca <rafaelmendsr@xxxxxxxxx>
> > I think there needs to be a kfree(idxd) where it checks rc < 0 after the call to dev_set_name() as well, yes?
> The idxd_conf_device_release() should take care of freeing idxd with the
> put_device(). So I think we are good here.

Ah, right. Thanks.

Jerry

> >
> > Regards,
> > Jerry
> >
> > > ---
> > > drivers/dma/idxd/init.c | 4 +++-
> > > 1 file changed, 3 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/drivers/dma/idxd/init.c b/drivers/dma/idxd/init.c
> > > index aa3478257ddb..fdc97519b8fb 100644
> > > --- a/drivers/dma/idxd/init.c
> > > +++ b/drivers/dma/idxd/init.c
> > > @@ -445,8 +445,10 @@ static struct idxd_device *idxd_alloc(struct pci_dev *pdev, struct idxd_driver_d
> > > idxd->data = data;
> > > idxd_dev_set_type(&idxd->idxd_dev, idxd->data->type);
> > > idxd->id = ida_alloc(&idxd_ida, GFP_KERNEL);
> > > - if (idxd->id < 0)
> > > + if (idxd->id < 0) {
> > > + kfree(idxd);
> > > return NULL;
> > > + }
> > > device_initialize(conf_dev);
> > > conf_dev->parent = dev;
> > > --
> > > 2.34.1
> > >