Re: [PATCH 2/8] eventfs: adding eventfs dir add functions
From: Dan Carpenter
Date: Mon Jan 23 2023 - 07:04:24 EST
Hi Ajay,
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Ajay-Kaher/eventfs-adding-eventfs-dir-add-functions/20230123-010956
patch link: https://lore.kernel.org/r/1674407228-49109-2-git-send-email-akaher%40vmware.com
patch subject: [PATCH 2/8] eventfs: adding eventfs dir add functions
config: x86_64-randconfig-m001 (https://download.01.org/0day-ci/archive/20230123/202301231023.0ix6JmVM-lkp@xxxxxxxxx/config)
compiler: gcc-11 (Debian 11.3.0-8) 11.3.0
If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@xxxxxxxxx>
| Reported-by: Dan Carpenter <error27@xxxxxxxxx>
smatch warnings:
fs/tracefs/event_inode.c:114 eventfs_add_subsystem_dir() error: dereferencing freed memory 'ef'
vim +/ef +114 fs/tracefs/event_inode.c
db5e58a9349f39 Ajay Kaher 2023-01-22 87 struct eventfs_file *eventfs_add_subsystem_dir(const char *name, struct dentry *parent)
db5e58a9349f39 Ajay Kaher 2023-01-22 88 {
db5e58a9349f39 Ajay Kaher 2023-01-22 89 struct eventfs_file *ef;
db5e58a9349f39 Ajay Kaher 2023-01-22 90 struct tracefs_inode *ti_parent;
db5e58a9349f39 Ajay Kaher 2023-01-22 91 struct eventfs_inode *ei_parent;
db5e58a9349f39 Ajay Kaher 2023-01-22 92
db5e58a9349f39 Ajay Kaher 2023-01-22 93 if (!parent)
db5e58a9349f39 Ajay Kaher 2023-01-22 94 return ERR_PTR(-EINVAL);
db5e58a9349f39 Ajay Kaher 2023-01-22 95
db5e58a9349f39 Ajay Kaher 2023-01-22 96 ti_parent = get_tracefs(parent->d_inode);
db5e58a9349f39 Ajay Kaher 2023-01-22 97 ei_parent = ti_parent->private;
db5e58a9349f39 Ajay Kaher 2023-01-22 98
db5e58a9349f39 Ajay Kaher 2023-01-22 99 ef = kzalloc(sizeof(*ef), GFP_KERNEL);
db5e58a9349f39 Ajay Kaher 2023-01-22 100 if (!ef)
db5e58a9349f39 Ajay Kaher 2023-01-22 101 return ERR_PTR(-ENOMEM);
db5e58a9349f39 Ajay Kaher 2023-01-22 102
db5e58a9349f39 Ajay Kaher 2023-01-22 103 ef->ei = kzalloc(sizeof(*ef->ei), GFP_KERNEL);
db5e58a9349f39 Ajay Kaher 2023-01-22 104 if (!ef->ei) {
db5e58a9349f39 Ajay Kaher 2023-01-22 105 kfree(ef);
db5e58a9349f39 Ajay Kaher 2023-01-22 106 return ERR_PTR(-ENOMEM);
db5e58a9349f39 Ajay Kaher 2023-01-22 107 }
db5e58a9349f39 Ajay Kaher 2023-01-22 108
db5e58a9349f39 Ajay Kaher 2023-01-22 109 INIT_LIST_HEAD(&ef->ei->e_top_files);
db5e58a9349f39 Ajay Kaher 2023-01-22 110
db5e58a9349f39 Ajay Kaher 2023-01-22 111 ef->name = kstrdup(name, GFP_KERNEL);
db5e58a9349f39 Ajay Kaher 2023-01-22 112 if (!ef->name) {
db5e58a9349f39 Ajay Kaher 2023-01-22 113 kfree(ef);
db5e58a9349f39 Ajay Kaher 2023-01-22 @114 kfree(ef->ei);
kfree(ef->ei); first to avoid a use after free.
db5e58a9349f39 Ajay Kaher 2023-01-22 115 return ERR_PTR(-ENOMEM);
db5e58a9349f39 Ajay Kaher 2023-01-22 116 }
db5e58a9349f39 Ajay Kaher 2023-01-22 117
db5e58a9349f39 Ajay Kaher 2023-01-22 118 ef->mode = S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO;
db5e58a9349f39 Ajay Kaher 2023-01-22 119 ef->iop = &eventfs_root_dir_inode_operations;
db5e58a9349f39 Ajay Kaher 2023-01-22 120 ef->fop = &eventfs_file_operations;
db5e58a9349f39 Ajay Kaher 2023-01-22 121 ef->dentry = NULL;
db5e58a9349f39 Ajay Kaher 2023-01-22 122 ef->created = false;
db5e58a9349f39 Ajay Kaher 2023-01-22 123 ef->d_parent = parent;
db5e58a9349f39 Ajay Kaher 2023-01-22 124
db5e58a9349f39 Ajay Kaher 2023-01-22 125 list_add_tail(&ef->list, &ei_parent->e_top_files);
db5e58a9349f39 Ajay Kaher 2023-01-22 126 return ef;
db5e58a9349f39 Ajay Kaher 2023-01-22 127 }
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests