Hi,
I found a possible kobject reference counter leak problem in
kobject_rename(). The following patch will fix it.
Thanks,
Kenji Kaneshige
Fix possible kobject reference counter leak in kobject_rename().
If kobject_rename() failed because of name collision, we must call
kobject_put() for specified kobject before return.
Signed-off-by: Kenji Kaneshige <[email protected]>
---
lib/kobject.c | 1 +
1 file changed, 1 insertion(+)
Index: linux-2.6.27-rc4/lib/kobject.c
===================================================================
--- linux-2.6.27-rc4.orig/lib/kobject.c
+++ linux-2.6.27-rc4/lib/kobject.c
@@ -411,6 +411,7 @@ int kobject_rename(struct kobject *kobj,
"to '%s' as '%s' is already in existence.\n",
kobject_name(kobj), new_name, new_name);
kobject_put(temp_kobj);
+ kobject_put(kobj);
return -EINVAL;
}
}
On Thu, Aug 21, 2008 at 07:31:48PM +0900, Kenji Kaneshige wrote:
> Hi,
>
> I found a possible kobject reference counter leak problem in
> kobject_rename(). The following patch will fix it.
>
> Thanks,
> Kenji Kaneshige
>
>
> Fix possible kobject reference counter leak in kobject_rename().
>
> If kobject_rename() failed because of name collision, we must call
> kobject_put() for specified kobject before return.
>
> Signed-off-by: Kenji Kaneshige <[email protected]>
>
> ---
> lib/kobject.c | 1 +
> 1 file changed, 1 insertion(+)
>
> Index: linux-2.6.27-rc4/lib/kobject.c
> ===================================================================
> --- linux-2.6.27-rc4.orig/lib/kobject.c
> +++ linux-2.6.27-rc4/lib/kobject.c
> @@ -411,6 +411,7 @@ int kobject_rename(struct kobject *kobj,
> "to '%s' as '%s' is already in existence.\n",
> kobject_name(kobj), new_name, new_name);
> kobject_put(temp_kobj);
> + kobject_put(kobj);
> return -EINVAL;
> }
> }
Thanks, but this is already fixed up with a patch from Eric in my tree
in a different way.
greg k-h
Greg KH wrote:
> On Thu, Aug 21, 2008 at 07:31:48PM +0900, Kenji Kaneshige wrote:
>> Hi,
>>
>> I found a possible kobject reference counter leak problem in
>> kobject_rename(). The following patch will fix it.
>>
>> Thanks,
>> Kenji Kaneshige
>>
>>
>> Fix possible kobject reference counter leak in kobject_rename().
>>
>> If kobject_rename() failed because of name collision, we must call
>> kobject_put() for specified kobject before return.
>>
>> Signed-off-by: Kenji Kaneshige <[email protected]>
>>
>> ---
>> lib/kobject.c | 1 +
>> 1 file changed, 1 insertion(+)
>>
>> Index: linux-2.6.27-rc4/lib/kobject.c
>> ===================================================================
>> --- linux-2.6.27-rc4.orig/lib/kobject.c
>> +++ linux-2.6.27-rc4/lib/kobject.c
>> @@ -411,6 +411,7 @@ int kobject_rename(struct kobject *kobj,
>> "to '%s' as '%s' is already in existence.\n",
>> kobject_name(kobj), new_name, new_name);
>> kobject_put(temp_kobj);
>> + kobject_put(kobj);
>> return -EINVAL;
>> }
>> }
>
> Thanks, but this is already fixed up with a patch from Eric in my tree
> in a different way.
>
> greg k-h
>
>
Ah, I see. I didn't notice that. Thank you for the information.
Thanks,
Kenji Kaneshige