Decrease reference count of chardevice during char device deletion in order to
fix a kmemleak. Add relese function for the device associated chardev and moved
ida_simple_remove into the release function.
Fixes: 2637bae (nvme: introduce generic per-namespace chardev)
Reported-by: Yi Zhang <[email protected]>
Suggested-by: Sagi Grimberg <[email protected]>
Signed-off-by: Adam Manzanares <[email protected]>
---
drivers/nvme/host/core.c | 21 ++++++++++++---------
drivers/nvme/host/multipath.c | 2 --
2 files changed, 12 insertions(+), 11 deletions(-)
diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
index f9a25c61fb8b..3bc4bb620ab7 100644
--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -3583,10 +3583,15 @@ static int __nvme_check_ids(struct nvme_subsystem *subsys,
return 0;
}
+static void nvme_cdev_rel(struct device *dev)
+{
+ ida_simple_remove(&nvme_ns_chr_minor_ida, MINOR(dev->devt));
+}
+
void nvme_cdev_del(struct cdev *cdev, struct device *cdev_device)
{
cdev_device_del(cdev, cdev_device);
- ida_simple_remove(&nvme_ns_chr_minor_ida, MINOR(cdev_device->devt));
+ put_device(cdev_device);
}
int nvme_cdev_add(struct cdev *cdev, struct device *cdev_device,
@@ -3599,14 +3604,14 @@ int nvme_cdev_add(struct cdev *cdev, struct device *cdev_device,
return minor;
cdev_device->devt = MKDEV(MAJOR(nvme_ns_chr_devt), minor);
cdev_device->class = nvme_ns_chr_class;
+ cdev_device->release = nvme_cdev_rel;
device_initialize(cdev_device);
cdev_init(cdev, fops);
cdev->owner = owner;
ret = cdev_device_add(cdev, cdev_device);
- if (ret) {
+ if (ret)
put_device(cdev_device);
- ida_simple_remove(&nvme_ns_chr_minor_ida, minor);
- }
+
return ret;
}
@@ -3638,11 +3643,9 @@ static int nvme_add_ns_cdev(struct nvme_ns *ns)
ns->ctrl->instance, ns->head->instance);
if (ret)
return ret;
- ret = nvme_cdev_add(&ns->cdev, &ns->cdev_device, &nvme_ns_chr_fops,
- ns->ctrl->ops->module);
- if (ret)
- kfree_const(ns->cdev_device.kobj.name);
- return ret;
+
+ return nvme_cdev_add(&ns->cdev, &ns->cdev_device, &nvme_ns_chr_fops,
+ ns->ctrl->ops->module);
}
static struct nvme_ns_head *nvme_alloc_ns_head(struct nvme_ctrl *ctrl,
diff --git a/drivers/nvme/host/multipath.c b/drivers/nvme/host/multipath.c
index fb96e900dd3a..bd490a7c4808 100644
--- a/drivers/nvme/host/multipath.c
+++ b/drivers/nvme/host/multipath.c
@@ -434,8 +434,6 @@ static int nvme_add_ns_head_cdev(struct nvme_ns_head *head)
return ret;
ret = nvme_cdev_add(&head->cdev, &head->cdev_device,
&nvme_ns_head_chr_fops, THIS_MODULE);
- if (ret)
- kfree_const(head->cdev_device.kobj.name);
return ret;
}
--
2.25.1
On 13.10.2021 15:04, Adam Manzanares wrote:
>Decrease reference count of chardevice during char device deletion in order to
>fix a kmemleak. Add relese function for the device associated chardev and moved
>ida_simple_remove into the release function.
>
>Fixes: 2637bae (nvme: introduce generic per-namespace chardev)
>Reported-by: Yi Zhang <[email protected]>
>Suggested-by: Sagi Grimberg <[email protected]>
>Signed-off-by: Adam Manzanares <[email protected]>
>---
> drivers/nvme/host/core.c | 21 ++++++++++++---------
> drivers/nvme/host/multipath.c | 2 --
> 2 files changed, 12 insertions(+), 11 deletions(-)
>
>diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
>index f9a25c61fb8b..3bc4bb620ab7 100644
>--- a/drivers/nvme/host/core.c
>+++ b/drivers/nvme/host/core.c
>@@ -3583,10 +3583,15 @@ static int __nvme_check_ids(struct nvme_subsystem *subsys,
> return 0;
> }
>
>+static void nvme_cdev_rel(struct device *dev)
>+{
>+ ida_simple_remove(&nvme_ns_chr_minor_ida, MINOR(dev->devt));
>+}
>+
> void nvme_cdev_del(struct cdev *cdev, struct device *cdev_device)
> {
> cdev_device_del(cdev, cdev_device);
>- ida_simple_remove(&nvme_ns_chr_minor_ida, MINOR(cdev_device->devt));
>+ put_device(cdev_device);
> }
>
> int nvme_cdev_add(struct cdev *cdev, struct device *cdev_device,
>@@ -3599,14 +3604,14 @@ int nvme_cdev_add(struct cdev *cdev, struct device *cdev_device,
> return minor;
> cdev_device->devt = MKDEV(MAJOR(nvme_ns_chr_devt), minor);
> cdev_device->class = nvme_ns_chr_class;
>+ cdev_device->release = nvme_cdev_rel;
> device_initialize(cdev_device);
> cdev_init(cdev, fops);
> cdev->owner = owner;
> ret = cdev_device_add(cdev, cdev_device);
>- if (ret) {
>+ if (ret)
> put_device(cdev_device);
>- ida_simple_remove(&nvme_ns_chr_minor_ida, minor);
>- }
>+
> return ret;
> }
>
>@@ -3638,11 +3643,9 @@ static int nvme_add_ns_cdev(struct nvme_ns *ns)
> ns->ctrl->instance, ns->head->instance);
> if (ret)
> return ret;
>- ret = nvme_cdev_add(&ns->cdev, &ns->cdev_device, &nvme_ns_chr_fops,
>- ns->ctrl->ops->module);
>- if (ret)
>- kfree_const(ns->cdev_device.kobj.name);
>- return ret;
>+
>+ return nvme_cdev_add(&ns->cdev, &ns->cdev_device, &nvme_ns_chr_fops,
>+ ns->ctrl->ops->module);
> }
>
> static struct nvme_ns_head *nvme_alloc_ns_head(struct nvme_ctrl *ctrl,
>diff --git a/drivers/nvme/host/multipath.c b/drivers/nvme/host/multipath.c
>index fb96e900dd3a..bd490a7c4808 100644
>--- a/drivers/nvme/host/multipath.c
>+++ b/drivers/nvme/host/multipath.c
>@@ -434,8 +434,6 @@ static int nvme_add_ns_head_cdev(struct nvme_ns_head *head)
> return ret;
> ret = nvme_cdev_add(&head->cdev, &head->cdev_device,
> &nvme_ns_head_chr_fops, THIS_MODULE);
>- if (ret)
>- kfree_const(head->cdev_device.kobj.name);
> return ret;
> }
>
>--
>2.25.1
Thanks for taking a look at this Adam. Looks good to me.
Reviewed-by: Javier González <[email protected]>
Verified this patch on top of 5.15.0-rc5.
Tested-by: Yi Zhang <[email protected]>
On Wed, Oct 13, 2021 at 11:04 PM Adam Manzanares
<[email protected]> wrote:
>
> Decrease reference count of chardevice during char device deletion in order to
> fix a kmemleak. Add relese function for the device associated chardev and moved
> ida_simple_remove into the release function.
>
> Fixes: 2637bae (nvme: introduce generic per-namespace chardev)
> Reported-by: Yi Zhang <[email protected]>
> Suggested-by: Sagi Grimberg <[email protected]>
> Signed-off-by: Adam Manzanares <[email protected]>
> ---
> drivers/nvme/host/core.c | 21 ++++++++++++---------
> drivers/nvme/host/multipath.c | 2 --
> 2 files changed, 12 insertions(+), 11 deletions(-)
>
> diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
> index f9a25c61fb8b..3bc4bb620ab7 100644
> --- a/drivers/nvme/host/core.c
> +++ b/drivers/nvme/host/core.c
> @@ -3583,10 +3583,15 @@ static int __nvme_check_ids(struct nvme_subsystem *subsys,
> return 0;
> }
>
> +static void nvme_cdev_rel(struct device *dev)
> +{
> + ida_simple_remove(&nvme_ns_chr_minor_ida, MINOR(dev->devt));
> +}
> +
> void nvme_cdev_del(struct cdev *cdev, struct device *cdev_device)
> {
> cdev_device_del(cdev, cdev_device);
> - ida_simple_remove(&nvme_ns_chr_minor_ida, MINOR(cdev_device->devt));
> + put_device(cdev_device);
> }
>
> int nvme_cdev_add(struct cdev *cdev, struct device *cdev_device,
> @@ -3599,14 +3604,14 @@ int nvme_cdev_add(struct cdev *cdev, struct device *cdev_device,
> return minor;
> cdev_device->devt = MKDEV(MAJOR(nvme_ns_chr_devt), minor);
> cdev_device->class = nvme_ns_chr_class;
> + cdev_device->release = nvme_cdev_rel;
> device_initialize(cdev_device);
> cdev_init(cdev, fops);
> cdev->owner = owner;
> ret = cdev_device_add(cdev, cdev_device);
> - if (ret) {
> + if (ret)
> put_device(cdev_device);
> - ida_simple_remove(&nvme_ns_chr_minor_ida, minor);
> - }
> +
> return ret;
> }
>
> @@ -3638,11 +3643,9 @@ static int nvme_add_ns_cdev(struct nvme_ns *ns)
> ns->ctrl->instance, ns->head->instance);
> if (ret)
> return ret;
> - ret = nvme_cdev_add(&ns->cdev, &ns->cdev_device, &nvme_ns_chr_fops,
> - ns->ctrl->ops->module);
> - if (ret)
> - kfree_const(ns->cdev_device.kobj.name);
> - return ret;
> +
> + return nvme_cdev_add(&ns->cdev, &ns->cdev_device, &nvme_ns_chr_fops,
> + ns->ctrl->ops->module);
> }
>
> static struct nvme_ns_head *nvme_alloc_ns_head(struct nvme_ctrl *ctrl,
> diff --git a/drivers/nvme/host/multipath.c b/drivers/nvme/host/multipath.c
> index fb96e900dd3a..bd490a7c4808 100644
> --- a/drivers/nvme/host/multipath.c
> +++ b/drivers/nvme/host/multipath.c
> @@ -434,8 +434,6 @@ static int nvme_add_ns_head_cdev(struct nvme_ns_head *head)
> return ret;
> ret = nvme_cdev_add(&head->cdev, &head->cdev_device,
> &nvme_ns_head_chr_fops, THIS_MODULE);
> - if (ret)
> - kfree_const(head->cdev_device.kobj.name);
> return ret;
> }
>
> --
> 2.25.1
>
--
Best Regards,
Yi Zhang
On Wed, Oct 13, 2021 at 03:04:19PM +0000, Adam Manzanares wrote:
> Decrease reference count of chardevice during char device deletion in order to
> fix a kmemleak. Add relese function for the device associated chardev and moved
> ida_simple_remove into the release function.
>
> Fixes: 2637bae (nvme: introduce generic per-namespace chardev)
> Reported-by: Yi Zhang <[email protected]>
> Suggested-by: Sagi Grimberg <[email protected]>
> Signed-off-by: Adam Manzanares <[email protected]>
This looks good, but the subject seems wrong. This isn't a cleanup
but a fix. I can fix up the subject when applying it.