LinuxLists.cc - [PATCH 1/4] tpm: in case of error properly cleanup in tpmm_chip

2021-01-16 01:27:38

Subject: [PATCH 1/4] tpm: in case of error properly cleanup in tpmm_chip_alloc

From: Lino Sanfilippo <[email protected]>

In tpmm_chip_alloc() a resource management action handler is installed to
release the chip->dev in case of error. This will result in the chip being
freed if it was the last reference. If the installation of the handler was
not successful an error is returned to the caller.
However in this case the chip->dev reference is not put and thus the chip
is never freed. Fix this by releasing the reference "by hand" in case that
the action handler installation failed.

Signed-off-by: Lino Sanfilippo <[email protected]>
---
drivers/char/tpm/tpm-chip.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index ddaeceb..e242d2e 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip.c
@@ -423,11 +423,15 @@ struct tpm_chip *tpmm_chip_alloc(struct device *pdev,
(void (*)(void *)) put_device,
&chip->dev);
if (rc)
- return ERR_PTR(rc);
+ goto put_dev;

dev_set_drvdata(pdev, chip);

return chip;
+
+put_dev:
+ put_device(&chip->dev);
+ return ERR_PTR(rc);
}
EXPORT_SYMBOL_GPL(tpmm_chip_alloc);

--
2.7.4

2021-01-17 18:16:37

by Jarkko Sakkinen

[permalink] [raw]

Subject: Re: [PATCH 1/4] tpm: in case of error properly cleanup in tpmm_chip_alloc

On Sat, Jan 16, 2021 at 02:22:38AM +0100, Lino Sanfilippo wrote:
> From: Lino Sanfilippo <[email protected]>
>
> In tpmm_chip_alloc() a resource management action handler is installed to
> release the chip->dev in case of error. This will result in the chip being
> freed if it was the last reference. If the installation of the handler was
> not successful an error is returned to the caller.
> However in this case the chip->dev reference is not put and thus the chip
> is never freed. Fix this by releasing the reference "by hand" in case that
> the action handler installation failed.
>
> Signed-off-by: Lino Sanfilippo <[email protected]>
> ---
> drivers/char/tpm/tpm-chip.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
> index ddaeceb..e242d2e 100644
> --- a/drivers/char/tpm/tpm-chip.c
> +++ b/drivers/char/tpm/tpm-chip.c
> @@ -423,11 +423,15 @@ struct tpm_chip *tpmm_chip_alloc(struct device *pdev,
> (void (*)(void *)) put_device,
> &chip->dev);
> if (rc)
> - return ERR_PTR(rc);
> + goto put_dev;
>
> dev_set_drvdata(pdev, chip);
>
> return chip;
> +
> +put_dev:
> + put_device(&chip->dev);
> + return ERR_PTR(rc);
> }
> EXPORT_SYMBOL_GPL(tpmm_chip_alloc);
>
> --
> 2.7.4
>

NAK

[*] https://elixir.bootlin.com/linux/v5.11-rc3/source/include/linux/device.h#L257

/Jarkko