LinuxLists.cc - [PATCH v5 1/3] vdpa: Fix error logic in vdpa_nl_cmd_dev_get

2022-05-10 13:24:59

Subject: [PATCH v5 1/3] vdpa: Fix error logic in vdpa_nl_cmd_dev_get_doit

In vdpa_nl_cmd_dev_get_doit(), if the call to genlmsg_reply() fails we
must not call nlmsg_free() since this is done inside genlmsg_reply().

Fix it.

Fixes: bc0d90ee021f ("vdpa: Enable user to query vdpa device info")
Acked-by: Jason Wang <[email protected]>
Signed-off-by: Eli Cohen <[email protected]>
---
drivers/vdpa/vdpa.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/drivers/vdpa/vdpa.c b/drivers/vdpa/vdpa.c
index 2b75c00b1005..fac89a0d8178 100644
--- a/drivers/vdpa/vdpa.c
+++ b/drivers/vdpa/vdpa.c
@@ -756,14 +756,19 @@ static int vdpa_nl_cmd_dev_get_doit(struct sk_buff *skb, struct genl_info *info)
goto mdev_err;
}
err = vdpa_dev_fill(vdev, msg, info->snd_portid, info->snd_seq, 0, info->extack);
- if (!err)
- err = genlmsg_reply(msg, info);
+ if (err)
+ goto mdev_err;
+
+ err = genlmsg_reply(msg, info);
+ put_device(dev);
+ mutex_unlock(&vdpa_dev_mutex);
+ return err;
+
mdev_err:
put_device(dev);
err:
mutex_unlock(&vdpa_dev_mutex);
- if (err)
- nlmsg_free(msg);
+ nlmsg_free(msg);
return err;
}

--
2.35.1

2022-05-10 19:47:36

by Si-Wei Liu

[permalink] [raw]

Subject: Re: [PATCH v5 1/3] vdpa: Fix error logic in vdpa_nl_cmd_dev_get_doit

On 5/10/2022 4:27 AM, Eli Cohen wrote:
> In vdpa_nl_cmd_dev_get_doit(), if the call to genlmsg_reply() fails we
> must not call nlmsg_free() since this is done inside genlmsg_reply().
>
> Fix it.
>
> Fixes: bc0d90ee021f ("vdpa: Enable user to query vdpa device info")
> Acked-by: Jason Wang <[email protected]>
> Signed-off-by: Eli Cohen <[email protected]>
Reviewed-by: Si-Wei Liu <[email protected]>
> ---
> drivers/vdpa/vdpa.c | 13 +++++++++----
> 1 file changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/vdpa/vdpa.c b/drivers/vdpa/vdpa.c
> index 2b75c00b1005..fac89a0d8178 100644
> --- a/drivers/vdpa/vdpa.c
> +++ b/drivers/vdpa/vdpa.c
> @@ -756,14 +756,19 @@ static int vdpa_nl_cmd_dev_get_doit(struct sk_buff *skb, struct genl_info *info)
> goto mdev_err;
> }
> err = vdpa_dev_fill(vdev, msg, info->snd_portid, info->snd_seq, 0, info->extack);
> - if (!err)
> - err = genlmsg_reply(msg, info);
> + if (err)
> + goto mdev_err;
> +
> + err = genlmsg_reply(msg, info);
> + put_device(dev);
> + mutex_unlock(&vdpa_dev_mutex);
> + return err;
> +
> mdev_err:
> put_device(dev);
> err:
> mutex_unlock(&vdpa_dev_mutex);
> - if (err)
> - nlmsg_free(msg);
> + nlmsg_free(msg);
> return err;
> }
>