diff options
| author | Lukas Wunner <lukas@wunner.de> | 2018-07-20 01:27:31 +0300 |
|---|---|---|
| committer | Bjorn Helgaas <helgaas@kernel.org> | 2018-07-24 01:04:10 +0300 |
| commit | 4ce6435820d1f1cc2c2788e232735eb244bcc8a3 (patch) | |
| tree | 08cda7c0bcb14770f11dc13f017e1320ea0a59a2 /drivers/pci/hotplug | |
| parent | b4efce5c4715ae9b82e5314d7324a412f06a6a5a (diff) | |
| download | linux-4ce6435820d1f1cc2c2788e232735eb244bcc8a3.tar.xz | |
PCI: hotplug: Don't leak pci_slot on registration failure
If addition of sysfs files fails on registration of a hotplug slot, the
struct pci_slot as well as the entry in the slot_list is leaked. The
issue has been present since the hotplug core was introduced in 2002:
https://git.kernel.org/tglx/history/c/a8a2069f432c
Perhaps the idea was that even though sysfs addition fails, the slot
should still be usable. But that's not how drivers use the interface,
they abort probe if a non-zero value is returned.
Signed-off-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Cc: stable@vger.kernel.org # v2.4.15+
Cc: Greg Kroah-Hartman <greg@kroah.com>
Diffstat (limited to 'drivers/pci/hotplug')
| -rw-r--r-- | drivers/pci/hotplug/pci_hotplug_core.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/drivers/pci/hotplug/pci_hotplug_core.c b/drivers/pci/hotplug/pci_hotplug_core.c index af92fed46ab7..fd93783a87b0 100644 --- a/drivers/pci/hotplug/pci_hotplug_core.c +++ b/drivers/pci/hotplug/pci_hotplug_core.c @@ -438,8 +438,17 @@ int __pci_hp_register(struct hotplug_slot *slot, struct pci_bus *bus, list_add(&slot->slot_list, &pci_hotplug_slot_list); result = fs_add_slot(pci_slot); + if (result) + goto err_list_del; + kobject_uevent(&pci_slot->kobj, KOBJ_ADD); dbg("Added slot %s to the list\n", name); + goto out; + +err_list_del: + list_del(&slot->slot_list); + pci_slot->hotplug = NULL; + pci_destroy_slot(pci_slot); out: mutex_unlock(&pci_hp_mutex); return result; |