Re: [patch] ib/rxe: double free on error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, Jun 18, 2016 at 11:40:21AM +0300, Dan Carpenter wrote:
> "goto err1" could probably be remained "goto free_pkey_tbl" since
> that's what it does.  This is a double free.
> 
> Fixes: 0784481b2f32 ('Add initialization for Soft RoCE driver, pools constants etc.')
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

Hi Dan,

Thank you for pointing it out.

I rewrote your patch a little bit and applied it.


From 6a320576c7304905df722afcf1b8d49242c8ae48 Mon Sep 17 00:00:00 2001
From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Date: Sat, 18 Jun 2016 11:40:21 +0300
Subject: [PATCH] IB/rxe: Simplify rxe_init_ports logic

Simplify rxe_init_ports and remove double free.

Fixes: 0784481b2f32 ('Add initialization for Soft RoCE driver, pools constants etc.')
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Signed-off-by: Leon Romanovsky <leon@xxxxxxxxxx>
---
 drivers/infiniband/hw/rxe/rxe.c | 29 ++++++-----------------------
 1 file changed, 6 insertions(+), 23 deletions(-)

diff --git a/drivers/infiniband/hw/rxe/rxe.c b/drivers/infiniband/hw/rxe/rxe.c
index 48c41e00..156a1021 100644
--- a/drivers/infiniband/hw/rxe/rxe.c
+++ b/drivers/infiniband/hw/rxe/rxe.c
@@ -165,42 +165,25 @@ static int rxe_init_port_param(struct rxe_port *port)
  */
 static int rxe_init_ports(struct rxe_dev *rxe)
 {
-	int err;
-	struct rxe_port *port;
-
-	port = &rxe->port;
+	struct rxe_port *port =  rxe->port;
 
 	rxe_init_port_param(port);
 
-	if (!port->attr.pkey_tbl_len) {
-		err = -EINVAL;
-		goto err1;
-	}
+	if (!port->attr.pkey_tbl_len || !port->attr.gid_tbl_len)
+		return -EINVAL;
 
 	port->pkey_tbl = kcalloc(port->attr.pkey_tbl_len,
 			sizeof(*port->pkey_tbl), GFP_KERNEL);
-	if (!port->pkey_tbl) {
-		err = -ENOMEM;
-		goto err1;
-	}
-
-	port->pkey_tbl[0] = 0xffff;
 
-	if (!port->attr.gid_tbl_len) {
-		kfree(port->pkey_tbl);
-		err = -EINVAL;
-		goto err1;
-	}
+	if (!port->pkey_tbl)
+		return -ENOMEM;
 
+	port->pkey_tbl[0] = 0xffff;
 	port->port_guid = rxe->ifc_ops->port_guid(rxe);
 
 	spin_lock_init(&port->port_lock);
 
 	return 0;
-
-err1:
-	kfree(port->pkey_tbl);
-	return err;
 }
 
 /* init pools of managed objects */
-- 
2.1.4

Attachment: signature.asc
Description: Digital signature

[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux