This reverts commit c99f996b2ba49 ("NFC: st95hf: drop illegal kfree_skb()"). It turns out that the st95hf_in_send_cmd() is in fact the sole owner of this skb, and by not freeing it here, we not only causing a memory leak but also mess up the refcount of the socket that holds it. This will in turn lead to activated targets not being cleaned up, even after stopping userspace processes. The memory corruption that I was hunting was caused by another kfree_skb(). This will be fixed in a later commit. Signed-off-by: Daniel Mack <daniel@xxxxxxxxxx> Fixes: c99f996b2ba49 ("NFC: st95hf: drop illegal kfree_skb()") --- drivers/nfc/st95hf/core.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/nfc/st95hf/core.c b/drivers/nfc/st95hf/core.c index 36ef0e905ba3..bc1a2070f9bb 100644 --- a/drivers/nfc/st95hf/core.c +++ b/drivers/nfc/st95hf/core.c @@ -991,6 +991,8 @@ static int st95hf_in_send_cmd(struct nfc_digital_dev *ddev, goto free_skb_resp; } + kfree_skb(skb); + return rc; free_skb_resp: -- 2.17.1