summary refs log tree commit diff
path: root/drivers/amba
diff options
context:
space:
mode:
authorWang Kefeng <wangkefeng.wang@huawei.com>2022-04-18 07:07:14 +0100
committerRussell King (Oracle) <rmk+kernel@armlinux.org.uk>2022-05-20 12:32:31 +0100
commit7719a68b2fa404fa8af6b0b7119a38c406c74858 (patch)
treeabf872555ff1a7da25232baf3bc52fbe06248e98 /drivers/amba
parent1f44de0f5e309e8699b569b49a8e89ef4e7527c7 (diff)
downloadlinux-7719a68b2fa404fa8af6b0b7119a38c406c74858.tar.gz
ARM: 9192/1: amba: fix memory leak in amba_device_try_add()
If amba_device_try_add() return error code (not EPROBE_DEFER),
memory leak occurred when amba device fails to read periphid.

unreferenced object 0xc1c60800 (size 1024):
  comm "swapper/0", pid 1, jiffies 4294937333 (age 75.200s)
  hex dump (first 32 bytes):
    40 40 db c1 04 08 c6 c1 04 08 c6 c1 00 00 00 00  @@..............
    00 d9 c1 c1 84 6f 38 c1 00 00 00 00 01 00 00 00  .....o8.........
  backtrace:
    [<(ptrval)>] kmem_cache_alloc_trace+0x168/0x2b4
    [<(ptrval)>] amba_device_alloc+0x38/0x7c
    [<(ptrval)>] of_platform_bus_create+0x2f4/0x4e8
    [<(ptrval)>] of_platform_bus_create+0x380/0x4e8
    [<(ptrval)>] of_platform_bus_create+0x380/0x4e8
    [<(ptrval)>] of_platform_bus_create+0x380/0x4e8
    [<(ptrval)>] of_platform_populate+0x70/0xc4
    [<(ptrval)>] of_platform_default_populate_init+0xb4/0xcc
    [<(ptrval)>] do_one_initcall+0x58/0x218
    [<(ptrval)>] kernel_init_freeable+0x250/0x29c
    [<(ptrval)>] kernel_init+0x24/0x148
    [<(ptrval)>] ret_from_fork+0x14/0x1c
    [<00000000>] 0x0
unreferenced object 0xc1db4040 (size 64):
  comm "swapper/0", pid 1, jiffies 4294937333 (age 75.200s)
  hex dump (first 32 bytes):
    31 63 30 66 30 30 30 30 2e 77 64 74 00 00 00 00  1c0f0000.wdt....
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<(ptrval)>] __kmalloc_track_caller+0x19c/0x2f8
    [<(ptrval)>] kvasprintf+0x60/0xcc
    [<(ptrval)>] kvasprintf_const+0x54/0x78
    [<(ptrval)>] kobject_set_name_vargs+0x34/0xa8
    [<(ptrval)>] dev_set_name+0x40/0x5c
    [<(ptrval)>] of_device_make_bus_id+0x128/0x1f8
    [<(ptrval)>] of_platform_bus_create+0x4dc/0x4e8
    [<(ptrval)>] of_platform_bus_create+0x380/0x4e8
    [<(ptrval)>] of_platform_bus_create+0x380/0x4e8
    [<(ptrval)>] of_platform_bus_create+0x380/0x4e8
    [<(ptrval)>] of_platform_populate+0x70/0xc4
    [<(ptrval)>] of_platform_default_populate_init+0xb4/0xcc
    [<(ptrval)>] do_one_initcall+0x58/0x218
    [<(ptrval)>] kernel_init_freeable+0x250/0x29c
    [<(ptrval)>] kernel_init+0x24/0x148
    [<(ptrval)>] ret_from_fork+0x14/0x1c

Fix them by adding amba_device_put() to release device name and
amba device.

Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com>
Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
Diffstat (limited to 'drivers/amba')
-rw-r--r--drivers/amba/bus.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/drivers/amba/bus.c b/drivers/amba/bus.c
index 0073d8ba0353..7e775ba6fdd9 100644
--- a/drivers/amba/bus.c
+++ b/drivers/amba/bus.c
@@ -478,8 +478,14 @@ static int amba_device_try_add(struct amba_device *dev, struct resource *parent)
 		goto skip_probe;
 
 	ret = amba_read_periphid(dev);
-	if (ret)
+	if (ret) {
+		if (ret != -EPROBE_DEFER) {
+			amba_device_put(dev);
+			goto err_out;
+		}
 		goto err_release;
+	}
+
 skip_probe:
 	ret = device_add(&dev->dev);
 err_release:
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-21 11:51:52 +0000