On 2019/5/30 19:45, Jessica Yu wrote:
> +++ YueHaibing [16/05/19 00:12 +0800]:
>> In module_add_modinfo_attrs if sysfs_create_file
>> fails, we forget to free allocated modinfo_attrs
>> and roll back the sysfs files.
>>
>> Fixes: 03e88ae1b13d ("[PATCH] fix module sysfs files reference counting")
>> Signed-off-by: YueHaibing <yuehaib...@huawei.com>
>> ---
>> kernel/module.c | 16 +++++++++++++++-
>> 1 file changed, 15 insertions(+), 1 deletion(-)
>>
>> diff --git a/kernel/module.c b/kernel/module.c
>> index 0b9aa8a..7da73c4 100644
>> --- a/kernel/module.c
>> +++ b/kernel/module.c
>> @@ -1714,15 +1714,29 @@ static int module_add_modinfo_attrs(struct module
>> *mod)
>> return -ENOMEM;
>>
>> temp_attr = mod->modinfo_attrs;
>> - for (i = 0; (attr = modinfo_attrs[i]) && !error; i++) {
>> + for (i = 0; (attr = modinfo_attrs[i]); i++) {
>> if (!attr->test || attr->test(mod)) {
>> memcpy(temp_attr, attr, sizeof(*temp_attr));
>> sysfs_attr_init(&temp_attr->attr);
>> error = sysfs_create_file(&mod->mkobj.kobj,
>> &temp_attr->attr);
>> + if (error)
>> + goto error_out;
>> ++temp_attr;
>> }
>> }
>> +
>> + return 0;
>> +
>> +error_out:
>> + for (; (attr = &mod->modinfo_attrs[i]) && i >= 0; i--) {
>
> I think we need to start at --i. If sysfs_create_file() returned
> an error at index i, we call sysfs_remove_file() starting from the
> previously successful call to sysfs_create_file(), i.e. at i - 1.
Indeed, you are right.
will fix it in v2, thanks!
>
>> + if (!attr->attr.name)
>> + break;
>> + sysfs_remove_file(&mod->mkobj.kobj, &attr->attr);
>> + if (attr->free)
>> + attr->free(mod);
>> + }
>> + kfree(mod->modinfo_attrs);
>> return error;
>> }
>>
>> --
>> 1.8.3.1
>>
>>
>
> .
>
