[PATCH v2] mtd: spi-nor: fix memory leak when using debugfs_lookup()

Greg Kroah-Hartman gregkh at linuxfoundation.org
Wed Feb 8 06:50:19 PST 2023 

On Wed, Feb 08, 2023 at 03:24:31PM +0100, Michael Walle wrote:
> Am 2023-02-08 15:12, schrieb Greg Kroah-Hartman:
> > On Wed, Feb 08, 2023 at 02:36:23PM +0100, Michael Walle wrote:
> > > Am 2023-02-08 13:57, schrieb Greg Kroah-Hartman:
> > > > When calling debugfs_lookup() the result must have dput() called on it,
> > > > otherwise the memory will leak over time.
> > > >
> > > > Cc: Tudor Ambarus <tudor.ambarus at microchip.com>
> > > > Cc: Pratyush Yadav <pratyush at kernel.org>
> > > > Cc: Michael Walle <michael at walle.cc>
> > > > Cc: Miquel Raynal <miquel.raynal at bootlin.com>
> > > > Cc: Richard Weinberger <richard at nod.at>
> > > > Cc: Vignesh Raghavendra <vigneshr at ti.com>
> > > > Cc: linux-mtd at lists.infradead.org
> > > > Cc: stable <stable at kernel.org>
> > > > Signed-off-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
> > > > ---
> > > > v2: fix up to work when module is removed and added, making the fix
> > > >     much simpler.
> > > >
> > > >  drivers/mtd/spi-nor/debugfs.c | 1 +
> > > >  1 file changed, 1 insertion(+)
> > > >
> > > > diff --git a/drivers/mtd/spi-nor/debugfs.c
> > > > b/drivers/mtd/spi-nor/debugfs.c
> > > > index ff895f6758ea..af41fbc09a97 100644
> > > > --- a/drivers/mtd/spi-nor/debugfs.c
> > > > +++ b/drivers/mtd/spi-nor/debugfs.c
> > > > @@ -242,6 +242,7 @@ void spi_nor_debugfs_register(struct spi_nor *nor)
> > > >
> > > >  	d = debugfs_create_dir(dev_name(nor->dev), rootdir);
> > > >  	nor->debugfs_root = d;
> > > > +	dput(rootdir);
> > > 
> > > rootdir might either be the return value of debugfs_lookup() or
> > > debugfs_create_dir(). dput() is probably wrong for the latter,
> > > right? Also there is an early return, where the dput() is missing,
> > > too.
> > 
> > {sigh}
> > 
> > Yeah, this is all wrong, sorry.  Let me fix this up again, properly.
> > And to do it properly, let's have the module remove the directory if it
> > is unloaded, like a good module should :)
> 
> There were some complications. IIRC you'd need to do reference counting,
> to determine whether you are the last user of the rootdir. Other subsys
> create an empty rootdir in their .init(). But that was hard to do in MTD.
> Again memory is hazy.. Therefore, I resorted to create it on the fly if
> there isn't already one.
> 
> Maybe you got some better/simpler idea :)

Yup, just do it normally like other drivers, I'll send a v3 now.

thanks,

greg k-h

More information about the linux-mtd mailing list