efivarfs: revert "fix memory leak in efivarfs_create()"

ardbiesheuvel · ardbiesheuvel · commit ff04f3b6f2e2 · 2020-11-25T16:55:02.000+01:00
The memory leak addressed by commit fe5186c is a false positive: all allocations are recorded in a linked list, and freed when the filesystem is unmounted. This leads to double frees, and as reported by David, leads to crashes if SLUB is configured to self destruct when double frees occur. So drop the redundant kfree() again, and instead, mark the offending pointer variable so the allocation is ignored by kmemleak. Cc: Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@gmail.com> Fixes: fe5186c ("efivarfs: fix memory leak in efivarfs_create()") Reported-by: David Laight <David.Laight@aculab.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
diff --git a/fs/efivarfs/inode.c b/fs/efivarfs/inode.c
@@ -7,6 +7,7 @@
 #include <linux/efi.h>
 #include <linux/fs.h>
 #include <linux/ctype.h>
+#include <linux/kmemleak.h>
 #include <linux/slab.h>
 #include <linux/uuid.h>
 
@@ -103,6 +104,7 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry,
 	var->var.VariableName[i] = '\0';
 
 	inode->i_private = var;
+	kmemleak_ignore(var);
 
 	err = efivar_entry_add(var, &efivarfs_list);
 	if (err)
diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c
@@ -21,7 +21,6 @@ LIST_HEAD(efivarfs_list);
 static void efivarfs_evict_inode(struct inode *inode)
 {
 	clear_inode(inode);
-	kfree(inode->i_private);
 }
 
 static const struct super_operations efivarfs_ops = {

Original file line number	Diff line number	Diff line change
`@@ -21,7 +21,6 @@ LIST_HEAD(efivarfs_list);`
`21`	`21`	`static void efivarfs_evict_inode(struct inode *inode)`
`22`	`22`	`{`
`23`	`23`	`clear_inode(inode);`
`24`		`- kfree(inode->i_private);`
`25`	`24`	`}`
`26`	`25`
`27`	`26`	`static const struct super_operations efivarfs_ops = {`