1. Patchew
  2. linux
  3. View series

[PATCH v3] i2c: fix reference leak in MP2 PCI device

Ma Ke posted 1 patch 1 month, 3 weeks ago 
drivers/i2c/busses/i2c-amd-mp2-pci.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
[PATCH v3] i2c: fix reference leak in MP2 PCI device
Posted by Ma Ke 1 month, 3 weeks ago 
In i2c_amd_probe(), amd_mp2_find_device() utilizes
driver_find_next_device() which internally calls driver_find_device()
to locate the matching device. driver_find_device() increments the
reference count of the found device by calling get_device(), but
amd_mp2_find_device() fails to call put_device() to decrement the
reference count before returning. This results in a reference count
leak of the PCI device each time i2c_amd_probe() is executed, which
may prevent the device from being properly released and cause a memory
leak.

Found by code review.

Cc: stable@vger.kernel.org
Fixes: 529766e0a011 ("i2c: Add drivers for the AMD PCIe MP2 I2C controller")
Signed-off-by: Ma Ke <make24@iscas.ac.cn>
---
Changes in v3:
- kept the temporary variable to store pci_get_drvdata() result before releasing the device reference;
Changes in v2:
- modified the missing initialization in the patch. Sorry for the omission.
---
 drivers/i2c/busses/i2c-amd-mp2-pci.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/drivers/i2c/busses/i2c-amd-mp2-pci.c b/drivers/i2c/busses/i2c-amd-mp2-pci.c
index ef7370d3dbea..60edbabc2986 100644
--- a/drivers/i2c/busses/i2c-amd-mp2-pci.c
+++ b/drivers/i2c/busses/i2c-amd-mp2-pci.c
@@ -458,13 +458,16 @@ struct amd_mp2_dev *amd_mp2_find_device(void)
 {
 	struct device *dev;
 	struct pci_dev *pci_dev;
+	struct amd_mp2_dev *mp2_dev;
 
 	dev = driver_find_next_device(&amd_mp2_pci_driver.driver, NULL);
 	if (!dev)
 		return NULL;
 
 	pci_dev = to_pci_dev(dev);
-	return (struct amd_mp2_dev *)pci_get_drvdata(pci_dev);
+	mp2_dev = (struct amd_mp2_dev *)pci_get_drvdata(pci_dev);
+	put_device(dev);
+	return mp2_dev;
 }
 EXPORT_SYMBOL_GPL(amd_mp2_find_device);
 
-- 
2.17.1
Re: [PATCH v3] i2c: fix reference leak in MP2 PCI device
Posted by Andi Shyti 1 month, 3 weeks ago 
Hi,

I'm sorry I didn't follow up on your last comment. Thanks a lot
for resending it.

...

> diff --git a/drivers/i2c/busses/i2c-amd-mp2-pci.c b/drivers/i2c/busses/i2c-amd-mp2-pci.c
> index ef7370d3dbea..60edbabc2986 100644
> --- a/drivers/i2c/busses/i2c-amd-mp2-pci.c
> +++ b/drivers/i2c/busses/i2c-amd-mp2-pci.c
> @@ -458,13 +458,16 @@ struct amd_mp2_dev *amd_mp2_find_device(void)
>  {
>  	struct device *dev;
>  	struct pci_dev *pci_dev;
> +	struct amd_mp2_dev *mp2_dev;
>  
>  	dev = driver_find_next_device(&amd_mp2_pci_driver.driver, NULL);
>  	if (!dev)
>  		return NULL;
>  
>  	pci_dev = to_pci_dev(dev);
> -	return (struct amd_mp2_dev *)pci_get_drvdata(pci_dev);
> +	mp2_dev = (struct amd_mp2_dev *)pci_get_drvdata(pci_dev);
> +	put_device(dev);
> +	return mp2_dev;

I still hold the same opinion, but, it's anyway a small change
and the difference is trivial.

Applied to i2c/i2c-host-fixes. I will include this patch in the
next week's pull request because I want to keep it a bit longer
for testing.

Thanks,
Andi

>  }
>  EXPORT_SYMBOL_GPL(amd_mp2_find_device);

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.