1. Patchew
  2. linux
  3. View series

[PATCH] scsi: lpfc: fix potential memory leak in lpfc_read_object()

Abdun Nihaal posted 1 patch 5 days, 19 hours ago 
drivers/scsi/lpfc/lpfc_sli.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] scsi: lpfc: fix potential memory leak in lpfc_read_object()
Posted by Abdun Nihaal 5 days, 19 hours ago 
The memory allocated for sge_array inside lpfc_sli4_config() which is
attached to mbox, is not freed in one of the error path in
lpfc_read_object(). Fix that by calling lpfc_sli4_mbox_cmd_free()
instead of directly freeing the mbox.

Fixes: 72df8a452883 ("scsi: lpfc: Add support for cm enablement buffer")
Cc: stable@vger.kernel.org
Signed-off-by: Abdun Nihaal <nihaal@cse.iitm.ac.in>
---
Compile tested only. Issue found using static analysis.

 drivers/scsi/lpfc/lpfc_sli.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/scsi/lpfc/lpfc_sli.c b/drivers/scsi/lpfc/lpfc_sli.c
index d38fb374b379..fe7d9942ebd2 100644
--- a/drivers/scsi/lpfc/lpfc_sli.c
+++ b/drivers/scsi/lpfc/lpfc_sli.c
@@ -22302,7 +22302,7 @@ lpfc_read_object(struct lpfc_hba *phba, char *rdobject, uint32_t *datap,
 		pcmd->virt = lpfc_mbuf_alloc(phba, MEM_PRI, &pcmd->phys);
 	if (!pcmd || !pcmd->virt) {
 		kfree(pcmd);
-		mempool_free(mbox, phba->mbox_mem_pool);
+		lpfc_sli4_mbox_cmd_free(phba, mbox);
 		return -ENOMEM;
 	}
 	memset((void *)pcmd->virt, 0, LPFC_BPL_SIZE);
-- 
2.43.0
Re: [PATCH] scsi: lpfc: fix potential memory leak in lpfc_read_object()
Posted by Justin Tee 5 days, 7 hours ago 
Hi Abdun,

 > The memory allocated for sge_array inside lpfc_sli4_config() which is
 > attached to mbox, is not freed in one of the error path in
 > lpfc_read_object(). Fix that by calling lpfc_sli4_mbox_cmd_free()
 > instead of directly freeing the mbox.

I don’t believe this is true because in lpfc_read_object(), 
lpfc_sli4_config() is called with LPFC_SLI4_MBX_EMBED.  So, sge_array is 
not kzalloc’ed.  The code as it is today seems already correct without 
this patch.

Regards,
Justin
Re: [PATCH] scsi: lpfc: fix potential memory leak in lpfc_read_object()
Posted by Abdun Nihaal 4 days, 20 hours ago 
Hello Justin,

On Tue, May 19, 2026 at 12:52:36PM -0700, Justin Tee wrote:
> > The memory allocated for sge_array inside lpfc_sli4_config() which is
> > attached to mbox, is not freed in one of the error path in
> > lpfc_read_object(). Fix that by calling lpfc_sli4_mbox_cmd_free()
> > instead of directly freeing the mbox.
> 
> I don’t believe this is true because in lpfc_read_object(),
> lpfc_sli4_config() is called with LPFC_SLI4_MBX_EMBED.  So, sge_array is not
> kzalloc’ed.  The code as it is today seems already correct without this
> patch.

Thanks for your review. You are right. I had overlooked the conditional
and the early branch in lpfc_sli4_config(). There is no memory leak
here. Please ignore this patch.

Regards,
Nihaal

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.