!2961 can: raw: fix memory leak

	struct sock sk;

	int bound;

	int ifindex;

	struct net_device *dev;

	struct list_head notifier;

	int loopback;

	int recv_own_msgs;

	if (!net_eq(dev_net(dev), sock_net(sk)))

		return;

	if (ro->ifindex != dev->ifindex)

	if (ro->dev != dev)

		return;

	switch (msg) {

	case NETDEV_UNREGISTER:

		lock_sock(sk);

		/* remove current filters & unregister */

		if (ro->bound)

		if (ro->bound) {

			raw_disable_allfilters(dev_net(dev), dev, sk);

			dev_put(dev);

		}

		if (ro->count > 1)

			kfree(ro->filter);

		ro->ifindex = 0;

		ro->bound = 0;

		ro->dev = NULL;

		ro->count = 0;

		release_sock(sk);

	ro->bound            = 0;

	ro->ifindex          = 0;

	ro->dev              = NULL;

	/* set default filter to single entry dfilter */

	ro->dfilter.can_id   = 0;

	list_del(&ro->notifier);

	spin_unlock(&raw_notifier_lock);

	rtnl_lock();

	lock_sock(sk);

	/* remove current filters & unregister */

	if (ro->bound) {

		if (ro->ifindex) {

			struct net_device *dev;

			dev = dev_get_by_index(sock_net(sk), ro->ifindex);

			if (dev) {

				raw_disable_allfilters(dev_net(dev), dev, sk);

				dev_put(dev);

			}

		if (ro->dev) {

			raw_disable_allfilters(dev_net(ro->dev), ro->dev, sk);

			dev_put(ro->dev);

		} else {

			raw_disable_allfilters(sock_net(sk), NULL, sk);

		}

	ro->ifindex = 0;

	ro->bound = 0;

	ro->dev = NULL;

	ro->count = 0;

	free_percpu(ro->uniq);

	sock->sk = NULL;

	release_sock(sk);

	rtnl_unlock();

	sock_put(sk);

	return 0;

	struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;

	struct sock *sk = sock->sk;

	struct raw_sock *ro = raw_sk(sk);

	struct net_device *dev = NULL;

	int ifindex;

	int err = 0;

	int notify_enetdown = 0;

	if (addr->can_family != AF_CAN)

		return -EINVAL;

	rtnl_lock();

	lock_sock(sk);

	if (ro->bound && addr->can_ifindex == ro->ifindex)

		goto out;

	if (addr->can_ifindex) {

		struct net_device *dev;

		dev = dev_get_by_index(sock_net(sk), addr->can_ifindex);

		if (!dev) {

			err = -ENODEV;

			goto out;

		}

		if (dev->type != ARPHRD_CAN) {

			dev_put(dev);

			err = -ENODEV;

			goto out;

			goto out_put_dev;

		}

		if (!(dev->flags & IFF_UP))

			notify_enetdown = 1;

		/* filters set by default/setsockopt */

		err = raw_enable_allfilters(sock_net(sk), dev, sk);

		dev_put(dev);

		if (err)

			goto out_put_dev;

	} else {

		ifindex = 0;

	if (!err) {

		if (ro->bound) {

			/* unregister old filters */

			if (ro->ifindex) {

				struct net_device *dev;

				dev = dev_get_by_index(sock_net(sk),

						       ro->ifindex);

				if (dev) {

					raw_disable_allfilters(dev_net(dev),

							       dev, sk);

					dev_put(dev);

				}

			if (ro->dev) {

				raw_disable_allfilters(dev_net(ro->dev),

						       ro->dev, sk);

				/* drop reference to old ro->dev */

				dev_put(ro->dev);

			} else {

				raw_disable_allfilters(sock_net(sk), NULL, sk);

			}

		}

		ro->ifindex = ifindex;

		ro->bound = 1;

		/* bind() ok -> hold a reference for new ro->dev */

		ro->dev = dev;

		if (ro->dev)

			dev_hold(ro->dev);

	}

out_put_dev:

	/* remove potential reference from dev_get_by_index() */

	if (dev)

		dev_put(dev);

out:

	release_sock(sk);

	rtnl_unlock();

	if (notify_enetdown) {

		sk->sk_err = ENETDOWN;

		rtnl_lock();

		lock_sock(sk);

		if (ro->bound && ro->ifindex) {

			dev = dev_get_by_index(sock_net(sk), ro->ifindex);

			if (!dev) {

		dev = ro->dev;

		if (ro->bound && dev) {

			if (dev->reg_state != NETREG_REGISTERED) {

				if (count > 1)

					kfree(filter);

				err = -ENODEV;

		ro->count  = count;

 out_fil:

		if (dev)

			dev_put(dev);

		release_sock(sk);

		rtnl_unlock();

		rtnl_lock();

		lock_sock(sk);

		if (ro->bound && ro->ifindex) {

			dev = dev_get_by_index(sock_net(sk), ro->ifindex);

			if (!dev) {

		dev = ro->dev;

		if (ro->bound && dev) {

			if (dev->reg_state != NETREG_REGISTERED) {

				err = -ENODEV;

				goto out_err;

			}

		ro->err_mask = err_mask;

 out_err:

		if (dev)

			dev_put(dev);

		release_sock(sk);

		rtnl_unlock();