Commit 866a27a2 authored Jan 04, 2025 by Zhen Lei Committed by Yu Kuai Jan 04, 2025

scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()

stable inclusion
from stable-v6.6.64
commit 10a6fc486ac40a410f0fb84cc15161238eccd20a
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IBEGGL
CVE: CVE-2024-56747

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=10a6fc486ac40a410f0fb84cc15161238eccd20a



--------------------------------

[ Upstream commit 95bbdca4999bc59a72ebab01663d421d6ce5775d ]

Hook "qedi_ops->common->sb_init = qed_sb_init" does not release the DMA
memory sb_virt when it fails. Add dma_free_coherent() to free it. This
is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb().

Fixes: ace7f46b ("scsi: qedi: Add QLogic FastLinQ offload iSCSI driver framework.")
Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com>
Link: https://lore.kernel.org/r/20241026125711.484-3-thunder.leizhen@huawei.com


Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: ZhangPeng <zhangpeng362@huawei.com>
Signed-off-by: Yu Kuai <yukuai3@huawei.com>

parent 604e996d

drivers/scsi/qedi/qedi_main.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -369,6 +369,7 @@ static int qedi_alloc_and_init_sb(struct qedi_ctx *qedi,
		ret = qedi_ops->common->sb_init(qedi->cdev, sb_info, sb_virt, sb_phys,
		sb_id, QED_SB_TYPE_STORAGE);
		if (ret) {
		dma_free_coherent(&qedi->pdev->dev, sizeof(*sb_virt), sb_virt, sb_phys);
		QEDI_ERR(&qedi->dbg_ctx,
		"Status block initialization failed for id = %d.\n",
		sb_id);