Commit 1d1997db authored by Jakub Kicinski's avatar Jakub Kicinski

Revert "nfp: abm: fix memory leak in nfp_abm_u32_knode_replace"

This reverts commit 78beef62 ("nfp: abm: fix memory leak in
nfp_abm_u32_knode_replace").

The quoted commit does not fix anything and resulted in a bogus
CVE-2019-19076.

If match is NULL then it is known there is no matching entry in
list, hence, calling nfp_abm_u32_knode_delete() is pointless.
Signed-off-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: default avatarJohn Hurley <john.hurley@netronome.com>
parent 1f4782ae
......@@ -176,10 +176,8 @@ nfp_abm_u32_knode_replace(struct nfp_abm_link *alink,
u8 mask, val;
int err;
if (!nfp_abm_u32_check_knode(alink->abm, knode, proto, extack)) {
err = -EOPNOTSUPP;
if (!nfp_abm_u32_check_knode(alink->abm, knode, proto, extack))
goto err_delete;
}
tos_off = proto == htons(ETH_P_IP) ? 16 : 20;
......@@ -200,18 +198,14 @@ nfp_abm_u32_knode_replace(struct nfp_abm_link *alink,
if ((iter->val & cmask) == (val & cmask) &&
iter->band != knode->res->classid) {
NL_SET_ERR_MSG_MOD(extack, "conflict with already offloaded filter");
err = -EOPNOTSUPP;
goto err_delete;
}
}
if (!match) {
match = kzalloc(sizeof(*match), GFP_KERNEL);
if (!match) {
err = -ENOMEM;
goto err_delete;
}
if (!match)
return -ENOMEM;
list_add(&match->list, &alink->dscp_map);
}
match->handle = knode->handle;
......@@ -227,7 +221,7 @@ nfp_abm_u32_knode_replace(struct nfp_abm_link *alink,
err_delete:
nfp_abm_u32_knode_delete(alink, knode);
return err;
return -EOPNOTSUPP;
}
static int nfp_abm_setup_tc_block_cb(enum tc_setup_type type,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment