[Linux-cachefs] [PATCH 3/3] cachefiles: properly clean up object when buffer allocation fails

[Jeff Layton]

When cachefiles allocates objects it will do some initialization of
them, but if that initialization fails, it will just free the objects
without doing proper cleanup. At the very least, this can lead to a
cookie refcount leak.

Change the kmem_cache_free calls to properly put the objects instead.

Signed-off-by: Jeff Layton <jlayton at kernel.org>
---
 fs/cachefiles/bind.c      | 3 ++-
 fs/cachefiles/interface.c | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/fs/cachefiles/bind.c b/fs/cachefiles/bind.c
index dfb14dbddf51..22419bdf239e 100644
--- a/fs/cachefiles/bind.c
+++ b/fs/cachefiles/bind.c
@@ -242,7 +242,8 @@ static int cachefiles_daemon_add_cache(struct cachefiles_cache *cache)
 	fsdef->dentry = NULL;
 	dput(root);
 error_open_root:
-	kmem_cache_free(cachefiles_object_jar, fsdef);
+	cachefiles_cache_ops.put_object(&fsdef->fscache,
+					fscache_obj_put_alloc_fail);
 error_root_object:
 	cachefiles_end_secure(cache, saved_cred);
 	pr_err("Failed to register: %d\n", ret);
diff --git a/fs/cachefiles/interface.c b/fs/cachefiles/interface.c
index 4cea5fbf695e..955f1324b408 100644
--- a/fs/cachefiles/interface.c
+++ b/fs/cachefiles/interface.c
@@ -103,8 +103,8 @@ static struct fscache_object *cachefiles_alloc_object(
 	kfree(buffer);
 nomem_buffer:
 	BUG_ON(test_bit(CACHEFILES_OBJECT_ACTIVE, &object->flags));
-	kmem_cache_free(cachefiles_object_jar, object);
-	fscache_object_destroyed(&cache->cache);
+	cachefiles_cache_ops.put_object(&object->fscache,
+					fscache_obj_put_alloc_fail);
 nomem_object:
 	kfree(lookup_data);
 nomem_lookup_data:
-- 
2.21.0