[v2,09/18] vfio/mdev: Add missing error handling to dev_set_name()

Series Make vfio_mdev type safe | expand

Jason Gunthorpe April 6, 2021, 7:40 p.m. UTC
This can fail, and seems to be a popular target for syzkaller error
injection. Check the error return and unwind with put_device().

Fixes: 7b96953bc640 ("vfio: Mediated device Core driver")
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Max Gurtovoy <mgurtovoy@nvidia.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
 drivers/vfio/mdev/mdev_core.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/vfio/mdev/mdev_core.c b/drivers/vfio/mdev/mdev_core.c
index f7559835b0610f..4caedb3d4fbf32 100644
--- a/drivers/vfio/mdev/mdev_core.c
+++ b/drivers/vfio/mdev/mdev_core.c
@@ -258,7 +258,9 @@  int mdev_device_create(struct mdev_type *type, const guid_t *uuid)
 	list_add(&mdev->next, &mdev_list);
-	dev_set_name(&mdev->dev, "%pUl", uuid);
+	ret = dev_set_name(&mdev->dev, "%pUl", uuid);
+	if (ret)
+		goto out_put_device;
 	/* Check if parent unregistration has started */
 	if (!down_read_trylock(&parent->unreg_sem)) {