Commit 64e135f1 authored Jul 16, 2025 by Breno Leitao Committed by Ard Biesheuvel Jul 18, 2025

efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths

When processing mount options, efivarfs allocates efivarfs_fs_info (sfi)
early in fs_context initialization. However, sfi is associated with the
superblock and typically freed when the superblock is destroyed. If the
fs_context is released (final put) before fill_super is called—such as
on error paths or during reconfiguration—the sfi structure would leak,
as ownership never transfers to the superblock.

Implement the .free callback in efivarfs_context_ops to ensure any
allocated sfi is properly freed if the fs_context is torn down before
fill_super, preventing this memory leak.

Suggested-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Fixes: 5329aa51 ("efivarfs: Add uid/gid mount options")
Signed-off-by: Breno Leitao <leitao@debian.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

parent f8b53cc9

fs/efivarfs/super.c

+6 −0

Original line number	Diff line number	Diff line
		@@ -390,10 +390,16 @@ static int efivarfs_reconfigure(struct fs_context *fc)
		return 0;
		}

		static void efivarfs_free(struct fs_context *fc)
		{
		kfree(fc->s_fs_info);
		}

		static const struct fs_context_operations efivarfs_context_ops = {
		.get_tree = efivarfs_get_tree,
		.parse_param = efivarfs_parse_param,
		.reconfigure = efivarfs_reconfigure,
		.free = efivarfs_free,
		};

		static int efivarfs_check_missing(efi_char16_t *name16, efi_guid_t vendor,