efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths

[ Upstream commit 64e135f1eaba0bbb0cdee859af3328c68d5b9789 ]

When processing mount options, efivarfs allocates efivarfs_fs_info (sfi)
early in fs_context initialization. However, sfi is associated with the
superblock and typically freed when the superblock is destroyed. If the
fs_context is released (final put) before fill_super is called—such as
on error paths or during reconfiguration—the sfi structure would leak,
as ownership never transfers to the superblock.

Implement the .free callback in efivarfs_context_ops to ensure any
allocated sfi is properly freed if the fs_context is torn down before
fill_super, preventing this memory leak.

Suggested-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Fixes: 5329aa5101f73c ("efivarfs: Add uid/gid mount options")
Signed-off-by: Breno Leitao <leitao@debian.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c
index beba15673be8d351e2c77acfc6df472ea63ab351..11ebddc57bc73a6ff27bb4c1d62cf66596624f10 100644 (file)
--- a/fs/efivarfs/super.c
+++ b/fs/efivarfs/super.c
@@ -354,10 +354,16 @@ static int efivarfs_reconfigure(struct fs_context *fc)
        return 0;
 }
 
+static void efivarfs_free(struct fs_context *fc)
+{
+       kfree(fc->s_fs_info);
+}
+
 static const struct fs_context_operations efivarfs_context_ops = {
        .get_tree       = efivarfs_get_tree,
        .parse_param    = efivarfs_parse_param,
        .reconfigure    = efivarfs_reconfigure,
+       .free           = efivarfs_free,
 };
 
 static int efivarfs_init_fs_context(struct fs_context *fc)