vfio/mdev: Add missing error handling to dev_set_name()

This can fail, and seems to be a popular target for syzkaller error
injection. Check the error return and unwind with put_device().

Fixes: 7b96953bc640 ("vfio: Mediated device Core driver")
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Max Gurtovoy <mgurtovoy@nvidia.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
Message-Id: <9-v2-d36939638fc6+d54-vfio2_jgg@nvidia.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>

diff --git a/drivers/vfio/mdev/mdev_core.c b/drivers/vfio/mdev/mdev_core.c
index f755983..4caedb3 100644 (file)
--- a/drivers/vfio/mdev/mdev_core.c
+++ b/drivers/vfio/mdev/mdev_core.c
@@ -258,7 +258,9 @@ int mdev_device_create(struct mdev_type *type, const guid_t *uuid)
        list_add(&mdev->next, &mdev_list);
        mutex_unlock(&mdev_list_lock);
 
-       dev_set_name(&mdev->dev, "%pUl", uuid);
+       ret = dev_set_name(&mdev->dev, "%pUl", uuid);
+       if (ret)
+               goto out_put_device;
 
        /* Check if parent unregistration has started */
        if (!down_read_trylock(&parent->unreg_sem)) {