net: sched: fix possible refcount leak in tc_new_tfilter()

[ Upstream commit c2e1cfefcac35e0eea229e148c8284088ce437b5 ]

tfilter_put need to be called to put the refount got by tp->ops->get to
avoid possible refcount leak when chain->tmplt_ops != NULL and
chain->tmplt_ops != tp->ops.

Fixes: 7d5509fa0d3d ("net: sched: extend proto ops with 'put' callback")
Signed-off-by: Hangyu Hua <hbh25y@gmail.com>
Reviewed-by: Vlad Buslov <vladbu@nvidia.com>
Link: https://lore.kernel.org/r/20220921092734.31700-1-hbh25y@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c
index b8ffb7e4f696c26bd518e85a5c97b6981c082d34..c410a736301bcc87f5918b2895004be8d4db0ac6 100644 (file)
--- a/net/sched/cls_api.c
+++ b/net/sched/cls_api.c
@@ -2124,6 +2124,7 @@ static int tc_new_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
        }
 
        if (chain->tmplt_ops && chain->tmplt_ops != tp->ops) {
+               tfilter_put(tp, fh);
                NL_SET_ERR_MSG(extack, "Chain template is set to a different filter kind");
                err = -EINVAL;
                goto errout;