clk: mediatek: fix double free in mtk_clk_register_pllfh()

The mtk_clk_register_pll_ops() currently frees the "pll" parameter.
The function has two callers, mtk_clk_register_pll() and
mtk_clk_register_pllfh().  The first one, the _pll() function relies on
the free, but for the second _pllfh() function it causes a double free
bug.

Really the frees should be done in the caller because that's where
the allocation is.

Fixes: d7964de8a8ea ("clk: mediatek: Add new clock driver to handle FHCTL hardware")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Link: https://lore.kernel.org/r/cd7fa365-28cc-4c34-ac64-6da57c98baa6@moroto.mountain
Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com>
Signed-off-by: Stephen Boyd <sboyd@kernel.org>

diff --git a/drivers/clk/mediatek/clk-pll.c b/drivers/clk/mediatek/clk-pll.c
index a4eca5fd539c834bcc1dfea7dd8dffa69906f7bd..513ab6b1b32292258183e7386418b78a13981b29 100644 (file)
--- a/drivers/clk/mediatek/clk-pll.c
+++ b/drivers/clk/mediatek/clk-pll.c
@@ -321,10 +321,8 @@ struct clk_hw *mtk_clk_register_pll_ops(struct mtk_clk_pll *pll,
 
        ret = clk_hw_register(NULL, &pll->hw);
 
-       if (ret) {
-               kfree(pll);
+       if (ret)
                return ERR_PTR(ret);
-       }
 
        return &pll->hw;
 }
@@ -340,6 +338,8 @@ struct clk_hw *mtk_clk_register_pll(const struct mtk_pll_data *data,
                return ERR_PTR(-ENOMEM);
 
        hw = mtk_clk_register_pll_ops(pll, data, base, &mtk_pll_ops);
+       if (IS_ERR(hw))
+               kfree(pll);
 
        return hw;
 }