[SRU Z/Y/X] drm/virtio: don't leak bo on drm_gem_object_init failure

[Stefan Bader]

From: Gerd Hoffmann <kraxel at redhat.com>

Reported-by: 李强 <liqiang6-s at 360.cn>
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
Link: http://patchwork.freedesktop.org/patch/msgid/20170406155941.458-1-kraxel@redhat.com

CVE-2017-10810

(cherry picked from commit 385aee965b4e4c36551c362a334378d2985b722a)
Signed-off-by: Stefan Bader <stefan.bader at canonical.com>
---

Fix pending in upstream 4.4.y queue. Can be cherry-picked into Z/Y/X.
Before v4.2 the virtio gpu driver did not exist. So T is not affected.
I updated the tracker with the correct breaks SHA1.

-Stefan


 drivers/gpu/drm/virtio/virtgpu_object.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/virtio/virtgpu_object.c b/drivers/gpu/drm/virtio/virtgpu_object.c
index 1483dae..6f66b73 100644
--- a/drivers/gpu/drm/virtio/virtgpu_object.c
+++ b/drivers/gpu/drm/virtio/virtgpu_object.c
@@ -81,8 +81,10 @@ int virtio_gpu_object_create(struct virtio_gpu_device *vgdev,
 		return -ENOMEM;
 	size = roundup(size, PAGE_SIZE);
 	ret = drm_gem_object_init(vgdev->ddev, &bo->gem_base, size);
-	if (ret != 0)
+	if (ret != 0) {
+		kfree(bo);
 		return ret;
+	}
 	bo->dumb = false;
 	virtio_gpu_init_ttm_placement(bo, pinned);
 
-- 
2.7.4