This is a note to let you know that I've just added the patch titled

blkcg: fix double free of new_blkg in blkcg_init_queue

to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...

The filename of the patch is: blkcg-fix-double-free-of-new_blkg-in-blkcg_init_queue.patch and it can be found in the queue-4.9 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.

From 9b54d816e00425c3a517514e0d677bb3cec49258 Mon Sep 17 00:00:00 2001

From: Hou Tao houtao1@huawei.com Date: Fri, 3 Feb 2017 17:19:07 +0800 Subject: blkcg: fix double free of new_blkg in blkcg_init_queue

From: Hou Tao houtao1@huawei.com

commit 9b54d816e00425c3a517514e0d677bb3cec49258 upstream.

If blkg_create fails, new_blkg passed as an argument will be freed by blkg_create, so there is no need to free it again.

Signed-off-by: Hou Tao houtao1@huawei.com Signed-off-by: Jens Axboe axboe@fb.com Cc: Guenter Roeck linux@roeck-us.net Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org

--- block/blk-cgroup.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-)

--- a/block/blk-cgroup.c +++ b/block/blk-cgroup.c @@ -1078,10 +1078,8 @@ int blkcg_init_queue(struct request_queu if (preloaded) radix_tree_preload_end();

- if (IS_ERR(blkg)) { - blkg_free(new_blkg); + if (IS_ERR(blkg)) return PTR_ERR(blkg); - }

q->root_blkg = blkg; q->root_rl.blkg = blkg;

Patches currently in stable-queue which might be from houtao1@huawei.com are

queue-4.9/blkcg-fix-double-free-of-new_blkg-in-blkcg_init_queue.patch