In macsec_fs_rx_create_crypto_table_groups(), when memory allocation
for 'in' fails, 'ft->g' is cleared once. However, the function
returns a non-zero error which causes macsec_fs_rx_destroy to be called. 
Inside it, macsec_fs_destroy_flow_table is invoked, which attempts 
to clear 'ft->g' again, leading to a double free.

This commit fixes the issue by setting 'ft->g' to NULL immediately 
after the first clearance in macsec_fs_rx_create_crypto_table_groups() 
to prevent a double free when macsec_fs_destroy_flow_table attempts
to free it again.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Makar Semyonov <m.semenov@tssltd.ru>
---
 drivers/net/ethernet/mellanox/mlx5/core/lib/macsec_fs.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/lib/macsec_fs.c b/drivers/net/ethernet/mellanox/mlx5/core/lib/macsec_fs.c
index 4a078113e292..5e86c277f33a 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/lib/macsec_fs.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/lib/macsec_fs.c
@@ -1066,6 +1066,7 @@ static int macsec_fs_rx_create_crypto_table_groups(struct mlx5_macsec_flow_table
 	in = kvzalloc(inlen, GFP_KERNEL);
 	if (!in) {
 		kfree(ft->g);
+		ft->g = NULL;
 		return -ENOMEM;
 	}
 
-- 
2.43.0