lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 26 Sep 2011 08:09:13 +0200 From: Eric Dumazet <eric.dumazet@...il.com> To: Huajun Li <huajun.li.lee@...il.com> Cc: David Miller <davem@...emloft.net>, netdev <netdev@...r.kernel.org> Subject: Re: [PATCH 2/2] net: Fix potential memory leak Le samedi 24 septembre 2011 à 23:57 +0800, Huajun Li a écrit : > While preparing flow caches, once fail may cause potential memory leak , fix it. > > Signed-off-by: Huajun Li <huajun.li.lee@...il.com> > --- > net/core/flow.c | 19 ++++++++++++++++++- > 1 files changed, 18 insertions(+), 1 deletions(-) > > diff --git a/net/core/flow.c b/net/core/flow.c > index ba3e617..2dcaa03 100644 > --- a/net/core/flow.c > +++ b/net/core/flow.c > @@ -420,7 +420,7 @@ static int __init flow_cache_init(struct flow_cache *fc) > > for_each_online_cpu(i) { > if (flow_cache_cpu_prepare(fc, i)) > - return -ENOMEM; > + goto err; > } > fc->hotcpu_notifier = (struct notifier_block){ > .notifier_call = flow_cache_cpu, > @@ -433,6 +433,23 @@ static int __init flow_cache_init(struct flow_cache *fc) > add_timer(&fc->rnd_timer); > > return 0; > +err: > + if (fc->percpu) { > + free_percpu(fc->percpu); > + fc->percpu = NULL; > + } > + > + /* > + * Check each possible CPUs rather than online ones because they may be > + * offline before the notifier is registered. > + */ Please remove this comment. > + for_each_possible_cpu(i) { > + struct flow_cache_percpu *fcp = per_cpu_ptr(fc->percpu, i); > + kfree(fcp->hash_table); > + fcp->hash_table = NULL; > + } You access fc->percpu after freeing it... > + > + return -ENOMEM; > } > > static int __init flow_cache_init_global(void) Previous to 2.6.37 (commit 83b6b1f5d134), a memory allocation at this stage was panicing the box, so no worry about mem leak :) Now I wonder if a proper patch would not print a nice message in flow_cache_init_global() if flow_cache_init() returns an error, instead of silently panicing or something worse... Before submitting a new patch, could you test this case (injecting a memalloc error in flow_cache_cpu_prepare() for example. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists