| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 May 2017 20:47:38 +0900
From: Masami Ichikawa <masami256@...il.com>
To: "Serge E. Hallyn" <serge@...lyn.com>
Cc: "Eric W. Biederman" <ebiederm@...ssion.com>,
containers@...ts.linux-foundation.org, lkp@...org,
xiaolong.ye@...el.com, LKML <linux-kernel@...r.kernel.org>
Subject: Re: 64fa03de33: BUG:Dentry_still_in_use
On Mon, May 8, 2017 at 1:44 PM, Serge E. Hallyn <serge@...lyn.com> wrote:
> From 6a3fb632f67f8425c6e76c65dad8115f1550d2a0 Mon Sep 17 00:00:00 2001
> From: Serge Hallyn <serge@...lyn.com>
> Date: Sun, 7 May 2017 23:40:42 -0500
> Subject: [PATCH 1/1] cap_inode_getsecurity: don't pin dentry (fold up)
>
> This should fix the "Dentry_still_in_use" reported by the kernel
> test robot.
>
> Signed-off-by: Serge Hallyn <serge@...lyn.com>
> ---
> security/commoncap.c | 27 +++++++++++++++------------
> 1 file changed, 15 insertions(+), 12 deletions(-)
>
> diff --git a/security/commoncap.c b/security/commoncap.c
> index a1a2935..c970b71 100644
> --- a/security/commoncap.c
> +++ b/security/commoncap.c
> @@ -406,21 +406,21 @@ int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer,
> &tmpbuf, size, GFP_NOFS);
>
> if (ret < 0)
> - return ret;
> + goto out;
>
> fs_ns = inode->i_sb->s_user_ns;
> cap = (struct vfs_cap_data *) tmpbuf;
> if (is_v2header(ret, cap->magic_etc)) {
> /* If this is sizeof(vfs_cap_data) then we're ok with the
> * on-disk value, so return that. */
> - if (alloc)
> + if (alloc) {
> *buffer = tmpbuf;
> - else
> - kfree(tmpbuf);
> - return ret;
> + tmpbuf = NULL;
> + }
> + goto out;
> } else if (!is_v3header(ret, cap->magic_etc)) {
> - kfree(tmpbuf);
> - return -EINVAL;
> + ret = -EINVAL;
> + goto out;
> }
>
> nscap = (struct vfs_ns_cap_data *) tmpbuf;
> @@ -434,14 +434,14 @@ int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer,
> if (alloc) {
> *buffer = tmpbuf;
> nscap->rootid = cpu_to_le32(mappedroot);
> - } else
> - kfree(tmpbuf);
> - return size;
> + tmpbuf = NULL;
> + }
> + goto out;
> }
>
> if (!rootid_owns_currentns(kroot)) {
> - kfree(tmpbuf);
> - return -EOPNOTSUPP;
> + ret = -EOPNOTSUPP;
> + goto out;
> }
>
> /* This comes from a parent namespace. Return as a v2 capability */
> @@ -459,6 +459,9 @@ int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer,
> cap->magic_etc = cpu_to_le32(magic);
> }
> }
> +
> +out:
> + dput(dentry);
> kfree(tmpbuf);
> return size;
If ret is set to some error code, e.g. -EINVAL, then jump to out
label, this function should return error code, doesn't it?
> }
> --
> 2.7.4
>
> _______________________________________________
> Containers mailing list
> Containers@...ts.linux-foundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/containers
--
/**
* Masami Ichikawa
* email: masami256@...il.com
*/
Powered by blists - more mailing lists