lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170508044408.GA11400@mail.hallyn.com>
Date:   Sun, 7 May 2017 23:44:08 -0500
From:   "Serge E. Hallyn" <serge@...lyn.com>
To:     "Eric W. Biederman" <ebiederm@...ssion.com>
Cc:     kernel test robot <xiaolong.ye@...el.com>,
        LKML <linux-kernel@...r.kernel.org>,
        containers@...ts.linux-foundation.org, lkp@...org
Subject: Re: 64fa03de33: BUG:Dentry_still_in_use

>From 6a3fb632f67f8425c6e76c65dad8115f1550d2a0 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@...lyn.com>
Date: Sun, 7 May 2017 23:40:42 -0500
Subject: [PATCH 1/1] cap_inode_getsecurity: don't pin dentry (fold up)

This should fix the "Dentry_still_in_use" reported by the kernel
test robot.

Signed-off-by: Serge Hallyn <serge@...lyn.com>
---
 security/commoncap.c | 27 +++++++++++++++------------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/security/commoncap.c b/security/commoncap.c
index a1a2935..c970b71 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -406,21 +406,21 @@ int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer,
 				 &tmpbuf, size, GFP_NOFS);
 
 	if (ret < 0)
-		return ret;
+		goto out;
 
 	fs_ns = inode->i_sb->s_user_ns;
 	cap = (struct vfs_cap_data *) tmpbuf;
 	if (is_v2header(ret, cap->magic_etc)) {
 		/* If this is sizeof(vfs_cap_data) then we're ok with the
 		 * on-disk value, so return that.  */
-		if (alloc)
+		if (alloc) {
 			*buffer = tmpbuf;
-		else
-			kfree(tmpbuf);
-		return ret;
+			tmpbuf = NULL;
+		}
+		goto out;
 	} else if (!is_v3header(ret, cap->magic_etc)) {
-		kfree(tmpbuf);
-		return -EINVAL;
+		ret = -EINVAL;
+		goto out;
 	}
 
 	nscap = (struct vfs_ns_cap_data *) tmpbuf;
@@ -434,14 +434,14 @@ int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer,
 		if (alloc) {
 			*buffer = tmpbuf;
 			nscap->rootid = cpu_to_le32(mappedroot);
-		} else
-			kfree(tmpbuf);
-		return size;
+			tmpbuf = NULL;
+		}
+		goto out;
 	}
 
 	if (!rootid_owns_currentns(kroot)) {
-		kfree(tmpbuf);
-		return -EOPNOTSUPP;
+		ret = -EOPNOTSUPP;
+		goto out;
 	}
 
 	/* This comes from a parent namespace.  Return as a v2 capability */
@@ -459,6 +459,9 @@ int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer,
 			cap->magic_etc = cpu_to_le32(magic);
 		}
 	}
+
+out:
+	dput(dentry);
 	kfree(tmpbuf);
 	return size;
 }
-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ