| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 28 Apr 2021 20:28:28 +0300
From: Pavel Skripkin <paskripkin@...il.com>
To: tytso@....edu, adilger.kernel@...ger.ca
Cc: linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org,
Pavel Skripkin <paskripkin@...il.com>,
syzbot+d9e482e303930fa4f6ff@...kaller.appspotmail.com
Subject: [PATCH] ext4: fix memory leak in ext4_fill_super
syzbot reported memory leak in ext4 subsyetem.
The problem appears, when thread_stop() call happens
before wake_up_process().
Normally, this data will be freed by
created thread, but if kthread_stop()
returned -EINTR, this data should be freed manually
Reported-by: syzbot+d9e482e303930fa4f6ff@...kaller.appspotmail.com
Tested-by: syzbot+d9e482e303930fa4f6ff@...kaller.appspotmail.com
Signed-off-by: Pavel Skripkin <paskripkin@...il.com>
---
fs/ext4/super.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index b9693680463a..9c33e97bd5c5 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -5156,8 +5156,10 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
failed_mount3:
flush_work(&sbi->s_error_work);
del_timer_sync(&sbi->s_err_report);
- if (sbi->s_mmp_tsk)
- kthread_stop(sbi->s_mmp_tsk);
+ if (sbi->s_mmp_tsk) {
+ if (kthread_stop(sbi->s_mmp_tsk) == -EINTR)
+ kfree(kthread_data(sbi->s_mmp_tsk));
+ }
failed_mount2:
rcu_read_lock();
group_desc = rcu_dereference(sbi->s_group_desc);
--
2.31.1
Powered by blists - more mailing lists