LinuxLists.cc - [PATCH] net: sched: Fix qdisc_rate_table refcount leak when get tcf

2021-08-29 16:00:43

Subject: [PATCH] net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed

The reference counting issue happens in one exception handling path of
cbq_change_class(). When failing to get tcf_block, the function forgets
to decrease the refcount of "rtab" increased by qdisc_put_rtab(),
causing a refcount leak.

Fix this issue by jumping to "failure" label when get tcf_block failed.

Signed-off-by: Xiyu Yang <[email protected]>
---
net/sched/sch_cbq.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/sched/sch_cbq.c b/net/sched/sch_cbq.c
index b79a7e27bb31..38a3a8394bbd 100644
--- a/net/sched/sch_cbq.c
+++ b/net/sched/sch_cbq.c
@@ -1614,7 +1614,7 @@ cbq_change_class(struct Qdisc *sch, u32 classid, u32 parentid, struct nlattr **t
err = tcf_block_get(&cl->block, &cl->filter_list, sch, extack);
if (err) {
kfree(cl);
- return err;
+ goto failure;
}

if (tca[TCA_RATE]) {
--
2.7.4

2021-08-30 18:06:58

by Jakub Kicinski

[permalink] [raw]

Subject: Re: [PATCH] net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed

On Sun, 29 Aug 2021 23:58:01 +0800 Xiyu Yang wrote:
> The reference counting issue happens in one exception handling path of
> cbq_change_class(). When failing to get tcf_block, the function forgets
> to decrease the refcount of "rtab" increased by qdisc_put_rtab(),
> causing a refcount leak.
>
> Fix this issue by jumping to "failure" label when get tcf_block failed.
>
> Signed-off-by: Xiyu Yang <[email protected]>

Fixes: 6529eaba33f0 ("net: sched: introduce tcf block infractructure")

2021-08-31 01:19:41

by Cong Wang

[permalink] [raw]

Subject: Re: [PATCH] net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed

On Mon, Aug 30, 2021 at 11:05 AM Jakub Kicinski <[email protected]> wrote:
>
> On Sun, 29 Aug 2021 23:58:01 +0800 Xiyu Yang wrote:
> > The reference counting issue happens in one exception handling path of
> > cbq_change_class(). When failing to get tcf_block, the function forgets
> > to decrease the refcount of "rtab" increased by qdisc_put_rtab(),
> > causing a refcount leak.
> >
> > Fix this issue by jumping to "failure" label when get tcf_block failed.
> >
> > Signed-off-by: Xiyu Yang <[email protected]>
>
> Fixes: 6529eaba33f0 ("net: sched: introduce tcf block infractructure")

Reviewed-by: Cong Wang <[email protected]>

Thanks.

2021-08-31 03:43:30

by patchwork-bot+netdevbpf

[permalink] [raw]

Subject: Re: [PATCH] net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed

Hello:

This patch was applied to netdev/net-next.git (refs/heads/master):

On Sun, 29 Aug 2021 23:58:01 +0800 you wrote:
> The reference counting issue happens in one exception handling path of
> cbq_change_class(). When failing to get tcf_block, the function forgets
> to decrease the refcount of "rtab" increased by qdisc_put_rtab(),
> causing a refcount leak.
>
> Fix this issue by jumping to "failure" label when get tcf_block failed.
>
> [...]

Here is the summary with links:
- net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed
https://git.kernel.org/netdev/net-next/c/c66070125837

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html