nf_ct_put need to be called to put the refcount got by tcf_ct_fill_params
to avoid possible refcount leak when tcf_ct_flow_table_get fails.
Fixes: c34b961a2492 ("net/sched: act_ct: Create nf flow table per zone")
Signed-off-by: Hangyu Hua <[email protected]>
---
v2: use a new label to put the refcount.
net/sched/act_ct.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/net/sched/act_ct.c b/net/sched/act_ct.c
index d55afb8d14be..5950974ae8f6 100644
--- a/net/sched/act_ct.c
+++ b/net/sched/act_ct.c
@@ -1394,7 +1394,7 @@ static int tcf_ct_init(struct net *net, struct nlattr *nla,
err = tcf_ct_flow_table_get(net, params);
if (err)
- goto cleanup;
+ goto cleanup_params;
spin_lock_bh(&c->tcf_lock);
goto_ch = tcf_action_set_ctrlact(*a, parm->action, goto_ch);
@@ -1409,6 +1409,9 @@ static int tcf_ct_init(struct net *net, struct nlattr *nla,
return res;
+cleanup_params:
+ if (params->tmpl)
+ nf_ct_put(params->tmpl);
cleanup:
if (goto_ch)
tcf_chain_put_by_act(goto_ch);
--
2.34.1
Hello:
This patch was applied to netdev/net.git (master)
by Jakub Kicinski <[email protected]>:
On Fri, 23 Sep 2022 10:00:46 +0800 you wrote:
> nf_ct_put need to be called to put the refcount got by tcf_ct_fill_params
> to avoid possible refcount leak when tcf_ct_flow_table_get fails.
>
> Fixes: c34b961a2492 ("net/sched: act_ct: Create nf flow table per zone")
> Signed-off-by: Hangyu Hua <[email protected]>
> ---
>
> [...]
Here is the summary with links:
- [net,v2] net: sched: act_ct: fix possible refcount leak in tcf_ct_init()
https://git.kernel.org/netdev/net/c/6e23ec0ba92d
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
On Fri, Sep 23, 2022 at 10:00:46AM +0800, Hangyu Hua wrote:
> nf_ct_put need to be called to put the refcount got by tcf_ct_fill_params
> to avoid possible refcount leak when tcf_ct_flow_table_get fails.
>
> Fixes: c34b961a2492 ("net/sched: act_ct: Create nf flow table per zone")
> Signed-off-by: Hangyu Hua <[email protected]>
> ---
>
> v2: use a new label to put the refcount.
>
> net/sched/act_ct.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/net/sched/act_ct.c b/net/sched/act_ct.c
> index d55afb8d14be..5950974ae8f6 100644
> --- a/net/sched/act_ct.c
> +++ b/net/sched/act_ct.c
> @@ -1394,7 +1394,7 @@ static int tcf_ct_init(struct net *net, struct nlattr *nla,
>
> err = tcf_ct_flow_table_get(net, params);
> if (err)
> - goto cleanup;
> + goto cleanup_params;
>
> spin_lock_bh(&c->tcf_lock);
> goto_ch = tcf_action_set_ctrlact(*a, parm->action, goto_ch);
> @@ -1409,6 +1409,9 @@ static int tcf_ct_init(struct net *net, struct nlattr *nla,
>
> return res;
>
> +cleanup_params:
> + if (params->tmpl)
> + nf_ct_put(params->tmpl);
Nit: this NULL check is unnecessary.
Thanks.