Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp3309117imm; Tue, 17 Jul 2018 02:35:12 -0700 (PDT) X-Google-Smtp-Source: AAOMgpfVmxijWH3D8a5apU8SOyv+rXwNetNb7OnFt0LQ4CWtUNfOd9qyeBvs/2X4KuYvR3S3gBWS X-Received: by 2002:a17:902:8c88:: with SMTP id t8-v6mr883681plo.117.1531820112167; Tue, 17 Jul 2018 02:35:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531820112; cv=none; d=google.com; s=arc-20160816; b=bVcZiMizqofwxXCk78ri4Ox2VpkfzVA07wz4fWRlp3L7GowkPBimaqhPyLDG+G2mj8 KrKTmRzebvRlXZWOVjyhk58oxGpPtXRfv1ObcTJaq90yutpAUJfzcwuPN8wexnajk5rQ DgDVMbcVbYTZHt/jMYCiTYmrG+/3eCC5zLASeBymnkjNbz83yrrACOb/UyqQuI9iXiwy YtHmrfLRyvUQlM+B7RTq2nGun5Gh3XuzuNhFF3iazicfwSun2gu+d/CN4tj52dRygQQs BMFV9cZTOa8Hj/Jw/Zrp9hkQX9m2+hSGapcgJ9NqmGpoxMGBsRW6lfI+2xlog9aYiYwW 3mIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:subject:autocrypt:openpgp:from:references:cc:to :arc-authentication-results; bh=w1koxLXbLU7+JEUwTjSMTmppVAvf/EVC9SX+a7RxlxQ=; b=XfktZ8l+T51YyBR9d3tzhhL6Zk4maHSxkwYsS+2ggMdblJsUrcGbf39fFFvfSJPRn0 3N2F7Ri+uvocriW0HM9T4w5fBwmRuppsVWE91ySy4AP6HsCqsfbbJ0g76KEbA2h4hovr NGRNS3fMN472mjNxrR2wYCudFHKwmtnQNR5xPFUTQcEoUSyqFeSAKs89+NimKhkL7vFf c7CfdgFbRpE6gXxJ3DC5MOcCXaKLj044ru3TnIPLSTiX+HMnyJtZV5hZMvDvSmmXi4Hf I2vBw9GTtTaA48Ybqtu9gEg7Wl/gSNnRwmIx2535MoXysbx6rgjYxYm6eE+wVu2wKX+9 MB5w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 31-v6si496490plc.173.2018.07.17.02.34.57; Tue, 17 Jul 2018 02:35:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730638AbeGQKFq (ORCPT + 99 others); Tue, 17 Jul 2018 06:05:46 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:40997 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728835AbeGQKFq (ORCPT ); Tue, 17 Jul 2018 06:05:46 -0400 Received: from 1.general.cking.uk.vpn ([10.172.193.212]) by youngberry.canonical.com with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1ffMMq-0002wJ-DF; Tue, 17 Jul 2018 09:34:00 +0000 To: Dan Carpenter Cc: "J . Bruce Fields" , Jeff Layton , linux-nfs@vger.kernel.org, kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org References: <20180716120954.6720-1-colin.king@canonical.com> <20180717093005.3ggy24fskb3bxtni@mwanda> From: Colin Ian King Openpgp: preference=signencrypt Autocrypt: addr=colin.king@canonical.com; prefer-encrypt=mutual; keydata= xsFNBE6TJCgBEACo6nMNvy06zNKj5tiwDsXXS+LhT+LwtEsy9EnraKYXAf2xwazcICSjX06e fanlyhB0figzQO0n/tP7BcfMVNG7n1+DC71mSyRK1ZERcG1523ajvdZOxbBCTvTitYOy3bjs +LXKqeVMhK3mRvdTjjmVpWnWqJ1LL+Hn12ysDVVfkbtuIm2NoaSEC8Ae8LSSyCMecd22d9Pn LR4UeFgrWEkQsqROq6ZDJT9pBLGe1ZS0pVGhkRyBP9GP65oPev39SmfAx9R92SYJygCy0pPv BMWKvEZS/7bpetPNx6l2xu9UvwoeEbpzUvH26PHO3DDAv0ynJugPCoxlGPVf3zcfGQxy3oty dNTWkP6Wh3Q85m+AlifgKZudjZLrO6c+fAw/jFu1UMjNuyhgShtFU7NvEzL3RqzFf9O1qM2m uj83IeFQ1FZ65QAiCdTa3npz1vHc7N4uEQBUxyXgXfCI+A5yDnjHwzU0Y3RYS52TA3nfa08y LGPLTf5wyAREkFYou20vh5vRvPASoXx6auVf1MuxokDShVhxLpryBnlKCobs4voxN54BUO7m zuERXN8kadsxGFzItAyfKYzEiJrpUB1yhm78AecDyiPlMjl99xXk0zs9lcKriaByVUv/NsyJ FQj/kmdxox3XHi9K29kopFszm1tFiDwCFr/xumbZcMY17Yi2bQARAQABzSJDb2xpbiBLaW5n IDxjb2xpbi5raW5nQHVidW50dS5jb20+wsF3BBMBCAAhBQJPCrjvAhsDBQsJCAcDBRUKCQgL BRYCAwEAAh4BAheAAAoJEGjCh9/GqAImjVsP/iA8hDQy7LlMYepND9tKJD2haNLmsBC+yuxX BybYprtSjwvMbx6CtmtiJ4nGfdBzbZv3xOJPr/n6wxrdfGHEFn0W8Au97Xvk087P7alCwBXz y1Hk1aTlhLOGunOLv6SWRYRUAHvWEoVlxPSo2UNJ6D01d9tc7IJU08MlAl+u048S6625G5SG tfOJpFyGqaWGazMpkYdbJuY9acNAQAl1GzZPDCyLrxaBJypqmp3W+rb7m9arNRMlygevFU6e UGrR7QiVuumTGebGF9D63H9LD0E/1EhOA4QWHq1/u7CXLr9qo1YyAUtYAICs0wyRbI6wWPyi 5IyOTiWCVP3qSxV4JR8qq8JhGEwxS5fEB76r+XGxcL7qqiQmVx3bkjlT6FnnanPcD7RsMOAg NcpeftVsqignFPA3XHaDeew4t99ef+wKwiiyU7jqduvSt8amLVip5dxN1TYKqWPauIHL3E2A KIKuqsZ9ftUJ3NXClAfI3EHPMYbok6b04nZSWmBttKHr8YkVF5b4jrabMLlVoCg+DGYffyDS YDwy9FPvJWkt6nffUXciearieSlHEt3f12CPp6OOR8yFZWlISYKdD9PDzXP9kJYTEWnr7dD3 feEZK+J9N5wpCU7HvfrA5HCOMJgf8Dcfscrj9H2Qp8vbErMP7jZ6OYapCOV5MZS6W57wlG2k zsFNBE6TJCgBEADF+hz+c0qF0R58DwiM8M/PopzFu5ietBpl0jUzglaKhMZKKW7lAr4pzeE4 PgJ4ZwQd0dSkx63hRqM963Fe35iXrreglpwZxgbbGluRJpoeoGWzuUpXE6Ze0A2nICFLk79a YHsFRwnKyol9M0AyZHCvBXi1HAdj17iXerCYN/ZILD5SO0dDiQl570/1Rp3d1z0l16DuCnK+ X3I7GT8Z9B3WAr6KCRiP0Grvopjxwkj4Z191mP/auf1qpWPXEAPLVAvu5oM7dlTIxX7dYa6f wlcm1uobZvmtXeDEuHJ3TkbFgRHrZwuh50GMLguG1QjhIPXlzE7/PBQszh5zGxPj8cR81txs 6K/0GGRnIrPhCIlOoTU8L+BenxZF31uutdScHw1EAgB6AsRdwdd8a9AR+XdhHGzQel8kGyBp 4MA7508ih0L9+MBPuCrSsccjwV9+mfsTszrbZosIhVpBaeHNrUMphwFe9HbGUwQeS6tOr+py bOtNUHeiJ5aU3Npo3eZkWVGePP2O4vr8rjVQ1xZMIWA18xUaLTvVSarV7/IqjLb0uMTz6Ng7 SceqjsgxO4J35pPOCG8gy85Tmd5NKe46K1xGsNG2zzfXQ6cNkofUyQFGVbLCtdfQyWV7+dgU nOnPhrTKpFfJ5lnWpLpze0LfyW03CpWx9x4yMlwcvIFw2hLaOQARAQABwsFfBBgBCAAJBQJO kyQoAhsMAAoJEGjCh9/GqAImeJYP/jdppMeb7AZnLGVXd8rN7CLBtfMOkXCWaOUhjMRAY7dV IMiF1iPZc6SgiiMSsdG7JJhMjMuLTxA0kX2Z6P0+6dZlO4bDOKMIv4nNGhgSj9NuSKJPRiyi XKKD/wNnPXVFdBZsoHnEXGyAFGnidu4KLUJIiSm4tHJdoMk0ZaJSmwt0dtytuC1IWH8eIaVo /Ah6FxCaznRzvGNFx+9Ofcc7+aMZ15dkg9XagOuiDZ1/r6VuEw9ovnkDT4H5BAsysxo/qykX 4XQ2RQSY/P3td9WNLeXLvt1aJNRcwcIEKgZ5AO3YQbEJt1dEfCU7TAKiRpsjnC/iQiQHGt2I vNci8oZmM3EQEi7yZqD07A6dpGTnRq9OQ7fGhj0SS99yZvooH3fBIHA2LRuvhfDAgTrpbU0w LvkAIo0T2b9SoRCV8FEpHvR2b86NbTU5WN4eqZQbAbnxC7tJp6kLx2Zn2uQMvfXRfnS9R1ja etvpk3h7F+r/RAAh+EvgsPUNaiRJRRLvf9bxTQZhmNrw79eIFNsRIktniLyomJf2+WPOUECz h1lfLqe9yiuUKv+m5uAalXdayhiPbp/JHs1EDRgSq3tiirOsKrh/KMpwz/22qGMRBjFwYBhf 6ozgujmPlO5DVFtzfwOydzNlXTky7t4VU8yTGXZTJprIO+Gs72Q1e+XVIoKl3MIx Subject: Re: [PATCH] nfsd: fix memory leak of async_copy Message-ID: Date: Tue, 17 Jul 2018 10:33:59 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <20180717093005.3ggy24fskb3bxtni@mwanda> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 17/07/18 10:30, Dan Carpenter wrote: > On Mon, Jul 16, 2018 at 01:09:54PM +0100, Colin King wrote: >> From: Colin Ian King >> >> In the case where async_copy is successfully allocated but >> the call to nfs4_init_cp_state fails, async_copy is not >> currently freed and the memory is leaked. Fix this by kfree'ing >> it before returning. >> >> Detected by CoverityScan, CID#1471823 ("Resource leak") >> >> Fixes: beb1814d5a8a ("NFSD create new stateid for async copy") >> Signed-off-by: Colin Ian King >> --- >> fs/nfsd/nfs4proc.c | 4 +++- >> 1 file changed, 3 insertions(+), 1 deletion(-) >> >> diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c >> index 8f3368353aaf..3fb96a2708b9 100644 >> --- a/fs/nfsd/nfs4proc.c >> +++ b/fs/nfsd/nfs4proc.c >> @@ -1295,8 +1295,10 @@ nfsd4_copy(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, >> async_copy = kzalloc(sizeof(struct nfsd4_copy), GFP_KERNEL); >> if (!async_copy) >> goto out; >> - if (!nfs4_init_cp_state(nn, copy)) >> + if (!nfs4_init_cp_state(nn, copy)) { >> + kfree(async_copy); >> goto out; > > It really feels like both this and the kzalloc() failure should be doing > an of fput() of copy->file_src and copy->file_dst. The goto out_err > does an list_del(©->copies); but it happens before the > "list_add(&async_copy->copies ..." so that's likely wrong as well. Good observation, thanks for spotting that. I suspect I'm a bit out of my depth figuring out the exact error handling reaping steps here. Perhaps this is one for the maintainers to figure out a safe cleanup on these error paths. > > regards, > dan carpenter > > -- > To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html >