Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2373176imm; Sun, 5 Aug 2018 02:49:03 -0700 (PDT) X-Google-Smtp-Source: AAOMgpf0POo3A+BcGEMHcICMRK29OMc7cg6H5UIpLgqCJP1KPC0iwRKg3S55oukSnbwKyPTWegZz X-Received: by 2002:a62:455b:: with SMTP id s88-v6mr12301894pfa.203.1533462543206; Sun, 05 Aug 2018 02:49:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1533462543; cv=none; d=google.com; s=arc-20160816; b=CCqmwGSbugY5n01bo6NE4zJqeknlhRanK2el3cyHWKmnjXmahmdC1MaDYYwmo4BlBQ aXTA5CFDxJIQFRUqTTtnwlefsof71k3LV28HG5KmS9Wk6DTDGclOmJvjoUyru3SqBB5M Lm+I8ThYZdgWYHDc2dYO5tYLPYy+9SSYjp3sr2uwUJINXymzXndiRKXoLTKM+EyZCXDQ vELIOFlqKjxLhgk3hyYEptZ2IILY66ig3h6JyhqXFeSLmhHVv5pDvQpVjxaJuezt+aE5 V2ClwNkcRGZUUVlVG/Az4p31gwzgFvhTbNUbj/VubV6k1pV8eVdxtRGurrKoGz/AdeZk E40w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:subject:cc :to:from:arc-authentication-results; bh=5UV72aDPAoSofQ544J1jdCR+no1jOBx0gLCs8cMlFmI=; b=g0eESFDI1uL+dF9US1O9+GPZ7sFaAws6IyWxyaHkBiRmstj8jsGYD+9OGLowQjE5Y5 FmO/aBVG/dVR6CR1WFvMqR1hod0gyeraGeI0UXqY/DENeTPxYrC76bmwZswtEMF2WllN NCi8v/VucfA2EKj12xd9AuLOFuva2tyc3GlU6JiUPvcHLLiLi+O2S6AZoCnWt+FJuR/b 8nkbIQoyRc6Bu+Uz79JFy8QCwJOGjgC+dCZFNK4S1P0gOoKq+n0Ym6Hj1sJbW1WAL+ZD GSsAi9mEoinIx55QgJTkmbWh5h+ulqXA5eiM1zlKMP7qjUwk7g4x9A40ZJPrr+ceEPk0 iSMA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j3-v6si8659759pgs.329.2018.08.05.02.48.48; Sun, 05 Aug 2018 02:49:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726181AbeHELwA (ORCPT + 99 others); Sun, 5 Aug 2018 07:52:00 -0400 Received: from szxga07-in.huawei.com ([45.249.212.35]:56812 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726081AbeHELwA (ORCPT ); Sun, 5 Aug 2018 07:52:00 -0400 Received: from DGGEMS409-HUB.china.huawei.com (unknown [172.30.72.59]) by Forcepoint Email with ESMTP id DCF4D72CE2689; Sun, 5 Aug 2018 17:47:54 +0800 (CST) Received: from linux-work.huawei.com (10.67.189.174) by DGGEMS409-HUB.china.huawei.com (10.3.19.209) with Microsoft SMTP Server id 14.3.399.0; Sun, 5 Aug 2018 17:47:46 +0800 From: nixiaoming To: , , , , , CC: , , Subject: [PATCH] selinuxfs: Fix the resource leak in the failed branch of sel_make_inode Date: Sun, 5 Aug 2018 17:10:36 +0800 Message-ID: <20180805091036.30035-1-nixiaoming@huawei.com> X-Mailer: git-send-email 2.10.1 MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.67.189.174] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If the resource requested by d_alloc_name is not added to the linked list through d_add, then dput needs to be called to release the subsequent abnormal branch to avoid resource leakage. Add missing dput to selinuxfs.c Signed-off-by: nixiaoming --- security/selinux/selinuxfs.c | 33 +++++++++++++++++++++++++-------- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 79d3709..0b66d728 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -1365,13 +1365,18 @@ static int sel_make_bools(struct selinux_fs_info *fsi) ret = -ENOMEM; inode = sel_make_inode(dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR); - if (!inode) + if (!inode) { + dput(dentry); goto out; + } ret = -ENAMETOOLONG; len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]); - if (len >= PAGE_SIZE) + if (len >= PAGE_SIZE) { + dput(dentry); + iput(inode); goto out; + } isec = (struct inode_security_struct *)inode->i_security; ret = security_genfs_sid(fsi->state, "selinuxfs", page, @@ -1586,8 +1591,10 @@ static int sel_make_avc_files(struct dentry *dir) return -ENOMEM; inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); - if (!inode) + if (!inode) { + dput(dentry); return -ENOMEM; + } inode->i_fop = files[i].ops; inode->i_ino = ++fsi->last_ino; @@ -1632,8 +1639,10 @@ static int sel_make_initcon_files(struct dentry *dir) return -ENOMEM; inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); - if (!inode) + if (!inode) { + dput(dentry); return -ENOMEM; + } inode->i_fop = &sel_initcon_ops; inode->i_ino = i|SEL_INITCON_INO_OFFSET; @@ -1733,8 +1742,10 @@ static int sel_make_perm_files(char *objclass, int classvalue, rc = -ENOMEM; inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); - if (!inode) + if (!inode) { + dput(dentry); goto out; + } inode->i_fop = &sel_perm_ops; /* i+1 since perm values are 1-indexed */ @@ -1763,8 +1774,10 @@ static int sel_make_class_dir_entries(char *classname, int index, return -ENOMEM; inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); - if (!inode) + if (!inode) { + dput(dentry); return -ENOMEM; + } inode->i_fop = &sel_class_ops; inode->i_ino = sel_class_to_ino(index); @@ -1838,8 +1851,10 @@ static int sel_make_policycap(struct selinux_fs_info *fsi) return -ENOMEM; inode = sel_make_inode(fsi->sb, S_IFREG | 0444); - if (inode == NULL) + if (inode == NULL) { + dput(dentry); return -ENOMEM; + } inode->i_fop = &sel_policycap_ops; inode->i_ino = iter | SEL_POLICYCAP_INO_OFFSET; @@ -1932,8 +1947,10 @@ static int sel_fill_super(struct super_block *sb, void *data, int silent) ret = -ENOMEM; inode = sel_make_inode(sb, S_IFCHR | S_IRUGO | S_IWUGO); - if (!inode) + if (!inode) { + dput(dentry); goto err; + } inode->i_ino = ++fsi->last_ino; isec = (struct inode_security_struct *)inode->i_security; -- 2.10.1