Received: by 2002:ac0:aed5:0:0:0:0:0 with SMTP id t21csp3935795imb; Wed, 6 Mar 2019 00:57:24 -0800 (PST) X-Google-Smtp-Source: APXvYqwWybTjRpIi59j8n9RDFynV+/gCzxaBkrq01d1KmujKgmltpND3syPqvNxbaWSr6Et5XdAv X-Received: by 2002:a62:11c6:: with SMTP id 67mr6165668pfr.68.1551862644615; Wed, 06 Mar 2019 00:57:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551862644; cv=none; d=google.com; s=arc-20160816; b=cMj3SiF0n5zmWJqgmcdMbljhiO15+BXkMI2U8h15eOnEfHyYo+NcdmNpalnXc2BvP3 A8SzCqz/GX7hPgH8nomODdEBO/N7suBHp/gLM8zBq2wiqBqx/xkw4SmzP3x9c+q/XdHG JiGt49N95BgB8o1CwAxZPWdckbRO+33edXPxctRcCCgAZoXp35+NGeq1gYAUubzc+CoN wHw2jyHKHoj/OCqwVfr2IiJdcwJLJM9OmQbVQ3tPR6JRRYzDnGU2Y7Y3CLgrpU9dXhgm 8iqNtlOJCU93OjGVs4jxdzERK9eG11XdQ6fFdSgIXTkNYiO8eO4lfG6q33KtmARcO4kl p7RA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=SFjuFKpJAnoV7JJnFxeH1by8qnn7Ju7o46cXicNmAH8=; b=jMF2CH3/I9YY4+brizBMWszVDPdhpcC6CiJ/PvhBgsWkDonMQLawGPZLvgjMwSUxa5 2jMQgVKOjZXp84B2+QEY5F7p2vA+JEUbxHeejvoZ79jCXdk1++fOp9E9GuP93bX/ZJ29 003nMiGUiy1VJL2d7hCgRsQ4IYsrvG7sQhnuR9By724d0sSsTzVIbxFRaX7ZQ5ipIb/r BLAQ0weQGS0SH05T/U0J61fXd2jwRrrKGJHb58gqCb4vpBHi2xtPcungQU3hCfk0ZSMG m4aXPYkGJXcqPHC+NzPpAggvq0EMnta4/dKw0SX6PWdZ+QXyqQnqeCJufo/8aDpFZ5B5 qC9A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=HQrwl5Qo; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t18si948607pgv.285.2019.03.06.00.57.09; Wed, 06 Mar 2019 00:57:24 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=HQrwl5Qo; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729443AbfCFIlI (ORCPT + 99 others); Wed, 6 Mar 2019 03:41:08 -0500 Received: from mail-wr1-f68.google.com ([209.85.221.68]:44108 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725747AbfCFIlI (ORCPT ); Wed, 6 Mar 2019 03:41:08 -0500 Received: by mail-wr1-f68.google.com with SMTP id w2so12365635wrt.11; Wed, 06 Mar 2019 00:41:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=SFjuFKpJAnoV7JJnFxeH1by8qnn7Ju7o46cXicNmAH8=; b=HQrwl5QodI/FRznoMcdsEvHMsMMdwuQ//2RXltbLPgySHZDWLvbS/a8Bk8PFdxS2qK mdw+13kFtdWf56K7ltUCcKf3GSsQgsbxEYgdiONJGMdUIpJGSFh175zOdPuvTuBN2I1y 9afhj+1s4RHd7ldJGsvt6m29HYcCG5/aGll0LAWojlD0Bh2kQkOwskp472du2YHkUdWq my//CB6e+MEVtr5KMnyIBk7VZuHu2cJ1MfHGu9MBp0ygYnNkBY8HRI+F8+JLrhi6vs+h 6FVVV1d9aSJ0+GKS23zgL0O/eVyPsIzKP8rSSUUyH2H+CrRBL7RIc7CMCcHL3RlDu7Tq vf0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=SFjuFKpJAnoV7JJnFxeH1by8qnn7Ju7o46cXicNmAH8=; b=HjExoFOdkfdulT30pgC930SQ997CpnUjEqMkWmd+ZDf6+sVe2YYXt/PnL09EypouqP mwJgZb7mT+j+BPLQBizuMFHL9oVHwgl/9CTmlOyqknG4Jl9r+mIq0WMnlcxhbhZAzDkq N77d9gnbjsO5XxuoUjyZ/Pk/aeUGnHmbd1cIQ9TikMqwgrXtEG/Xs0hAViOj0eGNEMUj /tJctqN21yoLxq8uUCyQ7ap8/urtuv14NALcuIHdpLm2Yr+//hEo8StMUbfYPhKYuui3 kBr9g84CgoinaPbeNtyAOWPHp9rK7a2OoM3cQSrirnmLxr8JaYcF4Jp8zTIKePS6lI5A RjGA== X-Gm-Message-State: APjAAAXXmvrVOE2wMWiHtt9GYDt8SvLYyTU6UJ9DODFTfryPET6TM29+ oJRDs5DblF97eKfatcVOD9DyNfIl7ic= X-Received: by 2002:a5d:4903:: with SMTP id x3mr2068411wrq.151.1551861665957; Wed, 06 Mar 2019 00:41:05 -0800 (PST) Received: from localhost ([51.15.41.238]) by smtp.gmail.com with ESMTPSA id v18sm1750713wrr.90.2019.03.06.00.41.04 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 06 Mar 2019 00:41:05 -0800 (PST) Date: Wed, 6 Mar 2019 08:41:04 +0000 From: Stefan Hajnoczi To: Adalbert =?utf-8?B?TGF6xINy?= Cc: Stefan Hajnoczi , "David S . Miller" , Stefano Garzarella , virtualization@lists.linux-foundation.org, kvm@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock Message-ID: <20190306084104.GA22159@stefanha-x1.localdomain> References: <20190305180145.27161-1-alazar@bitdefender.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="HcAYCG3uE/tztfnV" Content-Disposition: inline In-Reply-To: <20190305180145.27161-1-alazar@bitdefender.com> User-Agent: Mutt/1.11.3 (2019-02-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --HcAYCG3uE/tztfnV Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Mar 05, 2019 at 08:01:45PM +0200, Adalbert Laz=C4=83r wrote: Thanks for the patch, Adalbert! Please add a Signed-off-by tag so your patch can be merged (see Documentation/process/submitting-patches.rst Chapter 11 for details on the Developer's Certificate of Origin). > static int virtio_transport_reset_no_sock(struct virtio_vsock_pkt *pkt) > { > + const struct virtio_transport *t; > struct virtio_vsock_pkt_info info =3D { > .op =3D VIRTIO_VSOCK_OP_RST, > .type =3D le16_to_cpu(pkt->hdr.type), > @@ -680,7 +681,11 @@ static int virtio_transport_reset_no_sock(struct vir= tio_vsock_pkt *pkt) > if (!pkt) > return -ENOMEM; > =20 > - return virtio_transport_get_ops()->send_pkt(pkt); > + t =3D virtio_transport_get_ops(); > + if (!t) > + return -ENOTCONN; pkt is leaked here. This is an easy mistake to make because the code is unclear. The pkt argument is the received packet that we must reply to. The reply packet is allocated just before line 680 and must be free explicitly for return -ENOTCONN. You can avoid the leak and make the code easier to read like this: struct virtio_vsock_pkt *reply; ... ------ avoid reusing 'pkt' v reply =3D virtio_transport_alloc_pkt(&info, 0, ...); if (!reply) return -ENOMEM; t =3D virtio_transport_get_ops(); if (!t) { virtio_transport_free_pkt(reply); <-- prevent memory leak return -ENOTCONN; } return t->send_pkt(reply); Stefan --HcAYCG3uE/tztfnV Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJcf4efAAoJEJykq7OBq3PIkjwIAMq2n+AiAjkQ7wqlpb1kDkHv b+A8ugno/BLAsZXuNFMgSPmbh6JBJ1B5KEwKLJHOcNlgyYsfjvASDTaL+fb3sHsx Hoxv/QITZrd5dEDIyuOZFyDcxqhhnweSg/R5ehRBxmM+/beluWKg9/sbCA4CcORZ zw136cmFZr4NOTzsSPMDKCubtNNLNhKIv+mRAXKJDMAqys0jd6mQVCCbY8CeZH2F cYZRwyQW7r0sZvS//OFEZtB+crBZz+TzjibD2K82sz4pPzviJkWl30CA4NDFdOT+ jeRb05o1DqalP5HOHuCCfwnSCcdL30TaLvKJv29uBsgX4MmqyQ5QFjBmUyx6cPI= =SlL5 -----END PGP SIGNATURE----- --HcAYCG3uE/tztfnV--