Skip to content
Snippets Groups Projects
Commit 0683154d authored by Wenwen Wang's avatar Wenwen Wang Committed by Cheng Jian
Browse files

locks: fix a memory leak bug in __break_lease()


mainline inclusion
from mainline-5.4-rc1
commit cfddf9f4
category: bugfix
bugzilla: 21612
CVE: NA

---------------------------

In __break_lease(), the file lock 'new_fl' is allocated in lease_alloc().
However, it is not deallocated in the following execution if
smp_load_acquire() fails, leading to a memory leak bug. To fix this issue,
free 'new_fl' before returning the error.

Signed-off-by: default avatarWenwen Wang <wenwen@cs.uga.edu>
Signed-off-by: default avatarJeff Layton <jlayton@kernel.org>
Signed-off-by: default avatarYu Kuai <yukuai3@huawei.com>
Reviewed-by: default avatarzhangyi (F) <yi.zhang@huawei.com>
Signed-off-by: default avatarYang Yingliang <yangyingliang@huawei.com>
Signed-off-by: default avatarCheng Jian <cj.chengjian@huawei.com>
parent edc25b11
No related branches found
No related tags found
No related merge requests found
...@@ -1459,7 +1459,7 @@ int __break_lease(struct inode *inode, unsigned int mode, unsigned int type) ...@@ -1459,7 +1459,7 @@ int __break_lease(struct inode *inode, unsigned int mode, unsigned int type)
ctx = smp_load_acquire(&inode->i_flctx); ctx = smp_load_acquire(&inode->i_flctx);
if (!ctx) { if (!ctx) {
WARN_ON_ONCE(1); WARN_ON_ONCE(1);
return error; goto free_lock;
} }
percpu_down_read_preempt_disable(&file_rwsem); percpu_down_read_preempt_disable(&file_rwsem);
...@@ -1539,6 +1539,7 @@ int __break_lease(struct inode *inode, unsigned int mode, unsigned int type) ...@@ -1539,6 +1539,7 @@ int __break_lease(struct inode *inode, unsigned int mode, unsigned int type)
spin_unlock(&ctx->flc_lock); spin_unlock(&ctx->flc_lock);
percpu_up_read_preempt_enable(&file_rwsem); percpu_up_read_preempt_enable(&file_rwsem);
locks_dispose_list(&dispose); locks_dispose_list(&dispose);
free_lock:
locks_free_lock(new_fl); locks_free_lock(new_fl);
return error; return error;
} }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment