From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753873AbcLKUft (ORCPT <rfc822;w@1wt.eu>);
        Sun, 11 Dec 2016 15:35:49 -0500
Received: from mail.linuxfoundation.org ([140.211.169.12]:39276 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753553AbcLKUfs (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 11 Dec 2016 15:35:48 -0500
Date: Sun, 11 Dec 2016 19:48:25 +0100
From: Greg KH <gregkh@linuxfoundation.org>
To: Mark Salyzyn <salyzyn@android.com>
Cc: LKML <linux-kernel@vger.kernel.org>
Subject: Re: CVE-2016-7097 causes acl leak
Message-ID: <20161211184825.GA5232@kroah.com>
References: <bb7177d2-08dc-d75c-9012-26e3b2888461@android.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <bb7177d2-08dc-d75c-9012-26e3b2888461@android.com>
User-Agent: Mutt/1.7.2 (2016-11-26)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Dec 05, 2016 at 09:16:31AM -0800, Mark Salyzyn wrote:
> Commit 073931017b49d9458aa351605b43a7e34598caef has several occurrences of
> an acl leak.
> 
> posix_acl_update_mode(inose, &mode, &acl);
> 
> . . .
> 
> posix_acl_release(acl);
> 
> 
> acl is NULLed in posix_acl_update_mode to signal caller to not update the
> acl; but because it is nulled, it is never released.

Any reason you didn't cc: the authors of that patch and the correct
mailing list for it (hint, use scripts/get_maintainer.pl on the
patch...)

Try that and see what happens...

thanks,

greg k-h