From: Chen Gang <gang.chen@asianux.com>
To: Eric Paris <eparis@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>,
linux-kernel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>
Subject: [PATCH v2] kernel: auditfilter: resource management, tree and watch will memory leak when failure occurs
Date: Wed, 17 Apr 2013 12:23:20 +0800 [thread overview]
Message-ID: <516E23B8.8030700@asianux.com> (raw)
In-Reply-To: <516E0BC3.6020302@asianux.com>
in function audit_data_to_entry:
when failure occurs, need check and free tree and watch.
or memory leak.
test:
plan:
test command:
"auditctl -a exit,always -w /etc -F auid=-1"
(on fedora17, need modify auditctl to let "-w /etc" has effect)
running:
under fedora17 x86_64, 2 CPUs 3.20GHz, 2.5GB RAM.
let 15 auditctl processes continue running at the same time.
monitor command:
watch -d -n 1 "cat /proc/meminfo | awk '{print \$2}' \
| head -n 4 | xargs \
| awk '{print \"used \",\$1 - \$2 - \$3 - \$4}'"
result:
for original version:
will use up all memory, within 3 hours.
kill all auditctl, the memory still does not free.
for new version (apply this patch):
after 14 hours later, not find issues.
Signed-off-by: Chen Gang <gang.chen@asianux.com>
---
kernel/auditfilter.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index f9fc54b..2674368 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -594,6 +594,10 @@ exit_nofree:
return entry;
exit_free:
+ if (entry->rule.watch)
+ audit_put_watch(entry->rule.watch); /* matches initial get */
+ if (entry->rule.tree)
+ audit_put_tree(entry->rule.tree); /* that's the temporary one */
audit_free_rule(entry);
return ERR_PTR(err);
}
--
1.7.7.6
next prev parent reply other threads:[~2013-04-17 4:24 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-10 9:52 [PATCH] kernel: auditfilter: looping issue, memory leak if has 2 or more AUDIT_FILTERKEYs Chen Gang
2013-04-10 10:18 ` Chen Gang
2013-04-10 10:28 ` Chen Gang
2013-04-10 10:36 ` Chen Gang
2013-04-10 21:38 ` Eric Paris
2013-04-11 1:12 ` Chen Gang
2013-04-10 21:32 ` Eric Paris
2013-04-11 3:43 ` Chen Gang
2013-04-10 20:29 ` Eric Paris
2013-04-11 3:55 ` Chen Gang
2013-04-10 21:19 ` Eric Paris
2013-04-11 4:10 ` Chen Gang
2013-04-11 13:40 ` Eric Paris
2013-04-11 14:34 ` Chen Gang
2013-04-11 14:52 ` Chen Gang
2013-04-12 9:42 ` Chen Gang
2013-04-16 10:25 ` Chen Gang
2013-04-16 10:38 ` Chen Gang
2013-04-17 2:41 ` Chen Gang
2013-04-17 4:23 ` Chen Gang [this message]
2013-04-10 20:08 ` Eric Paris
2013-04-11 3:56 ` Chen Gang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=516E23B8.8030700@asianux.com \
--to=gang.chen@asianux.com \
--cc=akpm@linux-foundation.org \
--cc=eparis@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox