From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1755489AbcANQWZ (ORCPT <rfc822;w@1wt.eu>);
	Thu, 14 Jan 2016 11:22:25 -0500
Received: from tiger.mobileactivedefense.com ([217.174.251.109]:44132 "EHLO
	tiger.mobileactivedefense.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1751240AbcANQWY (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Thu, 14 Jan 2016 11:22:24 -0500
From: Rainer Weikusat <rweikusat@mobileactivedefense.com>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH] af_unix: Use kfree for addresses in unix_bind
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)
Date: Thu, 14 Jan 2016 16:22:10 +0000
Message-ID: <87y4bsw2q5.fsf@doppelsaurus.mobileactivedefense.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.4.3 (tiger.mobileactivedefense.com [217.174.251.109]); Thu, 14 Jan 2016 16:22:18 +0000 (GMT)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Use kfree instead of unix_release_addr when freeing newly-allocated
unix_address structures after binding the socket failed. The second
function does an atomic_dec_and_test in order to free the address once
its reference count falls to zero which isn't necessary for the
unix_bind error path as the new structure wasn't published yet. 'Using
kfree' is also how unix_autobind handles this case.

Signed-off-by: Rainer Weikusat <rweikusat@mobileactivedefense.com>
---
gdiff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index c5bf5ef..b894a3c 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -1044,7 +1044,7 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
 		if (err) {
 			if (err == -EEXIST)
 				err = -EADDRINUSE;
-			unix_release_addr(addr);
+			kfree(addr);
 			goto out_up;
 		}
 		addr->hash = UNIX_HASH_SIZE;
@@ -1057,7 +1057,7 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
 		err = -EADDRINUSE;
 		if (__unix_find_socket_byname(net, sunaddr, addr_len,
 					      sk->sk_type, hash)) {
-			unix_release_addr(addr);
+			kfree(addr);
 			goto out_unlock;
 		}