From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ben Hutchings Subject: Re: [PATCH net] ipv6: Fix cleanup ordering on inet6_init() error path Date: Thu, 11 Jan 2018 16:48:56 +0000 Message-ID: <1515689336.12097.14.camel@codethink.co.uk> References: <20180109182116.olzb5rroeazq4ufv@xylophone.i.decadent.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit Cc: Linux Kernel Network Developers , Andrey Konovalov To: Cong Wang Return-path: Received: from imap1.codethink.co.uk ([176.9.8.82]:48888 "EHLO imap1.codethink.co.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S964949AbeAKQs7 (ORCPT ); Thu, 11 Jan 2018 11:48:59 -0500 In-Reply-To: Sender: netdev-owner@vger.kernel.org List-ID: On Wed, 2018-01-10 at 14:25 -0800, Cong Wang wrote: > On Tue, Jan 9, 2018 at 10:21 AM, Ben Hutchings > wrote: > > Commit 15e668070a64 reordered the initialisation in inet6_init() to > > fix a crash on an error path further down the call stack.  It also > > reordered cleanup on the error path in inet6_init(), but the result > > is not the reverse of the initialisation order.  This presumably > > can result in a resource leak or crash in some error > > cases.  Reorder > > cleanup again to fix this. > > Can you be specific on what resource we leak here? If icmpv6_init() fails, after ip6_mr_init(), then ip6_mr_cleanup() is not called. Also, if ip6_mr_init() fails, we don't unregister inet6_net_ops. I think that will result in a crash - immediately if ipv6 is a module, otherwise when the next net namespace is created. > Also, it looks like you not just revert the order changed in commit > 15e668070a64, but also you move  icmpv6_cleanup() even earlier. So should I add another Fixes: there? Ben. -- Ben Hutchings Software Developer, Codethink Ltd.