From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 018B01FCF7D; Fri, 6 Dec 2024 15:21:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733498464; cv=none; b=UBIcFzA/bRWNFOnyjF4JPckZmiDyQ7u1J/Qi+joPTgaNNjDdyGI58L+eJ9nsFcoB8GM8TCc+a5iS7wVMy+fU9ScQe+Askw8EHiHeVbltzrHHIkC4fMzvh52rQ4/KfXHNoYrT3DBhn4TBSuGozt8NOgXF16wx8OaidvqjwalwE9I= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733498464; c=relaxed/simple; bh=JNkTN7LIi53IbrPAHhY9mQBupC25d1qLkWH7IzOwlAE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Pi2ozYbajBqeWEd0Ft0e8ReIMr6+auO5LW+jCGP9XUNNTDF3i8QIbPoNNNidp0b5lrqn6kbGulQrFA/iNqY3dkBi6pIif/zd/0gQeo+kDiX0rPxLAFWMw8BS/RmKWWCSfeb1vgUoNiOhNetxFiJtbqfB8qJdCy5pD5DcO3RQ0bs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=qG4mqgY3; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="qG4mqgY3" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 16DB5C4CEDC; Fri, 6 Dec 2024 15:21:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1733498463; bh=JNkTN7LIi53IbrPAHhY9mQBupC25d1qLkWH7IzOwlAE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=qG4mqgY3IvphAeUdewRO37uzQaVldIBbE1OvcWn+8UKv0U4TK9DJBV6JiXdPt9zgk ZIQBTkwZDqbTnIgBgmoVgLQk24i1bOKj03tUjCTRjC+jVcOQIYnqVJ25y52zSD1Fdt 4FwYkdI+PxLVBryELctggxE3aB380h9mA+iq96hw= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Ma Wupeng , Andrew Morton Subject: [PATCH 6.6 551/676] ipc: fix memleak if msg_init_ns failed in create_ipc_ns Date: Fri, 6 Dec 2024 15:36:10 +0100 Message-ID: <20241206143714.888937000@linuxfoundation.org> X-Mailer: git-send-email 2.47.1 In-Reply-To: <20241206143653.344873888@linuxfoundation.org> References: <20241206143653.344873888@linuxfoundation.org> User-Agent: quilt/0.67 X-stable: review X-Patchwork-Hint: ignore Precedence: bulk X-Mailing-List: stable@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit 6.6-stable review patch. If anyone has any objections, please let me know. ------------------ From: Ma Wupeng commit bc8f5921cd69188627c08041276238de222ab466 upstream. Percpu memory allocation may failed during create_ipc_ns however this fail is not handled properly since ipc sysctls and mq sysctls is not released properly. Fix this by release these two resource when failure. Here is the kmemleak stack when percpu failed: unreferenced object 0xffff88819de2a600 (size 512): comm "shmem_2nstest", pid 120711, jiffies 4300542254 hex dump (first 32 bytes): 60 aa 9d 84 ff ff ff ff fc 18 48 b2 84 88 ff ff `.........H..... 04 00 00 00 a4 01 00 00 20 e4 56 81 ff ff ff ff ........ .V..... backtrace (crc be7cba35): [] __kmalloc_node_track_caller_noprof+0x333/0x420 [] kmemdup_noprof+0x26/0x50 [] setup_mq_sysctls+0x57/0x1d0 [] copy_ipcs+0x29c/0x3b0 [] create_new_namespaces+0x1d0/0x920 [] copy_namespaces+0x2e9/0x3e0 [] copy_process+0x29f3/0x7ff0 [] kernel_clone+0xc0/0x650 [] __do_sys_clone+0xa1/0xe0 [] do_syscall_64+0xbf/0x1c0 [] entry_SYSCALL_64_after_hwframe+0x4b/0x53 Link: https://lkml.kernel.org/r/20241023093129.3074301-1-mawupeng1@huawei.com Fixes: 72d1e611082e ("ipc/msg: mitigate the lock contention with percpu counter") Signed-off-by: Ma Wupeng Cc: Signed-off-by: Andrew Morton Signed-off-by: Greg Kroah-Hartman --- ipc/namespace.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/ipc/namespace.c +++ b/ipc/namespace.c @@ -83,13 +83,15 @@ static struct ipc_namespace *create_ipc_ err = msg_init_ns(ns); if (err) - goto fail_put; + goto fail_ipc; sem_init_ns(ns); shm_init_ns(ns); return ns; +fail_ipc: + retire_ipc_sysctls(ns); fail_mq: retire_mq_sysctls(ns);