[PATCH v3 1/5] ext4: fix memory leak in parse_apply_sb_mount

public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH v3 1/5] ext4: fix memory leak in parse_apply_sb_mount_options()
       [not found] <20220513231605.175121-1-ebiggers@kernel.org>
@ 2022-05-13 23:16 ` Eric Biggers
  2022-05-14 12:09   ` [f2fs-dev] " Ritesh Harjani
  2022-05-19  2:10   ` Theodore Ts'o
  0 siblings, 2 replies; 3+ messages in thread
From: Eric Biggers @ 2022-05-13 23:16 UTC (permalink / raw)
  To: linux-fscrypt, linux-ext4, linux-f2fs-devel
  Cc: Jeff Layton, Lukas Czerner, Theodore Ts'o, Jaegeuk Kim,
	stable

From: Eric Biggers <ebiggers@google.com>

If processing the on-disk mount options fails after any memory was
allocated in the ext4_fs_context, e.g. s_qf_names, then this memory is
leaked.  Fix this by calling ext4_fc_free() instead of kfree() directly.

Reproducer:

    mkfs.ext4 -F /dev/vdc
    tune2fs /dev/vdc -E mount_opts=usrjquota=file
    echo clear > /sys/kernel/debug/kmemleak
    mount /dev/vdc /vdc
    echo scan > /sys/kernel/debug/kmemleak
    sleep 5
    echo scan > /sys/kernel/debug/kmemleak
    cat /sys/kernel/debug/kmemleak

Fixes: 7edfd85b1ffd ("ext4: Completely separate options parsing and sb setup")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 fs/ext4/super.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 1466fbdbc8e34..60fa2f2623e07 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -2625,8 +2625,10 @@ static int parse_apply_sb_mount_options(struct super_block *sb,
 	ret = ext4_apply_options(fc, sb);
 
 out_free:
-	kfree(s_ctx);
-	kfree(fc);
+	if (fc) {
+		ext4_fc_free(fc);
+		kfree(fc);
+	}
 	kfree(s_mount_opts);
 	return ret;
 }
-- 
2.36.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [f2fs-dev] [PATCH v3 1/5] ext4: fix memory leak in parse_apply_sb_mount_options()
  2022-05-13 23:16 ` [PATCH v3 1/5] ext4: fix memory leak in parse_apply_sb_mount_options() Eric Biggers
@ 2022-05-14 12:09   ` Ritesh Harjani
  2022-05-19  2:10   ` Theodore Ts'o
  1 sibling, 0 replies; 3+ messages in thread
From: Ritesh Harjani @ 2022-05-14 12:09 UTC (permalink / raw)
  To: Eric Biggers
  Cc: linux-fscrypt, linux-ext4, linux-f2fs-devel, Lukas Czerner,
	Jeff Layton, Theodore Ts'o, stable, Jaegeuk Kim

On 22/05/13 04:16PM, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> If processing the on-disk mount options fails after any memory was
> allocated in the ext4_fs_context, e.g. s_qf_names, then this memory is
> leaked.  Fix this by calling ext4_fc_free() instead of kfree() directly.

Thanks for splitting the patch. It becomes an easy backport.

>
> Reproducer:
>
>     mkfs.ext4 -F /dev/vdc
>     tune2fs /dev/vdc -E mount_opts=usrjquota=file
>     echo clear > /sys/kernel/debug/kmemleak
>     mount /dev/vdc /vdc
>     echo scan > /sys/kernel/debug/kmemleak
>     sleep 5
>     echo scan > /sys/kernel/debug/kmemleak
>     cat /sys/kernel/debug/kmemleak

Tested this and as you mentioned this patch fixes the memory leak with
s_qf_names in note_qf_name().

tune2fs 1.46.5 (30-Dec-2021)
Setting extended default mount options to 'usrjquota=file'
unreferenced object 0xffff8881126b9a50 (size 8):
  comm "mount", pid 1475, jiffies 4294829180 (age 48.670s)
  hex dump (first 8 bytes):
    66 69 6c 65 00 6b 6b a5                          file.kk.
  backtrace:
    [<ffffffff8153b09d>] __kmalloc_track_caller+0x17d/0x2f0
    [<ffffffff8149b7e8>] kmemdup_nul+0x28/0x70
    [<ffffffff81753a75>] note_qf_name.isra.0+0x95/0x180
    [<ffffffff817548a8>] ext4_parse_param+0xd48/0x11c0
    [<ffffffff8175a131>] ext4_fill_super+0x1cc1/0x6260
    [<ffffffff8155edce>] get_tree_bdev+0x24e/0x3a0
    [<ffffffff81740355>] ext4_get_tree+0x15/0x20
    [<ffffffff8155d3a2>] vfs_get_tree+0x52/0x140
    [<ffffffff815a2048>] path_mount+0x3f8/0xf30
    [<ffffffff815a2c52>] do_mount+0xd2/0xf0
    [<ffffffff815a2e4a>] __x64_sys_mount+0xca/0x110
    [<ffffffff82e6674b>] do_syscall_64+0x3b/0x90
    [<ffffffff8300007c>] entry_SYSCALL_64_after_hwframe+0x44/0xae


Feel free to add by -

Tested-by: Ritesh Harjani <ritesh.list@gmail.com>

-ritesh

>
> Fixes: 7edfd85b1ffd ("ext4: Completely separate options parsing and sb setup")
> Cc: stable@vger.kernel.org
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>  fs/ext4/super.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ext4/super.c b/fs/ext4/super.c
> index 1466fbdbc8e34..60fa2f2623e07 100644
> --- a/fs/ext4/super.c
> +++ b/fs/ext4/super.c
> @@ -2625,8 +2625,10 @@ static int parse_apply_sb_mount_options(struct super_block *sb,
>  	ret = ext4_apply_options(fc, sb);
>
>  out_free:
> -	kfree(s_ctx);
> -	kfree(fc);
> +	if (fc) {
> +		ext4_fc_free(fc);
> +		kfree(fc);
> +	}
>  	kfree(s_mount_opts);
>  	return ret;
>  }
> --
> 2.36.1
>
>
>
> _______________________________________________
> Linux-f2fs-devel mailing list
> Linux-f2fs-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH v3 1/5] ext4: fix memory leak in parse_apply_sb_mount_options()
  2022-05-13 23:16 ` [PATCH v3 1/5] ext4: fix memory leak in parse_apply_sb_mount_options() Eric Biggers
  2022-05-14 12:09   ` [f2fs-dev] " Ritesh Harjani
@ 2022-05-19  2:10   ` Theodore Ts'o
  1 sibling, 0 replies; 3+ messages in thread
From: Theodore Ts'o @ 2022-05-19  2:10 UTC (permalink / raw)
  To: Eric Biggers
  Cc: linux-fscrypt, linux-ext4, linux-f2fs-devel, Jeff Layton,
	Lukas Czerner, Jaegeuk Kim, stable

On Fri, May 13, 2022 at 04:16:01PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> If processing the on-disk mount options fails after any memory was
> allocated in the ext4_fs_context, e.g. s_qf_names, then this memory is
> leaked.  Fix this by calling ext4_fc_free() instead of kfree() directly.
> 
> Reproducer:
> 
>     mkfs.ext4 -F /dev/vdc
>     tune2fs /dev/vdc -E mount_opts=usrjquota=file
>     echo clear > /sys/kernel/debug/kmemleak
>     mount /dev/vdc /vdc
>     echo scan > /sys/kernel/debug/kmemleak
>     sleep 5
>     echo scan > /sys/kernel/debug/kmemleak
>     cat /sys/kernel/debug/kmemleak
> 
> Fixes: 7edfd85b1ffd ("ext4: Completely separate options parsing and sb setup")
> Cc: stable@vger.kernel.org
> Signed-off-by: Eric Biggers <ebiggers@google.com>

Thanks, applied.

					- Ted

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2022-05-19  2:11 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <20220513231605.175121-1-ebiggers@kernel.org>
2022-05-13 23:16 ` [PATCH v3 1/5] ext4: fix memory leak in parse_apply_sb_mount_options() Eric Biggers
2022-05-14 12:09   ` [f2fs-dev] " Ritesh Harjani
2022-05-19  2:10   ` Theodore Ts'o

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox