integ/kernel/kernel-rt/centos/patches/rh-ext4-release-leaked-posix-acl-in-ext4_acl_chmod.patch
Jim Somerville d7784ee452 Fix kernel memory leaks in ipvs and ext4
These leaks were observed in the RT kernel but the fixes
are not RT specific.  We deemed it prudent to also
include the fixes in the std kernel as well.

See the specific patches for details.

Change-Id: I00e6d06a82e289806e5d51008ea1597735b2ad0f
Closes-Bug: 1836638
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
2019-08-23 16:34:48 -04:00

68 lines
2.3 KiB
Diff

From a16765613c5cb9b6cb86bc92d21030be124b2dde Mon Sep 17 00:00:00 2001
Message-Id: <a16765613c5cb9b6cb86bc92d21030be124b2dde.1566590430.git.Jim.Somerville@windriver.com>
In-Reply-To: <fdb837fb87ff4907436dfab16709b64d6c3488fd.1566590430.git.Jim.Somerville@windriver.com>
References: <fdb837fb87ff4907436dfab16709b64d6c3488fd.1566590430.git.Jim.Somerville@windriver.com>
From: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>
Date: Fri, 9 Feb 2018 11:52:14 +0300
Subject: [PATCH 2/3] rh/ext4: release leaked posix acl in ext4_acl_chmod
[ commit b85d6be0b743a1768b8456d36b52960858fbaa67 in OpenVZ's vzkernel repo ]
Note: only rh7-3.10.0-693.17.1.el7-based kernels are affected.
I.e. starting from rh7-3.10.0-693.17.1.vz7.43.1.
Posix acl is used to convert of an extended attribute, provided by user to ext4
attributes. In particular to i_mode in case of ACL_TYPE_ACCESS request.
IOW, this object is allocated, used for convertion, not stored anywhere and
must be freed.
However posix_acl_update_mode() can zerofy the pointer to support
ext4_set_acl() logic, but then the object is leaked. So, fix it by releasing
new temporary pointer with the same value instead of acl pointer.
In scope of https://jira.sw.ru/browse/PSBM-81384
RHEL bug URL: https://bugzilla.redhat.com/show_bug.cgi?id=1543020
Signed-off-by: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>
Acked-by: Dmitry Monakhov <dmonakhov@openvz.org>
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
fs/ext4/acl.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c
index 917e819..fce029f 100644
--- a/fs/ext4/acl.c
+++ b/fs/ext4/acl.c
@@ -297,7 +297,7 @@ cleanup:
int
ext4_acl_chmod(struct inode *inode)
{
- struct posix_acl *acl;
+ struct posix_acl *acl, *real_acl;
handle_t *handle;
int retries = 0;
int error;
@@ -315,6 +315,8 @@ ext4_acl_chmod(struct inode *inode)
error = posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
if (error)
return error;
+
+ real_acl = acl;
retry:
handle = ext4_journal_start(inode, EXT4_HT_XATTR,
ext4_jbd2_credits_xattr(inode));
@@ -341,7 +343,7 @@ out_stop:
ext4_should_retry_alloc(inode->i_sb, &retries))
goto retry;
out:
- posix_acl_release(acl);
+ posix_acl_release(real_acl);
return error;
}
--
1.8.3.1