From: Olga Kornievskaia <aglo@umich.edu> To: Trond Myklebust <trondmy@hammerspace.com> Cc: "pakki001@umn.edu" <pakki001@umn.edu>, "davem@davemloft.net" <davem@davemloft.net>, "chuck.lever@oracle.com" <chuck.lever@oracle.com>, "dwysocha@redhat.com" <dwysocha@redhat.com>, "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>, "netdev@vger.kernel.org" <netdev@vger.kernel.org>, "kuba@kernel.org" <kuba@kernel.org>, "bfields@fieldses.org" <bfields@fieldses.org>, "linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>, "anna.schumaker@netapp.com" <anna.schumaker@netapp.com> Subject: Re: [PATCH] SUNRPC: Add a check for gss_release_msg Date: Thu, 8 Apr 2021 11:24:45 -0400 [thread overview] Message-ID: <CAN-5tyETkDBVfYQrBOm1veAzMdo-9K37bfgL+QZTPW=d2OAP9A@mail.gmail.com> (raw) In-Reply-To: <c0de0985c0bf09a96efc538da2146f86e6fa7037.camel@hammerspace.com> On Thu, Apr 8, 2021 at 11:01 AM Trond Myklebust <trondmy@hammerspace.com> wrote: > > On Tue, 2021-04-06 at 19:16 -0500, Aditya Pakki wrote: > > In gss_pipe_destroy_msg(), in case of error in msg, gss_release_msg > > deletes gss_msg. The patch adds a check to avoid a potential double > > free. > > > > Signed-off-by: Aditya Pakki <pakki001@umn.edu> > > --- > > net/sunrpc/auth_gss/auth_gss.c | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > diff --git a/net/sunrpc/auth_gss/auth_gss.c > > b/net/sunrpc/auth_gss/auth_gss.c > > index 5f42aa5fc612..eb52eebb3923 100644 > > --- a/net/sunrpc/auth_gss/auth_gss.c > > +++ b/net/sunrpc/auth_gss/auth_gss.c > > @@ -848,7 +848,8 @@ gss_pipe_destroy_msg(struct rpc_pipe_msg *msg) > > warn_gssd(); > > gss_release_msg(gss_msg); > > } > > - gss_release_msg(gss_msg); > > + if (gss_msg) > > + gss_release_msg(gss_msg); > > } > > > > static void gss_pipe_dentry_destroy(struct dentry *dir, > > > NACK. There's no double free there. I disagree that there is no double free, the wording of the commit describes the problem in the error case is that we call gss_release_msg() and then we call it again but the 1st one released the gss_msg. However, I think the fix should probably be instead: diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c index 5f42aa5fc612..e8aae617e981 100644 --- a/net/sunrpc/auth_gss/auth_gss.c +++ b/net/sunrpc/auth_gss/auth_gss.c @@ -846,7 +846,7 @@ gss_pipe_destroy_msg(struct rpc_pipe_msg *msg) gss_unhash_msg(gss_msg); if (msg->errno == -ETIMEDOUT) warn_gssd(); - gss_release_msg(gss_msg); + return gss_release_msg(gss_msg); } gss_release_msg(gss_msg); } > > -- > Trond Myklebust > Linux NFS client maintainer, Hammerspace > trond.myklebust@hammerspace.com > >
next prev parent reply other threads:[~2021-04-08 15:25 UTC|newest] Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-04-07 0:16 Aditya Pakki 2021-04-07 15:34 ` J. Bruce Fields 2021-04-08 15:01 ` Trond Myklebust 2021-04-08 15:24 ` Olga Kornievskaia [this message] 2021-04-08 16:02 ` Trond Myklebust 2021-04-20 7:15 ` Greg KH 2021-04-20 17:10 ` J. Bruce Fields 2021-04-21 5:10 ` Leon Romanovsky 2021-04-21 5:43 ` Greg KH 2021-04-21 6:08 ` Leon Romanovsky [not found] ` <CA+EnHHSw4X+ubOUNYP2zXNpu70G74NN1Sct2Zin6pRgq--TqhA@mail.gmail.com> 2021-04-21 8:15 ` Greg KH 2021-04-21 10:07 ` Sudip Mukherjee 2021-04-21 10:21 ` Greg KH 2021-04-21 11:58 ` Shelat, Abhi 2021-04-21 12:08 ` Greg KH 2021-04-21 12:19 ` Leon Romanovsky 2021-04-21 13:11 ` Trond Myklebust 2021-04-21 13:20 ` Leon Romanovsky 2021-04-21 13:42 ` Steven Rostedt 2021-04-21 13:21 ` gregkh 2021-04-21 13:34 ` Leon Romanovsky 2021-04-21 13:50 ` gregkh 2021-04-21 14:12 ` Leon Romanovsky 2021-04-21 18:50 ` Alexander Grund 2021-04-21 13:37 ` J. Bruce Fields 2021-04-21 13:49 ` Leon Romanovsky 2021-04-21 13:56 ` J. Bruce Fields 2021-04-22 19:39 ` J. Bruce Fields 2021-04-23 17:25 ` Leon Romanovsky 2021-04-23 18:07 ` J. Bruce Fields 2021-04-23 19:29 ` Leon Romanovsky 2021-04-23 21:48 ` J. Bruce Fields 2021-04-24 7:21 ` Leon Romanovsky 2021-04-24 18:34 ` Al Viro 2021-04-24 21:34 ` J. Bruce Fields 2021-04-25 0:41 ` Theodore Ts'o 2021-04-25 6:29 ` Greg KH [not found] ` <20210426133605.GD21222@fieldses.org> 2021-04-26 13:47 ` J. Bruce Fields 2021-04-22 8:10 ` Sudip Mukherjee 2021-04-22 8:27 ` Greg KH 2021-04-21 12:51 ` Anna Schumaker 2021-04-21 14:15 ` Leon Romanovsky 2021-04-21 15:48 ` Theodore Ts'o 2021-04-21 17:34 ` Mike Rapoport 2021-04-22 3:57 ` Leon Romanovsky 2021-04-21 22:52 ` Guenter Roeck [not found] <CAHr+ZK-ayy2vku9ovuSB4egtOxrPEKxCdVQN3nFqMK07+K5_8g@mail.gmail.com> 2021-04-21 19:49 ` Theodore Ts'o 2021-04-22 7:50 ` Eric Biggers 2021-04-21 20:27 Weikeng Chen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to='CAN-5tyETkDBVfYQrBOm1veAzMdo-9K37bfgL+QZTPW=d2OAP9A@mail.gmail.com' \ --to=aglo@umich.edu \ --cc=anna.schumaker@netapp.com \ --cc=bfields@fieldses.org \ --cc=chuck.lever@oracle.com \ --cc=davem@davemloft.net \ --cc=dwysocha@redhat.com \ --cc=kuba@kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-nfs@vger.kernel.org \ --cc=netdev@vger.kernel.org \ --cc=pakki001@umn.edu \ --cc=trondmy@hammerspace.com \ --subject='Re: [PATCH] SUNRPC: Add a check for gss_release_msg' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).