From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.3 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,MAILING_LIST_MULTI, NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E7ACFC433DB for ; Fri, 19 Mar 2021 21:26:48 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AD65A61982 for ; Fri, 19 Mar 2021 21:26:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231152AbhCSV0Y (ORCPT ); Fri, 19 Mar 2021 17:26:24 -0400 Received: from www62.your-server.de ([213.133.104.62]:35392 "EHLO www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230411AbhCSV0K (ORCPT ); Fri, 19 Mar 2021 17:26:10 -0400 Received: from sslproxy02.your-server.de ([78.47.166.47]) by www62.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from ) id 1lNMd9-000A6q-VX; Fri, 19 Mar 2021 22:26:03 +0100 Received: from [85.7.101.30] (helo=pc-9.home) by sslproxy02.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lNMd9-0006P1-O9; Fri, 19 Mar 2021 22:26:03 +0100 Subject: Re: [PATCH v3] bpf: Fix memory leak in copy_process() To: qiang.zhang@windriver.com, ast@kernel.org, andrii@kernel.org, kafai@fb.com, songliubraving@fb.com, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org Cc: netdev@vger.kernel.org, bpf@vger.kernel.org, linux-kernel@vger.kernel.org References: <20210317030915.2865-1-qiang.zhang@windriver.com> From: Daniel Borkmann Message-ID: Date: Fri, 19 Mar 2021 22:26:03 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 MIME-Version: 1.0 In-Reply-To: <20210317030915.2865-1-qiang.zhang@windriver.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.102.4/26113/Fri Mar 19 12:14:45 2021) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 3/17/21 4:09 AM, qiang.zhang@windriver.com wrote: > From: Zqiang > > The syzbot report a memleak follow: > BUG: memory leak > unreferenced object 0xffff888101b41d00 (size 120): > comm "kworker/u4:0", pid 8, jiffies 4294944270 (age 12.780s) > backtrace: > [] alloc_pid+0x66/0x560 > [] copy_process+0x1465/0x25e0 > [] kernel_clone+0xf3/0x670 > [] kernel_thread+0x61/0x80 > [] call_usermodehelper_exec_work > [] call_usermodehelper_exec_work+0xc4/0x120 > [] process_one_work+0x2c9/0x600 > [] worker_thread+0x59/0x5d0 > [] kthread+0x178/0x1b0 > [] ret_from_fork+0x1f/0x30 > > unreferenced object 0xffff888110ef5c00 (size 232): > comm "kworker/u4:0", pid 8414, jiffies 4294944270 (age 12.780s) > backtrace: > [] kmem_cache_zalloc > [] __alloc_file+0x1f/0xf0 > [] alloc_empty_file+0x69/0x120 > [] alloc_file+0x33/0x1b0 > [] alloc_file_pseudo+0xb2/0x140 > [] create_pipe_files+0x138/0x2e0 > [] umd_setup+0x33/0x220 > [] call_usermodehelper_exec_async+0xb4/0x1b0 > [] ret_from_fork+0x1f/0x30 > > after the UMD process exits, the pipe_to_umh/pipe_from_umh and tgid > need to be release. > > Fixes: d71fa5c9763c ("bpf: Add kernel module with user mode driver that populates bpffs.") > Reported-by: syzbot+44908bb56d2bfe56b28e@syzkaller.appspotmail.com > Signed-off-by: Zqiang Applied to bpf, thanks (also did minor style fixups to fix kernel style)!