tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

kernfs: fix memory leak of kernfs_iattrs in __kernfs_new_node

There exists a memory leak of kernfs_iattrs contained as an element
of kernfs_node allocated in __kernfs_new_node(). __kernfs_setattr()
allocates kernfs_iattrs as a sub-object, and the LSM security check
incorrectly errors out and does not free the kernfs_iattrs sub-object.

Make an additional error out case that properly frees kernfs_iattrs if
security_kernfs_init_security() fails.

Fixes: e19dfdc83b60 ("kernfs: initialize security of newly created nodes")
Co-developed-by: Oliver Rosenberg <olrose55@gmail.com>
Signed-off-by: Oliver Rosenberg <olrose55@gmail.com>
Signed-off-by: Will Rosenberg <whrosenb@asu.edu>
Link: https://patch.msgid.link/20251125151332.2010687-1-whrosenb@asu.edu
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

authored by

Will Rosenberg and committed by
Greg Kroah-Hartman 382b1e8f 2467f992

+4 -1
+4 -1
fs/kernfs/dir.c
··· 675 675 if (parent) { 676 676 ret = security_kernfs_init_security(parent, kn); 677 677 if (ret) 678 - goto err_out3; 678 + goto err_out4; 679 679 } 680 680 681 681 return kn; 682 682 683 + err_out4: 684 + simple_xattrs_free(&kn->iattr->xattrs, NULL); 685 + kmem_cache_free(kernfs_iattrs_cache, kn->iattr); 683 686 err_out3: 684 687 spin_lock(&root->kernfs_idr_lock); 685 688 idr_remove(&root->ino_idr, (u32)kernfs_ino(kn));