diff options
author | Zhang Xiaoxu <zhangxiaoxu5@huawei.com> | 2022-10-22 09:35:20 +0200 |
---|---|---|
committer | Steve French <stfrench@microsoft.com> | 2022-10-24 00:50:10 +0200 |
commit | f950c85e782f90702468bba8243cc97a8d0d04b0 (patch) | |
tree | 1ec7adf5c452cc6579c5f50d8a4c12f55b6f7db5 /fs/cifs/file.c | |
parent | cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc() (diff) | |
download | linux-f950c85e782f90702468bba8243cc97a8d0d04b0.tar.xz linux-f950c85e782f90702468bba8243cc97a8d0d04b0.zip |
cifs: Fix pages leak when writedata alloc failed in cifs_write_from_iter()
There is a kmemleak when writedata alloc failed:
unreferenced object 0xffff888175ae4000 (size 4096):
comm "dd", pid 19419, jiffies 4296028749 (age 739.396s)
hex dump (first 32 bytes):
80 02 b0 04 00 ea ff ff c0 02 b0 04 00 ea ff ff ................
80 22 4c 04 00 ea ff ff c0 22 4c 04 00 ea ff ff ."L......"L.....
backtrace:
[<0000000072fdbb86>] __kmalloc_node+0x50/0x150
[<0000000039faf56f>] __iov_iter_get_pages_alloc+0x605/0xdd0
[<00000000f862a9d4>] iov_iter_get_pages_alloc2+0x3b/0x80
[<000000008f226067>] cifs_write_from_iter+0x2ae/0xe40
[<000000001f78f2f1>] __cifs_writev+0x337/0x5c0
[<00000000257fcef5>] vfs_write+0x503/0x690
[<000000008778a238>] ksys_write+0xb9/0x150
[<00000000ed82047c>] do_syscall_64+0x35/0x80
[<000000003365551d>] entry_SYSCALL_64_after_hwframe+0x46/0xb0
__iov_iter_get_pages_alloc+0x605/0xdd0 is:
want_pages_array at lib/iov_iter.c:1304
(inlined by) __iov_iter_get_pages_alloc at lib/iov_iter.c:1457
If writedata allocate failed, the pages and pagevec should be cleanup.
Fixes: 8c5f9c1ab7cb ("CIFS: Add support for direct I/O write")
Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
Signed-off-by: Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Diffstat (limited to 'fs/cifs/file.c')
-rw-r--r-- | fs/cifs/file.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/cifs/file.c b/fs/cifs/file.c index d9fbf1ec6029..cd9698209930 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -3303,6 +3303,9 @@ cifs_write_from_iter(loff_t offset, size_t len, struct iov_iter *from, cifs_uncached_writev_complete); if (!wdata) { rc = -ENOMEM; + for (i = 0; i < nr_pages; i++) + put_page(pagevec[i]); + kvfree(pagevec); add_credits_and_wake_if(server, credits, 0); break; } |