[PATCH 1/1] seccomp: release seccomp after killing terminate clone/fork

Mon Dec 27 21:34:21 PST 2021

From: "calvin.liao" <calvin.liao at mediatek.com>

Add to release seccomp after killing terminate clone/fork to avoid
memory leak when enabling CONFIG_SECCOMP.

Signed-off-by: calvin.liao <calvin.liao at mediatek.com>
---
 kernel/fork.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/kernel/fork.c b/kernel/fork.c
index 403b9dbbfb62..984103967a97 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1698,6 +1698,13 @@ static void copy_seccomp(struct task_struct *p)
 #endif
 }
 
+static void release_seccomp(struct task_struct *p)
+{
+#ifdef CONFIG_SECCOMP
+	seccomp_filter_release(p);
+#endif
+}
+
 SYSCALL_DEFINE1(set_tid_address, int __user *, tidptr)
 {
 	current->clear_child_tid = tidptr;
@@ -2405,6 +2412,7 @@ static __latent_entropy struct task_struct *copy_process(
 	return p;
 
 bad_fork_cancel_cgroup:
+	release_seccomp(p);
 	sched_core_free(p);
 	spin_unlock(&current->sighand->siglock);
 	write_unlock_irq(&tasklist_lock);
-- 
2.18.0


