[PATCH v2] ubifs: Free memory for tmpfile name
Zhihao Cheng
chengzhihao1 at huawei.com
Thu Mar 30 04:05:55 PDT 2023
> When opening a ubifs tmpfile on an encrypted directory, function
> fscrypt_setup_filename allocates memory for the name that is to be
> stored in the directory entry, but after the name has been copied to the
> directory entry inode, the memory is not freed.
>
> When running kmemleak on it we see that it is registered as a leak. The
> report below is triggered by a simple program 'tmpfile' just opening a
> tmpfile:
>
> unreferenced object 0xffff88810178f380 (size 32):
> comm "tmpfile", pid 509, jiffies 4294934744 (age 1524.742s)
> backtrace:
> __kmem_cache_alloc_node
> __kmalloc
> fscrypt_setup_filename
> ubifs_tmpfile
> vfs_tmpfile
> path_openat
>
> Free this memory after it has been copied to the inode.
>
> Signed-off-by: Mårten Lindahl <marten.lindahl at axis.com>
> ---
> Changes in v2:
> - Call fscrypt_free_filename after ubifs_release_budget
> - Link to v1: https://lore.kernel.org/r/20230329-memleak-fix-v1-1-7133da56ea8f@axis.com
> ---
> fs/ubifs/dir.c | 1 +
> 1 file changed, 1 insertion(+)
Reviewed-by: Zhihao Cheng <chengzhihao1 at huawei.com>
>
> diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c
> index 0f29cf201136..7dd6dd34b84c 100644
> --- a/fs/ubifs/dir.c
> +++ b/fs/ubifs/dir.c
> @@ -492,6 +492,7 @@ static int ubifs_tmpfile(struct user_namespace *mnt_userns, struct inode *dir,
> unlock_2_inodes(dir, inode);
>
> ubifs_release_budget(c, &req);
> + fscrypt_free_filename(&nm);
>
> return finish_open_simple(file, 0);
>
>
> ---
> base-commit: c9c3395d5e3dcc6daee66c6908354d47bf98cb0c
> change-id: 20230329-memleak-fix-87a01daf469e
>
> Best regards,
>
More information about the linux-mtd
mailing list