Re: 答复: [PATCH] nvme: fix memleak in nvme_ctrl_dhchap_secret_store()
Sagi Grimberg
sagi at grimberg.me
Mon Nov 21 03:39:59 PST 2022
On 11/21/22 13:33, zhangqilong wrote:
>>
>>> If dhchap_secret is not consistent with options or
>>> nvme_auth_generate_key() fails, we should free the memory of
>>> dhchap_secret to avoid memleak.
>>>
>>> Fixes: f50fff73d620 ("nvme: implement In-Band authentication")
>>> Signed-off-by: Zhang Qilong <zhangqilong3 at huawei.com>
>>
>> Please have a look at nvme-6.2, if there is still a leak, please send a patch
>> against it.
>>
>
> Hi
> I have checked it, there is still a leak at nvme-6.2.
Cool. Thanks
>
> Thanks.
>
>> Thanks.
>>
>>> ---
>>> drivers/nvme/host/core.c | 7 +++++--
>>> 1 file changed, 5 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c index
>>> da55ce45ac70..e06d1b3961fe 100644
>>> --- a/drivers/nvme/host/core.c
>>> +++ b/drivers/nvme/host/core.c
>>> @@ -3748,13 +3748,16 @@ static ssize_t
>> nvme_ctrl_dhchap_secret_store(struct device *dev,
>>> int ret;
>>>
>>> ret = nvme_auth_generate_key(dhchap_secret, &ctrl-
>>> host_key);
>>> - if (ret)
>>> + if (ret) {
>>> + kfree(dhchap_secret);
>>> return ret;
>>> + }
>>> kfree(opts->dhchap_secret);
>>> opts->dhchap_secret = dhchap_secret;
>>> /* Key has changed; re-authentication with new key */
>>> nvme_auth_reset(ctrl);
>>> - }
>>> + } else
>>> + kfree(dhchap_secret);
Perhaps lets change the check above to strncmp directly against buf and
allocate inside the clause.
>>> /* Start re-authentication */
>>> dev_info(ctrl->device, "re-authenticating controller\n");
>>> queue_work(nvme_wq, &ctrl->dhchap_auth_work);
>
More information about the Linux-nvme
mailing list