From patchwork Thu Mar  5 00:06:14 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeff Layton <jeff.layton@primarydata.com>
X-Patchwork-Id: 5941441
Return-Path: <linux-fsdevel-owner@kernel.org>
X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id 740F89F318
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Thu,  5 Mar 2015 00:06:20 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 9B4E220320
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Thu,  5 Mar 2015 00:06:19 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 6B25E2014A
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Thu,  5 Mar 2015 00:06:18 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752205AbbCEAGR (ORCPT
	<rfc822;patchwork-linux-fsdevel@patchwork.kernel.org>);
	Wed, 4 Mar 2015 19:06:17 -0500
Received: from cdptpa-outbound-snat.email.rr.com ([107.14.166.230]:3487 "EHLO
	cdptpa-oedge-vip.email.rr.com" rhost-flags-OK-OK-OK-FAIL)
	by vger.kernel.org with ESMTP id S1751678AbbCEAGQ (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Wed, 4 Mar 2015 19:06:16 -0500
Received: from [107.15.97.250] ([107.15.97.250:32830]
	helo=tlielax.poochiereds.net)
	by cdptpa-oedge03 (envelope-from <jeff.layton@primarydata.com>)
	(ecelerity 3.5.0.35861 r(Momo-dev:tip)) with ESMTP
	id 2B/3E-31063-7FD97F45; Thu, 05 Mar 2015 00:06:15 +0000
From: Jeff Layton <jeff.layton@primarydata.com>
To: linux-fsdevel@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, bfields@fieldses.org,
	daniel.wagner@bmw-carit.de, viro@zeniv.linux.org.uk
Subject: [PATCH] locks: fix fasync_struct memory leak in lease
	upgrade/downgrade handling
Date: Wed,  4 Mar 2015 19:06:14 -0500
Message-Id: <1425513974-27153-1-git-send-email-jeff.layton@primarydata.com>
X-Mailer: git-send-email 2.1.0
X-RR-Connecting-IP: 107.14.168.142:25
X-Cloudmark-Score: 0
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fsdevel.vger.kernel.org>
X-Mailing-List: linux-fsdevel@vger.kernel.org
X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	T_RP_MATCHES_RCVD,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Commit 8634b51f6ca2 (locks: convert lease handling to file_lock_context)
introduced a regression in the handling of lease upgrade/downgrades.

In the event that we already have a lease on a file and are going to
either upgrade or downgrade it, we skip doing any list insertion or
deletion and skip to re-calling lm_setup on the existing lease.

As of commit 8634b51f6ca2 however, we end up calling lm_setup on the
lease that was passed in, instead of on the existing lease. This causes
us to leak the fasync_struct that was allocated in the event that there
was not already an existing one (as it always appeared that there
wasn't one).

Fixes: 8634b51f6ca2 (locks: convert lease handling to file_lock_context)
Reported-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
Signed-off-by: Jeff Layton <jeff.layton@primarydata.com>
Tested-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
---
 fs/locks.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/locks.c b/fs/locks.c
index 365c82e1b3a9..f1bad681fc1c 100644
--- a/fs/locks.c
+++ b/fs/locks.c
@@ -1665,7 +1665,8 @@ generic_add_lease(struct file *filp, long arg, struct file_lock **flp, void **pr
 	}
 
 	if (my_fl != NULL) {
-		error = lease->fl_lmops->lm_change(my_fl, arg, &dispose);
+		lease = my_fl;
+		error = lease->fl_lmops->lm_change(lease, arg, &dispose);
 		if (error)
 			goto out;
 		goto out_setup;