Message ID | 20220107105332.61347-1-aayush.a.agarwal@oracle.com (mailing list archive) |
---|---|
State | Not Applicable |
Delegated to: | Netdev Maintainers |
Headers | show |
Series | [4.14] phonet: refcount leak in pep_sock_accep | expand |
Context | Check | Description |
---|---|---|
netdev/tree_selection | success | Guessing tree name failed - patch did not apply |
On Fri, Jan 07, 2022 at 02:53:32AM -0800, Aayush Agarwal wrote: > From: Hangyu Hua <hbh25y@gmail.com> > > commit bcd0f9335332 ("phonet: refcount leak in pep_sock_accep") > upstream. > > sock_hold(sk) is invoked in pep_sock_accept(), but __sock_put(sk) is not > invoked in subsequent failure branches(pep_accept_conn() != 0). > > Signed-off-by: Hangyu Hua <hbh25y@gmail.com> > Link: https://lore.kernel.org/r/20211209082839.33985-1-hbh25y@gmail.com > Signed-off-by: Jakub Kicinski <kuba@kernel.org> > Signed-off-by: Aayush Agarwal <aayush.a.agarwal@oracle.com> > --- > net/phonet/pep.c | 1 + > 1 file changed, 1 insertion(+) What about releases 5.15.y, 5.10.y, 5.4.y, and 4.19.y? Is this also relevant for those trees? thanks, greg k-h
On 07/01/22 4:54 pm, Greg KH wrote: > On Fri, Jan 07, 2022 at 02:53:32AM -0800, Aayush Agarwal wrote: >> From: Hangyu Hua <hbh25y@gmail.com> >> >> commit bcd0f9335332 ("phonet: refcount leak in pep_sock_accep") >> upstream. >> >> sock_hold(sk) is invoked in pep_sock_accept(), but __sock_put(sk) is not >> invoked in subsequent failure branches(pep_accept_conn() != 0). >> >> Signed-off-by: Hangyu Hua <hbh25y@gmail.com> >> Link: https://urldefense.com/v3/__https://lore.kernel.org/r/20211209082839.33985-1-hbh25y@gmail.com__;!!ACWV5N9M2RV99hQ!Znc0Oy9gtZZ18UDMwcZiYrfjj4GUibhEq5WJZ44m6azDWCC1hrZpkFh9AmGOqqS94cqz-A$ >> Signed-off-by: Jakub Kicinski <kuba@kernel.org> >> Signed-off-by: Aayush Agarwal <aayush.a.agarwal@oracle.com> >> --- >> net/phonet/pep.c | 1 + >> 1 file changed, 1 insertion(+) > What about releases 5.15.y, 5.10.y, 5.4.y, and 4.19.y? Is this also > relevant for those trees? > > thanks, > > greg k-h It's relevant for all currently supported stable releases: 4.4.y, 4.9.y, 4.14.y, 4.19.y, 5.4.y, 5.10.y, 5.15.y . I missed adding the tag "Cc: stable@viger.kernel.org #4.4+". Should I send the patch again?
On Fri, Jan 07, 2022 at 10:24:53PM +0530, aayush.a.agarwal@oracle.com wrote: > > On 07/01/22 4:54 pm, Greg KH wrote: > > On Fri, Jan 07, 2022 at 02:53:32AM -0800, Aayush Agarwal wrote: > > > From: Hangyu Hua <hbh25y@gmail.com> > > > > > > commit bcd0f9335332 ("phonet: refcount leak in pep_sock_accep") > > > upstream. > > > > > > sock_hold(sk) is invoked in pep_sock_accept(), but __sock_put(sk) is not > > > invoked in subsequent failure branches(pep_accept_conn() != 0). > > > > > > Signed-off-by: Hangyu Hua <hbh25y@gmail.com> > > > Link: https://urldefense.com/v3/__https://lore.kernel.org/r/20211209082839.33985-1-hbh25y@gmail.com__;!!ACWV5N9M2RV99hQ!Znc0Oy9gtZZ18UDMwcZiYrfjj4GUibhEq5WJZ44m6azDWCC1hrZpkFh9AmGOqqS94cqz-A$ > > > Signed-off-by: Jakub Kicinski <kuba@kernel.org> > > > Signed-off-by: Aayush Agarwal <aayush.a.agarwal@oracle.com> > > > --- > > > net/phonet/pep.c | 1 + > > > 1 file changed, 1 insertion(+) > > What about releases 5.15.y, 5.10.y, 5.4.y, and 4.19.y? Is this also > > relevant for those trees? > > > > thanks, > > > > greg k-h > > It's relevant for all currently supported stable releases: 4.4.y, 4.9.y, > 4.14.y, 4.19.y, 5.4.y, 5.10.y, 5.15.y . I missed adding the tag "Cc: > stable@viger.kernel.org #4.4+". Should I send the patch again? No need, I've queued it up everywhere now, thanks! greg k-h
diff --git a/net/phonet/pep.c b/net/phonet/pep.c index b0d958cd1823..4c4a8a42ee88 100644 --- a/net/phonet/pep.c +++ b/net/phonet/pep.c @@ -881,6 +881,7 @@ static struct sock *pep_sock_accept(struct sock *sk, int flags, int *errp, err = pep_accept_conn(newsk, skb); if (err) { + __sock_put(sk); sock_put(newsk); newsk = NULL; goto drop;