diff mbox series

回复: [PATCH v2] bpf: Fix memory leak in copy_process()

Message ID DM6PR11MB4202D95C3B579C7A6F381A97FF6B9@DM6PR11MB4202.namprd11.prod.outlook.com (mailing list archive)
State Changes Requested
Delegated to: BPF
Headers show
Series 回复: [PATCH v2] bpf: Fix memory leak in copy_process() | expand

Checks

Context Check Description
netdev/tree_selection success Not a local patch

Commit Message

Zhang, Qiang March 16, 2021, 11:29 a.m. UTC 
Hello Alexei Starovoitov Daniel Borkmann
Please  review this patch.

Thanks
Qiang

Comments

Alexei Starovoitov March 16, 2021, 3 p.m. UTC | #1 
On Tue, Mar 16, 2021 at 4:29 AM Zhang, Qiang <Qiang.Zhang@windriver.com> wrote:
>
> Hello Alexei Starovoitov Daniel Borkmann
> Please  review this patch.

Please don't top post.
diff mbox series

Patch

diff --git a/kernel/bpf/preload/bpf_preload_kern.c b/kernel/bpf/preload/bpf_preload_kern.c
index 79c5772465f1..5009875f01d3 100644
--- a/kernel/bpf/preload/bpf_preload_kern.c
+++ b/kernel/bpf/preload/bpf_preload_kern.c
@@ -4,6 +4,7 @@ 
 #include <linux/module.h>
 #include <linux/pid.h>
 #include <linux/fs.h>
+#include <linux/file.h>
 #include <linux/sched/signal.h>
 #include "bpf_preload.h"

@@ -20,6 +21,14 @@  static struct bpf_preload_ops umd_ops = {
        .owner = THIS_MODULE,
 };

+static void bpf_preload_umh_cleanup(struct umd_info *info)
+{
+       fput(info->pipe_to_umh);
+       fput(info->pipe_from_umh);
+       put_pid(info->tgid);
+       info->tgid = NULL;
+}
+
 static int preload(struct bpf_preload_info *obj)
 {
        int magic = BPF_PRELOAD_START;
@@ -61,8 +70,10 @@  static int finish(void)
        if (n != sizeof(magic))
                return -EPIPE;
        tgid = umd_ops.info.tgid;
-       wait_event(tgid->wait_pidfd, thread_group_exited(tgid));
-       umd_ops.info.tgid = NULL;
+       if (tgid) {
+               wait_event(tgid->wait_pidfd, thread_group_exited(tgid));
+               bpf_preload_umh_cleanup(&umd_ops.info);
+       }
        return 0;
 }

@@ -80,10 +91,15 @@  static int __init load_umd(void)

 static void __exit fini_umd(void)
 {
+       struct pid *tgid;
        bpf_preload_ops = NULL;
        /* kill UMD in case it's still there due to earlier error */
-       kill_pid(umd_ops.info.tgid, SIGKILL, 1);
-       umd_ops.info.tgid = NULL;
+       tgid = umd_ops.info.tgid;
+       if (tgid) {
+               kill_pid(tgid, SIGKILL, 1);
+               wait_event(tgid->wait_pidfd, thread_group_exited(tgid));
+               bpf_preload_umh_cleanup(&umd_ops.info);
+       }
        umd_unload_blob(&umd_ops.info);
 }
 late_initcall(load_umd);