When we recheck the data after checksum failure, and the recheck is
successful, we would leak the "checksums" pointer.
Signed-off-by: Mikulas Patocka <mpatocka@xxxxxxxxxx>
Fixes: c88f5e553fe3 ("dm-integrity: recheck the integrity tag after a failure")
Cc: stable@xxxxxxxxxxxxxxx
---
drivers/md/dm-integrity.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
Index: linux-2.6/drivers/md/dm-integrity.c
===================================================================
--- linux-2.6.orig/drivers/md/dm-integrity.c 2024-03-11 12:53:59.000000000 +0100
+++ linux-2.6/drivers/md/dm-integrity.c 2024-03-18 17:40:57.000000000 +0100
@@ -1848,12 +1848,12 @@ again:
r = dm_integrity_rw_tag(ic, checksums, &dio->metadata_block, &dio->metadata_offset,
checksums_ptr - checksums, dio->op == REQ_OP_READ ? TAG_CMP : TAG_WRITE);
if (unlikely(r)) {
+ if (likely(checksums != checksums_onstack))
+ kfree(checksums);
if (r > 0) {
- integrity_recheck(dio, checksums);
+ integrity_recheck(dio, checksums_onstack);
goto skip_io;
}
- if (likely(checksums != checksums_onstack))
- kfree(checksums);
goto error;
}
