Patch "fs: dlm: fix configfs memory leak" has been added to the 5.8-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Mon, 26 Oct 2020 01:33:58 -0400

This is a note to let you know that I've just added the patch titled

    fs: dlm: fix configfs memory leak

to the 5.8-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     fs-dlm-fix-configfs-memory-leak.patch
and it can be found in the queue-5.8 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 98f50ddbb82f62bade4abef9ddd1846287937739
Author: Alexander Aring <aahringo@xxxxxxxxxx>
Date:   Thu Aug 27 15:02:51 2020 -0400

    fs: dlm: fix configfs memory leak
    
    [ Upstream commit 3d2825c8c6105b0f36f3ff72760799fa2e71420e ]
    
    This patch fixes the following memory detected by kmemleak and umount
    gfs2 filesystem which removed the last lockspace:
    
    unreferenced object 0xffff9264f482f600 (size 192):
      comm "dlm_controld", pid 325, jiffies 4294690276 (age 48.136s)
      hex dump (first 32 bytes):
        00 00 00 00 00 00 00 00 6e 6f 64 65 73 00 00 00  ........nodes...
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      backtrace:
        [<00000000060481d7>] make_space+0x41/0x130
        [<000000008d905d46>] configfs_mkdir+0x1a2/0x5f0
        [<00000000729502cf>] vfs_mkdir+0x155/0x210
        [<000000000369bcf1>] do_mkdirat+0x6d/0x110
        [<00000000cc478a33>] do_syscall_64+0x33/0x40
        [<00000000ce9ccf01>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
    
    The patch just remembers the "nodes" entry pointer in space as I think
    it's created as subdirectory when parent "spaces" is created. In
    function drop_space() we will lost the pointer reference to nds because
    configfs_remove_default_groups(). However as this subdirectory is always
    available when "spaces" exists it will just be freed when "spaces" will be
    freed.
    
    Signed-off-by: Alexander Aring <aahringo@xxxxxxxxxx>
    Signed-off-by: David Teigland <teigland@xxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/fs/dlm/config.c b/fs/dlm/config.c
index 3b21082e1b550..3b1012a3c4396 100644
--- a/fs/dlm/config.c
+++ b/fs/dlm/config.c
@@ -216,6 +216,7 @@ struct dlm_space {
 	struct list_head members;
 	struct mutex members_lock;
 	int members_count;
+	struct dlm_nodes *nds;
 };
 
 struct dlm_comms {
@@ -424,6 +425,7 @@ static struct config_group *make_space(struct config_group *g, const char *name)
 	INIT_LIST_HEAD(&sp->members);
 	mutex_init(&sp->members_lock);
 	sp->members_count = 0;
+	sp->nds = nds;
 	return &sp->group;
 
  fail:
@@ -445,6 +447,7 @@ static void drop_space(struct config_group *g, struct config_item *i)
 static void release_space(struct config_item *i)
 {
 	struct dlm_space *sp = config_item_to_space(i);
+	kfree(sp->nds);
 	kfree(sp);
 }
 






