This is a note to let you know that I've just added the patch titled
netlink: Fix potential skb memleak in netlink_ack
to the 6.1-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
netlink-fix-potential-skb-memleak-in-netlink_ack.patch
and it can be found in the queue-6.1 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
commit d5d1c6bac9529e2e1b91f9a603e2a0cffe6dca9b
Author: Tao Chen <chentao.kernel@xxxxxxxxxxxxxxxxx>
Date: Sat Nov 5 17:05:04 2022 +0800
netlink: Fix potential skb memleak in netlink_ack
[ Upstream commit e69761483361f3df455bc493c99af0ef1744a14f ]
Fix coverity issue 'Resource leak'.
We should clean the skb resource if nlmsg_put/append failed.
Fixes: 738136a0e375 ("netlink: split up copies in the ack construction")
Signed-off-by: Tao Chen <chentao.kernel@xxxxxxxxxxxxxxxxx>
Link: https://lore.kernel.org/r/bff442d62c87de6299817fe1897cc5a5694ba9cc.1667638204.git.chentao.kernel@xxxxxxxxxxxxxxxxx
Signed-off-by: Jakub Kicinski <kuba@xxxxxxxxxx>
Stable-dep-of: d0f95894fda7 ("netlink: annotate data-races around sk->sk_err")
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 4ddb2ed7706ad..845ac56a3ac2e 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -2444,7 +2444,7 @@ void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err,
skb = nlmsg_new(payload + tlvlen, GFP_KERNEL);
if (!skb)
- goto err_bad_put;
+ goto err_skb;
rep = nlmsg_put(skb, NETLINK_CB(in_skb).portid, nlh->nlmsg_seq,
NLMSG_ERROR, sizeof(*errmsg), flags);
@@ -2472,6 +2472,8 @@ void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err,
return;
err_bad_put:
+ nlmsg_free(skb);
+err_skb:
NETLINK_CB(in_skb).sk->sk_err = ENOBUFS;
sk_error_report(NETLINK_CB(in_skb).sk);
}
