[Devel] [PATCH RHEL7 COMMIT] Fix a leak in socket(2) when we fail to allocate a file descriptor.
Vasily Averin
vvs at virtuozzo.com
Thu Sep 2 20:18:39 MSK 2021
The commit is pushed to "branch-rh7-3.10.0-1160.41.1.vz7.183.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-1160.41.1.vz7.183.1
------>
commit ac48402fff1222d8c1c033f15c6562b7633fad72
Author: Al Viro <viro at zeniv.linux.org.uk>
Date: Thu Sep 2 20:18:39 2021 +0300
Fix a leak in socket(2) when we fail to allocate a file descriptor.
Got broken by "make sock_alloc_file() do sock_release() on failures" -
cleanup after sock_map_fd() failure got pulled all the way into
sock_alloc_file(), but it used to serve the case when sock_map_fd()
failed *before* getting to sock_alloc_file() as well, and that got
lost. Trivial to fix, fortunately.
Fixes: 8e1611e23579 (make sock_alloc_file() do sock_release() on failures)
Reported-by: Dmitry Vyukov <dvyukov at google.com>
Signed-off-by: Al Viro <viro at zeniv.linux.org.uk>
We see that lldpad eats all kernel memory on the node with those leaked
sockets constantly looping on SyS_socket with EMFILE error.
https://jira.sw.ru/browse/PSBM-133610
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
net/socket.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/socket.c b/net/socket.c
index e720aa8..bcf98c0 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -403,8 +403,10 @@ static int sock_map_fd(struct socket *sock, int flags)
{
struct file *newfile;
int fd = get_unused_fd_flags(flags);
- if (unlikely(fd < 0))
+ if (unlikely(fd < 0)) {
+ sock_release(sock);
return fd;
+ }
newfile = sock_alloc_file(sock, flags, NULL);
if (likely(!IS_ERR(newfile))) {
More information about the Devel
mailing list