mbox series

[bpf,v4,0/2] bpf, sockmap: fix potential memory leak

Message ID 20210712195546.423990-1-john.fastabend@gmail.com
Headers show
Series bpf, sockmap: fix potential memory leak | expand

Message

John Fastabend July 12, 2021, 7:55 p.m. UTC
While investigating a memleak in sockmap I found these two issues. Patch
1 found doing code review, I wasn't able to get KASAN to trigger a
memleak here, but should be necessary. Patch 2 fixes proc stats so when
we use sockstats for debugging we get correct values.

The fix for observered memleak will come after these, but requires some
more discussion and potentially patch revert so I'll try to get the set
here going now.

v4: fix both users of sk_psock_skb_ingress_enqueue and then fix the
    inuse idx by moving init hook later after tcp/udp init calls.
v3: move kfree into same function as kalloc

John Fastabend (2):
  bpf, sockmap: fix potential memory leak on unlikely error case
  bpf, sockmap: sk_prot needs inuse_idx set for proc stats

 net/core/skmsg.c    | 16 +++++++++++-----
 net/core/sock_map.c | 11 ++++++++++-
 2 files changed, 21 insertions(+), 6 deletions(-)

Comments

Jakub Sitnicki July 13, 2021, 7:47 a.m. UTC | #1
On Mon, Jul 12, 2021 at 09:55 PM CEST, John Fastabend wrote:
> While investigating a memleak in sockmap I found these two issues. Patch

> 1 found doing code review, I wasn't able to get KASAN to trigger a

> memleak here, but should be necessary. Patch 2 fixes proc stats so when

> we use sockstats for debugging we get correct values.

>

> The fix for observered memleak will come after these, but requires some

> more discussion and potentially patch revert so I'll try to get the set

> here going now.

>

> v4: fix both users of sk_psock_skb_ingress_enqueue and then fix the

>     inuse idx by moving init hook later after tcp/udp init calls.

> v3: move kfree into same function as kalloc

>

> John Fastabend (2):

>   bpf, sockmap: fix potential memory leak on unlikely error case

>   bpf, sockmap: sk_prot needs inuse_idx set for proc stats

>

>  net/core/skmsg.c    | 16 +++++++++++-----

>  net/core/sock_map.c | 11 ++++++++++-

>  2 files changed, 21 insertions(+), 6 deletions(-)


For the series:

Acked-by: Jakub Sitnicki <jakub@cloudflare.com>
Cong Wang July 14, 2021, 12:35 a.m. UTC | #2
On Mon, Jul 12, 2021 at 12:56 PM John Fastabend
<john.fastabend@gmail.com> wrote:
>

> If skb_linearize is needed and fails we could leak a msg on the error

> handling. To fix ensure we kfree the msg block before returning error.

> Found during code review.

>

> Fixes: 4363023d2668e ("bpf, sockmap: Avoid failures from skb_to_sgvec when skb has frag_list")

> Signed-off-by: John Fastabend <john.fastabend@gmail.com>


Reviewed-by: Cong Wang <cong.wang@bytedance.com>


Thanks for the update.
patchwork-bot+netdevbpf@kernel.org July 15, 2021, 6 p.m. UTC | #3
Hello:

This series was applied to bpf/bpf.git (refs/heads/master):

On Mon, 12 Jul 2021 12:55:44 -0700 you wrote:
> While investigating a memleak in sockmap I found these two issues. Patch

> 1 found doing code review, I wasn't able to get KASAN to trigger a

> memleak here, but should be necessary. Patch 2 fixes proc stats so when

> we use sockstats for debugging we get correct values.

> 

> The fix for observered memleak will come after these, but requires some

> more discussion and potentially patch revert so I'll try to get the set

> here going now.

> 

> [...]


Here is the summary with links:
  - [bpf,v4,1/2] bpf, sockmap: fix potential memory leak on unlikely error case
    https://git.kernel.org/bpf/bpf/c/7e6b27a69167
  - [bpf,v4,2/2] bpf, sockmap: sk_prot needs inuse_idx set for proc stats
    https://git.kernel.org/bpf/bpf/c/228a4a7ba8e9

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html