| Message ID | 9ad578fedcc2888319e4ec222d11f6fe51afd613.1549545195.git.pabeni@redhat.com |
|---|---|
| State | Accepted |
| Delegated to: | David Miller |
| Headers | show |
| Series | [net] vsock: cope with memory allocation failure at socket creation time | expand |
On Thu, Feb 07, 2019 at 02:13:18PM +0100, Paolo Abeni wrote: > In the unlikely event that the kmalloc call in vmci_transport_socket_init() > fails, we end-up calling vmci_transport_destruct() with a NULL vmci_trans() > and oopsing. > > This change addresses the above explicitly checking for zero vmci_trans() > at destruction time. > > Reported-by: Xiumei Mu <xmu@redhat.com> > Fixes: d021c344051a ("VSOCK: Introduce VM Sockets") > Signed-off-by: Paolo Abeni <pabeni@redhat.com> > --- > net/vmw_vsock/vmci_transport.c | 4 ++++ > 1 file changed, 4 insertions(+) Reviewed-by: Stefano Garzarella <sgarzare@redhat.com> Thanks, Stefano
> In the unlikely event that the kmalloc call in vmci_transport_socket_init() > fails, we end-up calling vmci_transport_destruct() with a NULL vmci_trans() > and oopsing. > > This change addresses the above explicitly checking for zero vmci_trans() at > destruction time. > > Reported-by: Xiumei Mu <xmu@redhat.com> > Fixes: d021c344051a ("VSOCK: Introduce VM Sockets") > Signed-off-by: Paolo Abeni <pabeni@redhat.com> > --- > net/vmw_vsock/vmci_transport.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/net/vmw_vsock/vmci_transport.c > b/net/vmw_vsock/vmci_transport.c index c361ce782412..c3d5ab01fba7 > 100644 > --- a/net/vmw_vsock/vmci_transport.c > +++ b/net/vmw_vsock/vmci_transport.c > @@ -1651,6 +1651,10 @@ static void vmci_transport_cleanup(struct > work_struct *work) > > static void vmci_transport_destruct(struct vsock_sock *vsk) { > + /* transport can be NULL if we hit a failure at init() time */ > + if (!vmci_trans(vsk)) > + return; > + > /* Ensure that the detach callback doesn't use the sk/vsk > * we are about to destruct. > */ > -- > 2.20.1 Reviewed-by: Jorgen Hansen <jhansen@vmware.com> Thanks for fixing this, Jorgen
From: Paolo Abeni <pabeni@redhat.com> Date: Thu, 7 Feb 2019 14:13:18 +0100 > In the unlikely event that the kmalloc call in vmci_transport_socket_init() > fails, we end-up calling vmci_transport_destruct() with a NULL vmci_trans() > and oopsing. > > This change addresses the above explicitly checking for zero vmci_trans() > at destruction time. > > Reported-by: Xiumei Mu <xmu@redhat.com> > Fixes: d021c344051a ("VSOCK: Introduce VM Sockets") > Signed-off-by: Paolo Abeni <pabeni@redhat.com> Applied and queued up for -stable, thanks.
diff --git a/net/vmw_vsock/vmci_transport.c b/net/vmw_vsock/vmci_transport.c index c361ce782412..c3d5ab01fba7 100644 --- a/net/vmw_vsock/vmci_transport.c +++ b/net/vmw_vsock/vmci_transport.c @@ -1651,6 +1651,10 @@ static void vmci_transport_cleanup(struct work_struct *work) static void vmci_transport_destruct(struct vsock_sock *vsk) { + /* transport can be NULL if we hit a failure at init() time */ + if (!vmci_trans(vsk)) + return; + /* Ensure that the detach callback doesn't use the sk/vsk * we are about to destruct. */
In the unlikely event that the kmalloc call in vmci_transport_socket_init() fails, we end-up calling vmci_transport_destruct() with a NULL vmci_trans() and oopsing. This change addresses the above explicitly checking for zero vmci_trans() at destruction time. Reported-by: Xiumei Mu <xmu@redhat.com> Fixes: d021c344051a ("VSOCK: Introduce VM Sockets") Signed-off-by: Paolo Abeni <pabeni@redhat.com> --- net/vmw_vsock/vmci_transport.c | 4 ++++ 1 file changed, 4 insertions(+)