From patchwork Tue Oct 8 05:35:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Maciej_=C5=BBenczykowski?= X-Patchwork-Id: 1173103 Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="b8+d0Mjj"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 46nR071bYzz9s7T for ; Tue, 8 Oct 2019 16:35:51 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729836AbfJHFfp (ORCPT ); Tue, 8 Oct 2019 01:35:45 -0400 Received: from mail-pg1-f193.google.com ([209.85.215.193]:44614 "EHLO mail-pg1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729440AbfJHFfp (ORCPT ); Tue, 8 Oct 2019 01:35:45 -0400 Received: by mail-pg1-f193.google.com with SMTP id u12so1296421pgb.11 for ; Mon, 07 Oct 2019 22:35:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=c+MlKA1m2tTZYnAFJCNrRzRYdNxkzCxs74AclVlGkzU=; b=b8+d0MjjwG+t4bUE2/q8+1v+mm99xqMe7LKLJ1vY8V8rYXtGH72miS7ndoFFeD1p1o XyDEjLSY/r0/vtDkxUnyieqSqntHMExRzoPaROtdgcEbUMKsSWtmpe9aLWY/cWs5ydEt u1r1NgkQ4RnuKT5DITsXQijdE+EVemcOEKHkU+uoqtEOxikSJgXCnDSMtY6RLLA/MjNN 0PB4oTEYUe2/xDGliZWMAlvNtjRrqw7uc8GiAGsmvoFM4TIKEeLSkxojk9TVe63rb6od 6tigkc9Ieac3ElzA40IE1aE+g9VfNF+kXr97lQEi22PQmgAEreCmWASPsGrIsXay8ujC sVBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=c+MlKA1m2tTZYnAFJCNrRzRYdNxkzCxs74AclVlGkzU=; b=gG7MtB+8DM9uv73yjyf+vFeXbjHwKpIpfmy9E7Hmgw5I0HsZvOsCj57p1c9U9fTSs+ pA04mggAvJEi1IhuFCE7Kz/bKOqmbFX8DYs1+P0OLRVRtqyqX9RFPvNz+Y4DyVogHIu5 uF+nJZJxEUMhi4ih8ZwPJIwUNXXJ4IH6UxrZzXpNow2gBhiPPVAyhsPN2SBtFyF0ja27 X+F2FM9LugdJoty6j8GAYTBuLD+MN1kl9buoKML4ciEnkdVRzBmKiTZNdhu5NHnneu3O 24cEeK2/OrEjDPVx9F2zP4n5VUBDuU6GtClMQtQbuLkF7waIX2Y2Vx0FOttCh0ogqH69 j6kQ== X-Gm-Message-State: APjAAAUSyO91GVD9hS7dotOFPosjMHFIxY0OQtUq3+MBBp0Rva/NAXAv w3s6Kdqqe+jdNoUNSmx+Ucg= X-Google-Smtp-Source: APXvYqykjhGkvNP9b6wFy6KiGhmTKhciRJkB5zQJEOfARUYma3T/t3pKNMz+BAkXkP3q3aOzuzmk6w== X-Received: by 2002:a63:f852:: with SMTP id v18mr447750pgj.198.1570512944627; Mon, 07 Oct 2019 22:35:44 -0700 (PDT) Received: from athina.mtv.corp.google.com ([2620:15c:211:0:c786:d9fd:ab91:6283]) by smtp.gmail.com with ESMTPSA id e9sm13806806pgs.86.2019.10.07.22.35.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 07 Oct 2019 22:35:43 -0700 (PDT) From: =?utf-8?q?Maciej_=C5=BBenczykowski?= To: =?utf-8?q?Maciej_=C5=BBenczykowski?= , "David S . Miller" Cc: netdev@vger.kernel.org, Cong Wang , Eric Dumazet , Pablo Neira Ayuso Subject: [PATCH 1/2] netfilter: fix a memory leak in nf_conntrack_in Date: Mon, 7 Oct 2019 22:35:06 -0700 Message-Id: <20191008053507.252202-1-zenczykowski@gmail.com> X-Mailer: git-send-email 2.23.0.581.g78d2f28ef7-goog MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Maciej Żenczykowski Cc: Cong Wang Cc: Eric Dumazet Cc: Pablo Neira Ayuso Signed-off-by: Maciej Żenczykowski --- net/netfilter/nf_conntrack_core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index 0c63120b2db2..35459d04a050 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c @@ -1679,7 +1679,8 @@ nf_conntrack_in(struct sk_buff *skb, const struct nf_hook_state *state) if ((tmpl && !nf_ct_is_template(tmpl)) || ctinfo == IP_CT_UNTRACKED) { NF_CT_STAT_INC_ATOMIC(state->net, ignore); - return NF_ACCEPT; + ret = NF_ACCEPT; + goto out; } skb->_nfct = 0; } From patchwork Tue Oct 8 05:35:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Maciej_=C5=BBenczykowski?= X-Patchwork-Id: 1173104 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="t9vOsUlG"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 46nR076nmgz9sNF for ; Tue, 8 Oct 2019 16:35:51 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729854AbfJHFfr (ORCPT ); Tue, 8 Oct 2019 01:35:47 -0400 Received: from mail-pf1-f196.google.com ([209.85.210.196]:43037 "EHLO mail-pf1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729440AbfJHFfr (ORCPT ); Tue, 8 Oct 2019 01:35:47 -0400 Received: by mail-pf1-f196.google.com with SMTP id a2so10119193pfo.10 for ; Mon, 07 Oct 2019 22:35:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=6ykroU922u8YwCK1ILzYKVRvy0yOrLZY+XxHnLXIbfI=; b=t9vOsUlGNjUjiKVf4cHrS0oXSs5RTOQwtGelXeIQSx32pkZ1G9QZhhYiOMKCuwXUZM JqwQneAAzWxLgX6wNSk757jBnceCQDOMMvcyCJg+IM8/chLeGIT3aYWnGKafgMm9FOEm UYVzYg6RL6NQq4aQvP33a1LBxkDizkWbCKQpAJGjeS0MSId7ouRzEC657bSj6XIwJ9Dh na+30hBIw2joDXxA0sIqacJX4pGNm5Ww10obTJeq/3bPKoP0/1Zyi5iI+DmJ1fLfd6QW 953neOC/nrlCYVALUq0Qvh9lkQevftM7OiGyKu++UzSJMN9UsMqB4agz40vtN6FHS8Wz vGUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=6ykroU922u8YwCK1ILzYKVRvy0yOrLZY+XxHnLXIbfI=; b=DFYll8XctFiOO4Oi1H3AVIJH0kLlCUBVj/z8vPwZ1TUIKhzdG4F15LDyvHzn7F9w3H eKCBn5rRLCzfB7JCFXSGftifWQ6cUa7p/BypxDMp1gnE00nSA8JRNTOLH/OOb3K87aRN ZLvv+ilT60GxKhqucthFJI9W/SQLqIhzZJy8z7wcX5A0XrzDheOiwXXMSek2J+Yt9Chy Hxf07Jnrful8ijTkF3TCiGlYe/UZV/VZyyEOpF9coKBrDp2rO78gKXRZy2RjUspQXkpy 3CojXj0AjHGrk3umWbnipTp6qotTuXGuEOvLIpSrvqBzERL7OdXKH8YIbwTb8iEJlppy Qlvg== X-Gm-Message-State: APjAAAWnWIxhHpo1Kp1oOtIoCUYf2elz1tGR+XjhWp5z8aMhuWqvqAxO zHGaumTZBJOH2ARsExVxocQ= X-Google-Smtp-Source: APXvYqyA3u1j/qJ3UZwpPI4OCtudG8EAmkLVu3cRCZ+g1zwhjntTdEX3WIArlsi27Vokv6XUKU061g== X-Received: by 2002:a63:5552:: with SMTP id f18mr24522196pgm.437.1570512946556; Mon, 07 Oct 2019 22:35:46 -0700 (PDT) Received: from athina.mtv.corp.google.com ([2620:15c:211:0:c786:d9fd:ab91:6283]) by smtp.gmail.com with ESMTPSA id e9sm13806806pgs.86.2019.10.07.22.35.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 07 Oct 2019 22:35:45 -0700 (PDT) From: =?utf-8?q?Maciej_=C5=BBenczykowski?= To: =?utf-8?q?Maciej_=C5=BBenczykowski?= , "David S . Miller" Cc: netdev@vger.kernel.org, Cong Wang , Eric Dumazet , Pablo Neira Ayuso Subject: [PATCH 2/2] netfilter: revert "conntrack: silent a memory leak warning" Date: Mon, 7 Oct 2019 22:35:07 -0700 Message-Id: <20191008053507.252202-2-zenczykowski@gmail.com> X-Mailer: git-send-email 2.23.0.581.g78d2f28ef7-goog In-Reply-To: <20191008053507.252202-1-zenczykowski@gmail.com> References: <20191008053507.252202-1-zenczykowski@gmail.com> MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Maciej Żenczykowski This reverts commit 114aa35d06d4920c537b72f9fa935de5dd205260. By my understanding of kmemleak the reasoning for this patch is incorrect. If kmemleak couldn't handle rcu we'd have it reporting leaks all over the place. My belief is that this was instead papering over a real leak. Cc: Cong Wang Cc: Eric Dumazet Cc: Pablo Neira Ayuso Signed-off-by: Maciej Żenczykowski --- net/netfilter/nf_conntrack_extend.c | 1 - 1 file changed, 1 deletion(-) diff --git a/net/netfilter/nf_conntrack_extend.c b/net/netfilter/nf_conntrack_extend.c index d4ed1e197921..fb208877338a 100644 --- a/net/netfilter/nf_conntrack_extend.c +++ b/net/netfilter/nf_conntrack_extend.c @@ -68,7 +68,6 @@ void *nf_ct_ext_add(struct nf_conn *ct, enum nf_ct_ext_id id, gfp_t gfp) rcu_read_unlock(); alloc = max(newlen, NF_CT_EXT_PREALLOC); - kmemleak_not_leak(old); new = __krealloc(old, alloc, gfp); if (!new) return NULL;