Commit 7f31cced authored Jan 09, 2023 by Liam Howlett Committed by Andrew Morton Jan 11, 2023

nommu: fix memory leak in do_mmap() error path

The preallocation of the maple tree nodes may leak if the error path to
"error_just_free" is taken.  Fix this by moving the freeing of the maple
tree nodes to a shared location for all error paths.

Link: https://lkml.kernel.org/r/20230109205507.955577-1-Liam.Howlett@oracle.com


Fixes: 8220543d ("nommu: remove uses of VMA linked list")
Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Yu Zhao <yuzhao@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

parent bf61acbe

mm/nommu.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1240,6 +1240,7 @@ unsigned long do_mmap(struct file *file,
		error_just_free:
		up_write(&nommu_region_sem);
		error:
		mas_destroy(&mas);
		if (region->vm_file)
		fput(region->vm_file);
		kmem_cache_free(vm_region_jar, region);
		@@ -1250,7 +1251,6 @@ unsigned long do_mmap(struct file *file,

		sharing_violation:
		up_write(&nommu_region_sem);
		mas_destroy(&mas);
		pr_warn("Attempt to share mismatched mappings\n");
		ret = -EINVAL;
		goto error;