Re: [PATCH] Audit of POSIX Message Queue Syscalls v.2
Hi George,
> memory leak from above allocation.
These do not appear to be leaks. They always get freed in
do_syscall_trace_leave(), both when the syscalls return -EFAULT and
when audit is disabled. I verified this with printk's. With the
check for audit enabled, they no longer get allocated needlessly.
Unless a syscall can bypass do_syscall_trace_leave(), these look
like they don't leak.
I think you do have some memory leaks. For example:
+int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user
*u_attr)
+{
+ struct audit_aux_data_mq_open *ax;
+ struct audit_context *context = current->audit_context;
+
+ if (!audit_enabled)
+ return 0;
+
+ if (likely(!context))
+ return 0;
+
+ ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
+ if (!ax)
+ return -ENOMEM;
+
+ if (u_attr != NULL) {
+ if (copy_from_user(&ax->attr, u_attr, sizeof(ax->attr)))
+ return -EFAULT;
If this return is taken, the memory allocated above will not be freed
at syscall exit time because the assignment of context->aux was not
made. ax needs to be freed before returning from the error paths.
+ } else
+ memset(&ax->attr, 0, sizeof(ax->attr));
+
+ ax->oflag = oflag;
+ ax->mode = mode;
+
+ ax->d.type = AUDIT_MQ_OPEN;
+ ax->d.next = context->aux;
+ context->aux = (void *)ax;
+ return 0;
+}
There are similar cases in other functions.
-- ljk