| From 6e88e672b69f0e627acdae74a527b730ea224b6b Mon Sep 17 00:00:00 2001 |
| From: Daniel Jurgens <danielj@mellanox.com> |
| Date: Sat, 2 Feb 2019 11:09:43 +0200 |
| Subject: IB/core: Fix potential memory leak while creating MAD agents |
| |
| From: Daniel Jurgens <danielj@mellanox.com> |
| |
| commit 6e88e672b69f0e627acdae74a527b730ea224b6b upstream. |
| |
| If the MAD agents isn't allowed to manage the subnet, or fails to register |
| for the LSM notifier, the security context is leaked. Free the context in |
| these cases. |
| |
| Fixes: 47a2b338fe63 ("IB/core: Enforce security on management datagrams") |
| Signed-off-by: Daniel Jurgens <danielj@mellanox.com> |
| Reviewed-by: Parav Pandit <parav@mellanox.com> |
| Reported-by: Parav Pandit <parav@mellanox.com> |
| Signed-off-by: Leon Romanovsky <leonro@mellanox.com> |
| Signed-off-by: Jason Gunthorpe <jgg@mellanox.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| |
| --- |
| drivers/infiniband/core/security.c | 8 ++++++-- |
| 1 file changed, 6 insertions(+), 2 deletions(-) |
| |
| --- a/drivers/infiniband/core/security.c |
| +++ b/drivers/infiniband/core/security.c |
| @@ -710,16 +710,20 @@ int ib_mad_agent_security_setup(struct i |
| dev_name(&agent->device->dev), |
| agent->port_num); |
| if (ret) |
| - return ret; |
| + goto free_security; |
| |
| agent->lsm_nb.notifier_call = ib_mad_agent_security_change; |
| ret = register_lsm_notifier(&agent->lsm_nb); |
| if (ret) |
| - return ret; |
| + goto free_security; |
| |
| agent->smp_allowed = true; |
| agent->lsm_nb_reg = true; |
| return 0; |
| + |
| +free_security: |
| + security_ib_free_security(agent->security); |
| + return ret; |
| } |
| |
| void ib_mad_agent_security_cleanup(struct ib_mad_agent *agent) |