Re: [PATCH] xfrm: fix memory leak in xfrm_add_policy()

Next message: Guangshuo Li: "[PATCH v3] clk: starfive: jh7110: fix memory leak in jh7110_reset_controller_register() error path"
Previous message: Breno Leitao: "[PATCH v2] workqueue: validate cpumask_first() result in llc_populate_cpu_shard_id()"
In reply to: Deepanshu Kartikey: "Re: [PATCH] xfrm: fix memory leak in xfrm_add_policy()"
Next in thread: Deepanshu Kartikey: "Re: [PATCH] xfrm: fix memory leak in xfrm_add_policy()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sabrina Dubroca

Date: Mon Apr 13 2026 - 10:36:58 EST

2026-04-13, 19:58:53 +0530, Deepanshu Kartikey wrote:
> On Mon, Apr 13, 2026 at 7:03 PM Sabrina Dubroca <sd@xxxxxxxxxxxxxxx> wrote:
> >
>
> > What is missing in the current code? "we have a better way to do this"
> > is not a bugfix, it's a clean up. The kmemleak report says that we're
> > leaking the xfrm_policy struct on this codepath, which doesn't make
> > sense, that's covered by the existing kfree(xp).
> >
> > Also, please use "PATCH ipsec" for fixes to net/xfrm and the rest of
> > the IPsec implementation.
> >
> > --
> > Sabrina
>
> Hi Sabrina,
>
> Thanks for the review!
>
> You are right, the existing kfree(xp) already covers the struct
> itself, so my commit message was incorrect in claiming a memory
> leak fix. I will resend this as a cleanup patch to replace the
> open-coded manual cleanup with xfrm_policy_destroy(), which is
> more consistent with xfrm_policy_construct() error handling.

Ok. Then you should wait 2 weeks until the merge window is over:
https://lore.kernel.org/netdev/20260412142250.131bf997@xxxxxxxxxx/

and use "[PATCH ipsec-next]" as prefix for the cleanup patch (+ drop
the syzbot references).

> I am also separately investigating the root cause of the actual
> kmemleak report and will send a proper fix once identified.

Ok, thanks.

--
Sabrina