Re: [PATCH -mm 5/5][AIO] - Add listio syscall support

From: Andrew Morton
Date: Wed Jan 24 2007 - 00:53:44 EST

Next message: Aubrey Li: "Re: [RPC][PATCH 2.6.20-rc5] limit total vfs page cache"
Previous message: Manuel Lauss: "Re: [PATCH] MMC: au1xmmc R6 response support"
Next in thread: Sébastien Dugué: "Re: [PATCH -mm 5/5][AIO] - Add listio syscall support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 17 Jan 2007 10:55:54 +0100
Sébastien Dugué <sebastien.dugue@xxxxxxxx> wrote:

> +asmlinkage long
> +compat_sys_lio_submit(aio_context_t ctx_id, int mode, int nr, u32 __user *iocb,
> + struct compat_sigevent __user *sig_user)
> +{
> + struct kioctx *ctx;
> + struct lio_event *lio = NULL;
> + struct sigevent __user *event = NULL;
> + long ret = 0;
> +
> + if (unlikely(nr < 0))
> + return -EINVAL;
> +
> + if (unlikely(!access_ok(VERIFY_READ, iocb, (nr * sizeof(u32)))))
> + return -EFAULT;
> +
> + ctx = lookup_ioctx(ctx_id);
> + if (unlikely(!ctx))
> + return -EINVAL;
> +
> + if (sig_user) {
> + struct sigevent kevent;
> + event = compat_alloc_user_space(sizeof(struct sigevent));
> + if (get_compat_sigevent(&kevent, sig_user) ||
> + copy_to_user(event, &kevent, sizeof(struct sigevent)))
> + return -EFAULT;

I think we just leaked a ref against the ioctx.

That's two. Please re-review the whole patchset for leaks like this.

Please also do not do returns from the middle of functions like this. It's just
asking for resource leaks, either now or in the future.

> + }
> +
> + lio = lio_create(event, mode);
> +
> + ret = PTR_ERR(lio);
> + if (IS_ERR(lio))
> + goto out_put_ctx;
> +
> + ret = compat_io_submit_group(ctx, nr, iocb, lio);
> +
> + /* If we failed to submit even one request just return */
> + if (ret < 0) {
> + if (lio)
> + kfree(lio);
> + goto out_put_ctx;
> + }
> +
> + /*
> + * Drop extra ref on the lio now that we're done submitting requests.
> + */
> + if (lio)
> + lio_check(lio);
> +
> +
> + if (mode == LIO_WAIT) {
> + wait_event(ctx->wait, atomic_read(&lio->lio_users) == 0);
> + kfree(lio);
> + }
> +out_put_ctx:
> put_ioctx(ctx);
> - return i ? i: ret;
> + return ret;
> }
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Aubrey Li: "Re: [RPC][PATCH 2.6.20-rc5] limit total vfs page cache"
Previous message: Manuel Lauss: "Re: [PATCH] MMC: au1xmmc R6 response support"
Next in thread: Sébastien Dugué: "Re: [PATCH -mm 5/5][AIO] - Add listio syscall support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]