aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/user.c
diff options
context:
space:
mode:
authorDhaval Giani <dhaval@linux.vnet.ibm.com>2009-03-10 15:55:56 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2009-03-10 18:55:11 -0400
commitbe50b8342dead8cacf57d4839240106b225d31f5 (patch)
treea5f40b583e4c008313b090426fa785d178348e76 /kernel/user.c
parentd58ab5cf09679d8cb4824e22cae900c0eab5ab31 (diff)
kernel/user.c: fix a memory leak when freeing up non-init usernamespaces users
We were returning early in the sysfs directory cleanup function if the user belonged to a non init usernamespace. Due to this a lot of the cleanup was not done and we were left with a leak. Fix the leak. Reported-by: Serge Hallyn <serue@linux.vnet.ibm.com> Signed-off-by: Dhaval Giani <dhaval@linux.vnet.ibm.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Tested-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel/user.c')
-rw-r--r--kernel/user.c14
1 files changed, 7 insertions, 7 deletions
diff --git a/kernel/user.c b/kernel/user.c
index 6a9b696128c..fbb300e6191 100644
--- a/kernel/user.c
+++ b/kernel/user.c
@@ -286,14 +286,12 @@ int __init uids_sysfs_init(void)
286/* work function to remove sysfs directory for a user and free up 286/* work function to remove sysfs directory for a user and free up
287 * corresponding structures. 287 * corresponding structures.
288 */ 288 */
289static void remove_user_sysfs_dir(struct work_struct *w) 289static void cleanup_user_struct(struct work_struct *w)
290{ 290{
291 struct user_struct *up = container_of(w, struct user_struct, work); 291 struct user_struct *up = container_of(w, struct user_struct, work);
292 unsigned long flags; 292 unsigned long flags;
293 int remove_user = 0; 293 int remove_user = 0;
294 294
295 if (up->user_ns != &init_user_ns)
296 return;
297 /* Make uid_hash_remove() + sysfs_remove_file() + kobject_del() 295 /* Make uid_hash_remove() + sysfs_remove_file() + kobject_del()
298 * atomic. 296 * atomic.
299 */ 297 */
@@ -312,9 +310,11 @@ static void remove_user_sysfs_dir(struct work_struct *w)
312 if (!remove_user) 310 if (!remove_user)
313 goto done; 311 goto done;
314 312
315 kobject_uevent(&up->kobj, KOBJ_REMOVE); 313 if (up->user_ns == &init_user_ns) {
316 kobject_del(&up->kobj); 314 kobject_uevent(&up->kobj, KOBJ_REMOVE);
317 kobject_put(&up->kobj); 315 kobject_del(&up->kobj);
316 kobject_put(&up->kobj);
317 }
318 318
319 sched_destroy_user(up); 319 sched_destroy_user(up);
320 key_put(up->uid_keyring); 320 key_put(up->uid_keyring);
@@ -335,7 +335,7 @@ static void free_user(struct user_struct *up, unsigned long flags)
335 atomic_inc(&up->__count); 335 atomic_inc(&up->__count);
336 spin_unlock_irqrestore(&uidhash_lock, flags); 336 spin_unlock_irqrestore(&uidhash_lock, flags);
337 337
338 INIT_WORK(&up->work, remove_user_sysfs_dir); 338 INIT_WORK(&up->work, cleanup_user_struct);
339 schedule_work(&up->work); 339 schedule_work(&up->work);
340} 340}
341 341