On 2020/6/20 20:05, Markus Elfring wrote:

quoted

If we add first socket to nbd, config->socks is malloced but
num_connections does not update(nsock's allocation fail), the memory
is leaked. Cause in later nbd_config_put(), will only free config->socks
when num_connections is not 0.

Let nsock's allocation first to avoid this.

I suggest to improve this change description.
Can an other wording variant be nicer?

em, how about this?


When adding first socket to nbd, if nsock's allocation fails, config->socks

is malloced but num_connections does not update, memory leak will 
occur(Function

nbd_config_put will only free config->socks when num_connections is not 0).

…

quoted

+++ b/drivers/block/nbd.c

@@ -1037,21 +1037,22 @@  static int nbd_add_socket(struct nbd_device *nbd, unsigned long arg,
  		return -EBUSY;
  	}

+	nsock = kzalloc(sizeof(struct nbd_sock), GFP_KERNEL);

Please use the following code variant.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/coding-style.rst?id=4333a9b0b67bb4e8bcd91bdd80da80b0ec151162#n854

+	nsock = kzalloc(sizeof(*nsock), GFP_KERNEL);


…

quoted

  	if (!socks) {
  		sockfd_put(sock);
+		kfree(nsock);
  		return -ENOMEM;
  	}

Please take another software design possibility into account.

  	if (!socks) {
-		sockfd_put(sock);
-		return -ENOMEM;
+		kfree(nsock);
+		goto put_socket;
  	}


Regards,
Markus

.