Re: [PATCH] usermodehelper: Fix -ENOMEM return logic

Mon, 25 Feb 2013 08:08:28 -0800 

On 02/25, Lucas De Marchi wrote:
>
> Callers of call_usermodehelper_fns() should check the return value and
> free themselves the data passed if the return is -ENOMEM. This is
> because the subprocess_info is allocated in this function, and if the
> allocation fail, the cleanup function cannot be called.

Yes, this is confusing.

> However call_usermodehelper_exec() may also return -ENOMEM,

Yes, and we can't distinguish this case from info == NULL case,

> in which
> case the cleanup function is called. This means that if the caller
> checked the return code, it was risking running the cleanup twice (like
> kernel/sys.c:orderly_poweroff()) and if not, a leak could happen.

In short: every user of call_usermodehelper_fns(cleanup != NULL)
is buggy. Thanks.

But I am not sure I agree with the patch...

>  static void call_usermodehelper_freeinfo(struct subprocess_info *info)
>  {
> -     if (info->cleanup)
> +     if (info->cleanup && info->retval != -ENOMEM)
>               (*info->cleanup)(info);
>       kfree(info);
>  }

This doesn't look very clean/robust. And in general, personally I
dislike the fact that ENOMEM has the special meaning. IOW, I think
we should cleanup this logic, not to complicate it more.

And in fact I do not think this is right, at least in UMH_NO_WAIT
case, shouldn't avoid ->cleanup() if, say, prepare_kernel_cred()
fails in ____call_usermodehelper()...


I think we should extract call_usermodehelper_setup() +
call_usermodehelper_setfns() into the new helper and export it.
And export call_usermodehelper_exec() as well.

call_usermodehelper_setfns() as a separate function makes no sense.

Then we can fix call_modprobe/orderly_poweroff, something like below.

What do you think?

Oleg.

--- x/kernel/kmod.c
+++ x/kernel/kmod.c
@@ -98,8 +98,14 @@ static int call_modprobe(char *module_na
        argv[3] = module_name;  /* check free_modprobe_argv() */
        argv[4] = NULL;
 
-       return call_usermodehelper_fns(modprobe_path, argv, envp,
-               wait | UMH_KILLABLE, NULL, free_modprobe_argv, NULL);
+       info = call_usermodehelper_setup(...); // better name, please...
+       if (!info)
+               goto free_modname;
+
+       return call_usermodehelper_exec(info, wait);
+
+free_modname:
+       kfree(module_name);
 free_argv:
        kfree(argv);
 out:

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to