Commit a1193de5 authored by Suren Baghdasaryan's avatar Suren Baghdasaryan Committed by Andrew Morton
Browse files

mm: fix vma->anon_name memory leak for anonymous shmem VMAs 

free_anon_vma_name() is missing a check for anonymous shmem VMA which
leads to a memory leak due to refcount not being dropped.  Fix this by
calling anon_vma_name_put() unconditionally.  It will free vma->anon_name
whenever it's non-NULL.

Link: https://lkml.kernel.org/r/20230105000241.1450843-1-surenb@google.com


Fixes: d09e8ca6 ("mm: anonymous shared memory naming")
Signed-off-by: default avatarSuren Baghdasaryan <surenb@google.com>
Suggested-by: default avatarDavid Hildenbrand <david@redhat.com>
Reviewed-by: default avatarDavid Hildenbrand <david@redhat.com>
Reported-by: default avatar <syzbot+91edf9178386a07d06a7@syzkaller.appspotmail.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Pasha Tatashin <pasha.tatashin@soleen.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
parent 3de0c269

include/linux/mm_inline.h

+1 −2
Original line number Diff line number Diff line
@@ -413,7 +413,6 @@ static inline void free_anon_vma_name(struct vm_area_struct *vma) 
	 * Not using anon_vma_name because it generates a warning if mmap_lock

	 * is not held, which might be the case here.

	 */

	if (!vma->vm_file)

	anon_vma_name_put(vma->anon_name);

}