kernel/auditfilter.c: tree and watch will memory leak when failure occurs

In audit_data_to_entry() when a failure occurs we must check and free
the tree and watch to avoid a memory leak.

  test:
    plan:
      test command:
        "auditctl -a exit,always -w /etc -F auid=-1"
        (on fedora17, need modify auditctl to let "-w /etc" has effect)
      running:
        under fedora17 x86_64, 2 CPUs 3.20GHz, 2.5GB RAM.
        let 15 auditctl processes continue running at the same time.
      monitor command:
        watch -d -n 1 "cat /proc/meminfo | awk '{print \$2}' \
          | head -n 4 | xargs \
          | awk '{print \"used \",\$1 - \$2 - \$3 - \$4}'"

    result:
      for original version:
        will use up all memory, within 3 hours.
        kill all auditctl, the memory still does not free.
      for new version (apply this patch):
        after 14 hours later, not find issues.

Signed-off-by: Chen Gang <gang.chen@asianux.com>
Cc: Eric Paris <eparis@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index f9fc54bbe06faa3e845e19871d15ace3e6c5e1b3..267436826c3bc179678a57de72cf08220fa8faca 100644 (file)
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -594,6 +594,10 @@ exit_nofree:
        return entry;
 
 exit_free:
+       if (entry->rule.watch)
+               audit_put_watch(entry->rule.watch); /* matches initial get */
+       if (entry->rule.tree)
+               audit_put_tree(entry->rule.tree); /* that's the temporary one */
        audit_free_rule(entry);
        return ERR_PTR(err);
 }