net/handshake: Fix memory leak in tls_handshake_accept()

[ Upstream commit 3072f00bba764082fa41b3c3a2a7b013335353d2 ]

In tls_handshake_accept(), a netlink message is allocated using
genlmsg_new(). In the error handling path, genlmsg_cancel() is called
to cancel the message construction, but the message itself is not freed.
This leads to a memory leak.

Fix this by calling nlmsg_free() in the error path after genlmsg_cancel()
to release the allocated memory.

Fixes: 2fd5532044a89 ("net/handshake: Add a kernel API for requesting a TLSv1.3 handshake")
Signed-off-by: Zilin Guan <zilin@seu.edu.cn>
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Link: https://patch.msgid.link/20251106144511.3859535-1-zilin@seu.edu.cn
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/handshake/tlshd.c b/net/handshake/tlshd.c
index d6f52839827eac3b897713b1fc9e1dbf5f483da7..822507b87447c0c7f8631f715d671a3bd58c9ad7 100644 (file)
--- a/net/handshake/tlshd.c
+++ b/net/handshake/tlshd.c
@@ -253,6 +253,7 @@ static int tls_handshake_accept(struct handshake_req *req,
 
 out_cancel:
        genlmsg_cancel(msg, hdr);
+       nlmsg_free(msg);
 out:
        return ret;
 }