From owner-svn-src-head@freebsd.org  Sun Feb 17 16:43:45 2019
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id A2D5414D220C;
 Sun, 17 Feb 2019 16:43:45 +0000 (UTC)
 (envelope-from markj@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4845B74DFB;
 Sun, 17 Feb 2019 16:43:45 +0000 (UTC)
 (envelope-from markj@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 38E1A21115;
 Sun, 17 Feb 2019 16:43:45 +0000 (UTC)
 (envelope-from markj@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x1HGhjx8042296;
 Sun, 17 Feb 2019 16:43:45 GMT (envelope-from markj@FreeBSD.org)
Received: (from markj@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x1HGhjlF042295;
 Sun, 17 Feb 2019 16:43:45 GMT (envelope-from markj@FreeBSD.org)
Message-Id: <201902171643.x1HGhjlF042295@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: markj set sender to
 markj@FreeBSD.org using -f
From: Mark Johnston <markj@FreeBSD.org>
Date: Sun, 17 Feb 2019 16:43:45 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r344232 - head/sys/amd64/sgx
X-SVN-Group: head
X-SVN-Commit-Author: markj
X-SVN-Commit-Paths: head/sys/amd64/sgx
X-SVN-Commit-Revision: 344232
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 4845B74DFB
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.94 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.998,0];
 NEURAL_HAM_SHORT(-0.94)[-0.942,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
 NEURAL_HAM_LONG(-1.00)[-0.999,0]
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Feb 2019 16:43:45 -0000

Author: markj
Date: Sun Feb 17 16:43:44 2019
New Revision: 344232
URL: https://svnweb.freebsd.org/changeset/base/344232

Log:
  Fix refcount leaks in the SGX Linux compat ioctl handler.
  
  Some argument validation error paths would return without releasing the
  file reference obtained at the beginning of the function.
  
  While here, fix some style bugs and remove trivial debug prints.
  
  Reviewed by:	kib
  MFC after:	1 week
  Sponsored by:	The FreeBSD Foundation
  Differential Revision:	https://reviews.freebsd.org/D19214

Modified:
  head/sys/amd64/sgx/sgx_linux.c

Modified: head/sys/amd64/sgx/sgx_linux.c
==============================================================================
--- head/sys/amd64/sgx/sgx_linux.c	Sun Feb 17 16:35:19 2019	(r344231)
+++ head/sys/amd64/sgx/sgx_linux.c	Sun Feb 17 16:43:44 2019	(r344232)
@@ -70,30 +70,26 @@ sgx_linux_ioctl(struct thread *td, struct linux_ioctl_
 	cmd = args->cmd;
 
 	args->cmd &= ~(LINUX_IOC_IN | LINUX_IOC_OUT);
-	if (cmd & LINUX_IOC_IN)
+	if ((cmd & LINUX_IOC_IN) != 0)
 		args->cmd |= IOC_IN;
-	if (cmd & LINUX_IOC_OUT)
+	if ((cmd & LINUX_IOC_OUT) != 0)
 		args->cmd |= IOC_OUT;
 
 	len = IOCPARM_LEN(cmd);
 	if (len > SGX_IOCTL_MAX_DATA_LEN) {
-		printf("%s: Can't copy data: cmd len is too big %d\n",
-		    __func__, len);
-		return (EINVAL);
+		error = EINVAL;
+		goto out;
 	}
 
-	if (cmd & LINUX_IOC_IN) {
+	if ((cmd & LINUX_IOC_IN) != 0) {
 		error = copyin((void *)args->arg, data, len);
-		if (error) {
-			printf("%s: Can't copy data, error %d\n",
-			    __func__, error);
-			return (EINVAL);
-		}
+		if (error != 0)
+			goto out;
 	}
 
-	error = (fo_ioctl(fp, args->cmd, (caddr_t)data, td->td_ucred, td));
+	error = fo_ioctl(fp, args->cmd, (caddr_t)data, td->td_ucred, td);
+out:
 	fdrop(fp, td);
-
 	return (error);
 }