From fc7df53222e56fdce7dee002f1fb4c332de616af Mon Sep 17 00:00:00 2001 From: Dean Deng Date: Tue, 13 Oct 2020 00:12:28 -0700 Subject: Don't leak VDSO mappings. PiperOrigin-RevId: 336822021 --- pkg/sentry/kernel/kernel.go | 4 +++- pkg/sentry/loader/vdso.go | 6 ++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/pkg/sentry/kernel/kernel.go b/pkg/sentry/kernel/kernel.go index 16c427fc8..d635c9e73 100644 --- a/pkg/sentry/kernel/kernel.go +++ b/pkg/sentry/kernel/kernel.go @@ -1744,12 +1744,14 @@ func (k *Kernel) SocketMount() *vfs.Mount { // Precondition: This should only be called after the kernel is fully // initialized, e.g. after k.Start() has been called. func (k *Kernel) Release() { + ctx := k.SupervisorContext() if VFS2Enabled { - ctx := k.SupervisorContext() k.hostMount.DecRef(ctx) k.pipeMount.DecRef(ctx) k.shmMount.DecRef(ctx) k.socketMount.DecRef(ctx) k.vfs.Release(ctx) } + k.timekeeper.Destroy() + k.vdso.Release(ctx) } diff --git a/pkg/sentry/loader/vdso.go b/pkg/sentry/loader/vdso.go index 05a294fe6..241d87835 100644 --- a/pkg/sentry/loader/vdso.go +++ b/pkg/sentry/loader/vdso.go @@ -380,3 +380,9 @@ func loadVDSO(ctx context.Context, m *mm.MemoryManager, v *VDSO, bin loadedELF) return vdsoAddr, nil } + +// Release drops references on mappings held by v. +func (v *VDSO) Release(ctx context.Context) { + v.ParamPage.DecRef(ctx) + v.vdso.DecRef(ctx) +} -- cgit v1.2.3