| Message ID | 20191122224117.2372-1-navid.emamdoost@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | mm/gup: Fix memory leaks in __gup_benchmark_ioctl | expand |
On 22.11.19 23:41, Navid Emamdoost wrote: > In the implementation of __gup_benchmark_ioctl() memory is leaked if the > passed cmd is invalid. Release pages before returning -1. > > Fixes: 714a3a1ebafe ("mm/gup_benchmark.c: add additional pinning methods") > Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com> > --- > mm/gup_benchmark.c | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/mm/gup_benchmark.c b/mm/gup_benchmark.c > index 7dd602d7f8db..33ede5727523 100644 > --- a/mm/gup_benchmark.c > +++ b/mm/gup_benchmark.c > @@ -23,7 +23,7 @@ static int __gup_benchmark_ioctl(unsigned int cmd, > struct gup_benchmark *gup) > { > ktime_t start_time, end_time; > - unsigned long i, nr_pages, addr, next; > + unsigned long i, j, nr_pages, addr, next; > int nr; > struct page **pages; > > @@ -63,6 +63,12 @@ static int __gup_benchmark_ioctl(unsigned int cmd, > NULL); > break; > default: > + for (j = 0; j < i; j++) { > + if (!pages[j]) > + break; > + put_page(pages[j]); > + } We didn't pin any pages, why should we release them? IMHO, all that's needed is the ... > + kvfree(pages); .. here > return -1; > } > Not sure how often CONFIG_GUP_BENCHMARK is really enabled. Maybe we should Cc: stable@vger.kernel.org # v4.20+ With only the kvfree(pages) Reviewed-by: David Hildenbrand <david@redhat.com>
diff --git a/mm/gup_benchmark.c b/mm/gup_benchmark.c index 7dd602d7f8db..33ede5727523 100644 --- a/mm/gup_benchmark.c +++ b/mm/gup_benchmark.c @@ -23,7 +23,7 @@ static int __gup_benchmark_ioctl(unsigned int cmd, struct gup_benchmark *gup) { ktime_t start_time, end_time; - unsigned long i, nr_pages, addr, next; + unsigned long i, j, nr_pages, addr, next; int nr; struct page **pages; @@ -63,6 +63,12 @@ static int __gup_benchmark_ioctl(unsigned int cmd, NULL); break; default: + for (j = 0; j < i; j++) { + if (!pages[j]) + break; + put_page(pages[j]); + } + kvfree(pages); return -1; }
In the implementation of __gup_benchmark_ioctl() memory is leaked if the passed cmd is invalid. Release pages before returning -1. Fixes: 714a3a1ebafe ("mm/gup_benchmark.c: add additional pinning methods") Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com> --- mm/gup_benchmark.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)