From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Prakash Kamliya <pkamliya@codeaurora.org>,
Sharat Masetty <smasetty@codeaurora.org>,
Rob Clark <robdclark@gmail.com>,
Sasha Levin <alexander.levin@microsoft.com>
Subject: [PATCH 3.18 37/47] drm/msm: fix leak in failed get_pages
Date: Fri, 23 Mar 2018 10:55:28 +0100 [thread overview]
Message-ID: <20180323094249.700767402@linuxfoundation.org> (raw)
In-Reply-To: <20180323094248.117679641@linuxfoundation.org>
3.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Prakash Kamliya <pkamliya@codeaurora.org>
[ Upstream commit 62e3a3e342af3c313ab38603811ecdb1fcc79edb ]
get_pages doesn't keep a reference of the pages allocated
when it fails later in the code path. This can lead to
a memory leak. Keep reference of the allocated pages so
that it can be freed when msm_gem_free_object gets called
later during cleanup.
Signed-off-by: Prakash Kamliya <pkamliya@codeaurora.org>
Signed-off-by: Sharat Masetty <smasetty@codeaurora.org>
Signed-off-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/gpu/drm/msm/msm_gem.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
--- a/drivers/gpu/drm/msm/msm_gem.c
+++ b/drivers/gpu/drm/msm/msm_gem.c
@@ -83,14 +83,17 @@ static struct page **get_pages(struct dr
return p;
}
+ msm_obj->pages = p;
+
msm_obj->sgt = drm_prime_pages_to_sg(p, npages);
if (IS_ERR(msm_obj->sgt)) {
+ void *ptr = ERR_CAST(msm_obj->sgt);
+
dev_err(dev->dev, "failed to allocate sgt\n");
- return ERR_CAST(msm_obj->sgt);
+ msm_obj->sgt = NULL;
+ return ptr;
}
- msm_obj->pages = p;
-
/* For non-cached buffers, ensure the new pages are clean
* because display controller, GPU, etc. are not coherent:
*/
@@ -113,7 +116,10 @@ static void put_pages(struct drm_gem_obj
if (msm_obj->flags & (MSM_BO_WC|MSM_BO_UNCACHED))
dma_unmap_sg(obj->dev->dev, msm_obj->sgt->sgl,
msm_obj->sgt->nents, DMA_BIDIRECTIONAL);
- sg_free_table(msm_obj->sgt);
+
+ if (msm_obj->sgt)
+ sg_free_table(msm_obj->sgt);
+
kfree(msm_obj->sgt);
if (iommu_present(&platform_bus_type))
next prev parent reply other threads:[~2018-03-23 9:55 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-23 9:54 [PATCH 3.18 00/47] 3.18.102-stable review Greg Kroah-Hartman
2018-03-23 9:54 ` [PATCH 3.18 01/47] platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA Greg Kroah-Hartman
2018-03-23 9:54 ` [PATCH 3.18 02/47] x86: i8259: export legacy_pic symbol Greg Kroah-Hartman
2018-03-23 9:54 ` [PATCH 3.18 03/47] Input: ar1021_i2c - fix too long name in drivers device table Greg Kroah-Hartman
2018-03-23 9:54 ` [PATCH 3.18 04/47] ACPI/processor: Replace racy task affinity logic Greg Kroah-Hartman
2018-03-23 9:54 ` [PATCH 3.18 05/47] cpufreq/sh: " Greg Kroah-Hartman
2018-03-23 9:54 ` [PATCH 3.18 06/47] genirq: Use irqd_get_trigger_type to compare the trigger type for shared IRQs Greg Kroah-Hartman
2018-03-23 9:54 ` [PATCH 3.18 07/47] i2c: i2c-scmi: add a MS HID Greg Kroah-Hartman
2018-03-23 9:54 ` [PATCH 3.18 08/47] net: ipv6: send unsolicited NA on admin up Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 09/47] [media] media/dvb-core: Race condition when writing to CAM Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 10/47] spi: dw: Disable clock after unregistering the host Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 11/47] ath: Fix updating radar flags for coutry code India Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 12/47] scsi: virtio_scsi: Always try to read VPD pages Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 13/47] KVM: PPC: Book3S PR: Exit KVM on failed mapping Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 14/47] tcp: remove poll() flakes with FastOpen Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 15/47] e1000e: fix timing for 82579 Gigabit Ethernet controller Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 16/47] ALSA: hda - Fix headset microphone detection for ASUS N551 and N751 Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 17/47] IB/ipoib: Update broadcast object if PKey value was changed in index 0 Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 18/47] HSI: ssi_protocol: double free in ssip_pn_xmit() Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 19/47] Fix driver usage of 128B WQEs when WQ_CREATE is V1 Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 20/47] mmc: host: omap_hsmmc: checking for NULL instead of IS_ERR() Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 21/47] wan: pc300too: abort path on failure Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 22/47] qlcnic: fix unchecked return value Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 23/47] scsi: mac_esp: Replace bogus memory barrier with spinlock Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 24/47] rndis_wlan: add return value validation Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 25/47] Btrfs: send, fix file hole not being preserved due to inline extent Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 26/47] mac80211: dont parse encrypted management frames in ieee80211_frame_acked Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 27/47] mfd: palmas: Reset the POWERHOLD mux during power off Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 28/47] ARM: DRA7: clockdomain: Change the CLKTRCTRL of CM_PCIE_CLKSTCTRL to SW_WKUP Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 29/47] ipmi/watchdog: fix wdog hang on panic waiting for ipmi response Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 30/47] bnx2x: Align RX buffers Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 31/47] power: supply: pda_power: move from timer to delayed_work Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 32/47] md/raid10: skip spare disk as first disk Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 33/47] ia64: fix module loading for gcc-5.4 Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 34/47] video: fbdev: udlfb: Fix buffer on stack Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 35/47] sm501fb: dont return zero on failure path in sm501fb_start() Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 36/47] cifs: small underflow in cnvrtDosUnixTm() Greg Kroah-Hartman
2018-03-23 9:55 ` Greg Kroah-Hartman [this message]
2018-03-23 9:55 ` [PATCH 3.18 38/47] media: bt8xx: Fix err bt878_probe() Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 39/47] media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 40/47] mmc: avoid removing non-removable hosts during suspend Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 41/47] IB/ipoib: Avoid memory leak if the SA returns a different DGID Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 42/47] RDMA/cma: Use correct size when writing netlink stats Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 43/47] vgacon: Set VGA struct resource types Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 44/47] drm/omap: DMM: Check for DMM readiness after successful transaction commit Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 45/47] pinctrl: Really force states during suspend/resume Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 46/47] clk: si5351: Rename internal plls to avoid name collisions Greg Kroah-Hartman
2018-03-23 9:55 ` [PATCH 3.18 47/47] RDMA/ucma: Fix access to non-initialized CM_ID object Greg Kroah-Hartman
2018-03-23 14:00 ` [PATCH 3.18 00/47] 3.18.102-stable review kernelci.org bot
2018-03-23 20:43 ` Shuah Khan
2018-03-24 7:46 ` Greg Kroah-Hartman
2018-03-24 0:07 ` Guenter Roeck
2018-03-24 9:40 ` Harsh Shandilya
2018-03-24 10:05 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180323094249.700767402@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=alexander.levin@microsoft.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pkamliya@codeaurora.org \
--cc=robdclark@gmail.com \
--cc=smasetty@codeaurora.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.