From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7A4DAC433EF for ; Fri, 24 Jun 2022 04:13:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231151AbiFXEM7 (ORCPT ); Fri, 24 Jun 2022 00:12:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52796 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229764AbiFXEM5 (ORCPT ); Fri, 24 Jun 2022 00:12:57 -0400 Received: from mail-m974.mail.163.com (mail-m974.mail.163.com [123.126.97.4]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id B877668089; Thu, 23 Jun 2022 21:12:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com; s=s110527; h=From:Subject:Date:Message-Id:MIME-Version; bh=E5epV JPg/t9YUTy8EYdJ5qpvHm/ag92IRP9C9ezExQ8=; b=Eb/ySWxb4Bs7FHrHGaqRK 9ppG6dY+Lv+E02icvWdeAVVfLpMCGn6h0DqMR7r+lwOkGPmk6/F5e+LLzomKwZxj or94OTFszkqwJRers8wF/4eOXz/bW/eCZelH231VX8XeobUVBNKNlb5tDlD6su61 Og3fKi/CkJdiR2hvp8AVhQ= Received: from localhost.localdomain (unknown [123.112.69.106]) by smtp4 (Coremail) with SMTP id HNxpCgDn7uejObViIy4HLA--.29322S4; Fri, 24 Jun 2022 12:12:28 +0800 (CST) From: Jianglei Nie To: aelior@marvell.com, skalluru@marvell.com, manishc@marvell.com, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Jianglei Nie Subject: [PATCH] bnx2x: fix memory leak in bnx2x_tpa_stop() Date: Fri, 24 Jun 2022 12:12:17 +0800 Message-Id: <20220624041217.1805512-1-niejianglei2021@163.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-CM-TRANSID: HNxpCgDn7uejObViIy4HLA--.29322S4 X-Coremail-Antispam: 1Uf129KBjvdXoW7GFy7ZF4rtF1kWryxWFWrAFb_yoWkGwcEgw n8Zr13Jr4DG39Fy34jkr4aq343tF90qrn3uFyagrZagr1DJr1UG3Wv9Fn5Xw17Wr48JFnx Gryaqa4YvwnxKjkaLaAFLSUrUUUUUb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT 9fnUUvcSsGvfC2KfnxnUUI43ZEXa7xRiYLvtUUUUU== X-Originating-IP: [123.112.69.106] X-CM-SenderInfo: xqlhyxxdqjzvrlsqjii6rwjhhfrp/1tbiFQwqjF5mLalVGwAAsN Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org bnx2x_tpa_stop() allocates a memory chunk from new_data with bnx2x_frag_alloc(). The new_data should be freed when some errors occur. But when "pad + len > fp->rx_buf_size" is true, bnx2x_tpa_stop() returns without releasing the new_data, which leads to a memory leak. We should free the new_data with bnx2x_frag_free() when "pad + len > fp->rx_buf_size" is true. Signed-off-by: Jianglei Nie --- drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c index 5729a5ab059d..4cbd3ba5acb9 100644 --- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c +++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c @@ -789,6 +789,7 @@ static void bnx2x_tpa_stop(struct bnx2x *bp, struct bnx2x_fastpath *fp, BNX2X_ERR("skb_put is about to fail... pad %d len %d rx_buf_size %d\n", pad, len, fp->rx_buf_size); bnx2x_panic(); + bnx2x_frag_free(fp, new_data); return; } #endif -- 2.25.1