From: JD <jdtxs00@gmail.com>
To: Steffen Klassert <steffen.klassert@secunet.com>
Cc: netdev@vger.kernel.org, gregkh@linuxfoundation.org
Subject: Re: Followup: Kernel memory leak on 4.11+ & 5.3.x with IPsec
Date: Mon, 2 Dec 2019 12:10:32 -0600 [thread overview]
Message-ID: <a1a60471-7395-2bb0-5c6d-290b9af4b7dc@gmail.com> (raw)
In-Reply-To: <20191111062832.GP13225@gauss3.secunet.de>
Hello,
I noticed the patch hasn't been in the last two stable releases for 4.14
and 4.19. I checked the 4.14.157 and 4.19.87 release but the
xfrm_state.c file doesn't have the patch.
Any update on or eta when this patch will backported to those two?
Also, I suppose 5.3.14 will need it as well.
Thank you.
On 11/11/2019 12:28 AM, Steffen Klassert wrote:
> On Mon, Nov 04, 2019 at 12:25:37PM -0600, JD wrote:
>> Hello Steffen,
>>
>> I left the stress test running over the weekend and everything still looks
>> great. Your patch definitely resolves the leak.
> I've just applied the patch below to the IPsec tree.
>
> Thanks again for reporting and testing!
>
> Subject: [PATCH] xfrm: Fix memleak on xfrm state destroy
>
> We leak the page that we use to create skb page fragments
> when destroying the xfrm_state. Fix this by dropping a
> page reference if a page was assigned to the xfrm_state.
>
> Fixes: cac2661c53f3 ("esp4: Avoid skb_cow_data whenever possible")
> Reported-by: JD <jdtxs00@gmail.com>
> Reported-by: Paul Wouters <paul@nohats.ca>
> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
> ---
> net/xfrm/xfrm_state.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
> index c6f3c4a1bd99..f3423562d933 100644
> --- a/net/xfrm/xfrm_state.c
> +++ b/net/xfrm/xfrm_state.c
> @@ -495,6 +495,8 @@ static void ___xfrm_state_destroy(struct xfrm_state *x)
> x->type->destructor(x);
> xfrm_put_type(x->type);
> }
> + if (x->xfrag.page)
> + put_page(x->xfrag.page);
> xfrm_dev_state_free(x);
> security_xfrm_state_free(x);
> xfrm_state_free(x);
next prev parent reply other threads:[~2019-12-02 18:10 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAMnf+Pg4BLVKAGsr9iuF1uH-GMOiyb8OW0nKQSEKmjJvXj+t1g@mail.gmail.com>
2019-11-01 7:53 ` Followup: Kernel memory leak on 4.11+ & 5.3.x with IPsec Steffen Klassert
2019-11-01 21:31 ` JD
2019-11-04 18:25 ` JD
2019-11-05 9:54 ` Steffen Klassert
2019-11-11 6:28 ` Steffen Klassert
2019-12-02 18:10 ` JD [this message]
2019-12-02 18:35 ` Greg KH
2019-12-02 19:03 ` JD
2019-10-30 20:47 JD
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a1a60471-7395-2bb0-5c6d-290b9af4b7dc@gmail.com \
--to=jdtxs00@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=netdev@vger.kernel.org \
--cc=steffen.klassert@secunet.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).