mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-28 07:13:34 +00:00
Code Issues Releases Wiki Activity
linux-stable/block
History
Yang Yingliang 62dfe5f55d block: fix memleak when __blk_rq_map_user_iov() is failed 
[ Upstream commit 3b7995a98a ]

When I doing fuzzy test, get the memleak report:

BUG: memory leak
unreferenced object 0xffff88837af80000 (size 4096):
  comm "memleak", pid 3557, jiffies 4294817681 (age 112.499s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    20 00 00 00 10 01 00 00 00 00 00 00 01 00 00 00   ...............
  backtrace:
    [<000000001c894df8>] bio_alloc_bioset+0x393/0x590
    [<000000008b139a3c>] bio_copy_user_iov+0x300/0xcd0
    [<00000000a998bd8c>] blk_rq_map_user_iov+0x2f1/0x5f0
    [<000000005ceb7f05>] blk_rq_map_user+0xf2/0x160
    [<000000006454da92>] sg_common_write.isra.21+0x1094/0x1870
    [<00000000064bb208>] sg_write.part.25+0x5d9/0x950
    [<000000004fc670f6>] sg_write+0x5f/0x8c
    [<00000000b0d05c7b>] __vfs_write+0x7c/0x100
    [<000000008e177714>] vfs_write+0x1c3/0x500
    [<0000000087d23f34>] ksys_write+0xf9/0x200
    [<000000002c8dbc9d>] do_syscall_64+0x9f/0x4f0
    [<00000000678d8e9a>] entry_SYSCALL_64_after_hwframe+0x49/0xbe

If __blk_rq_map_user_iov() is failed in blk_rq_map_user_iov(),
the bio(s) which is allocated before this failing will leak. The
refcount of the bio(s) is init to 1 and increased to 2 by calling
bio_get(), but __blk_rq_unmap_user() only decrease it to 1, so
the bio cannot be freed. Fix it by calling blk_rq_unmap_user().

Reviewed-by: Bob Liu <bob.liu@oracle.com>
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-01-12 12:12:00 +01:00
..
partitions partitions/aix: fix usage of uninitialized lv_info and lvname structures 2018-09-19 22:43:44 +02:00
badblocks.c badblocks: fix wrong return value in badblocks_set if badblocks are disabled 2017-12-20 10:10:26 +01:00
bfq-cgroup.c block: bfq: swap puts in bfqg_and_blkg_put 2018-09-19 22:43:35 +02:00
bfq-iosched.c blok, bfq: do not plug I/O if all queues are weight-raised 2019-11-20 18:00:00 +01:00
bfq-iosched.h Merge branch 'for-4.14/block' of git://git.kernel.dk/linux-block 2017-09-07 11:59:42 -07:00
bfq-wf2q.c block, bfq: correctly charge and reset entity service in all cases 2018-11-13 11:14:55 -08:00
bio-integrity.c block/bio-integrity: fix a memory leak bug 2019-07-31 07:28:55 +02:00
bio.c block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs 2019-07-03 13:15:58 +02:00
blk-cgroup.c blkcg: init root blkcg_gq under lock 2018-06-21 04:02:44 +09:00
blk-core.c blk-mq: move cancel of requeue_work into blk_mq_release 2019-06-15 11:54:54 +02:00
blk-exec.c
blk-flush.c blk-mq: fix a hung issue when fsync 2019-02-20 10:20:44 +01:00
blk-integrity.c
blk-ioc.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blk-lib.c block: fix infinite loop if the device loses discard capability 2018-12-29 13:39:07 +01:00
blk-map.c block: fix memleak when __blk_rq_map_user_iov() is failed 2020-01-12 12:12:00 +01:00
blk-merge.c block: fix single range discard merge 2019-12-17 20:39:46 +01:00
blk-mq-cpumap.c blk-mq: don't keep offline CPUs mapped to hctx 0 2018-04-19 08:56:20 +02:00
blk-mq-debugfs.c blk-mq-debugfs: don't allow write on attributes with seq_operations set 2018-04-26 11:02:11 +02:00
blk-mq-debugfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blk-mq-pci.c blk-mq-pci: add a fallback when pci_irq_get_affinity returns NULL 2017-08-18 08:08:14 -06:00
blk-mq-rdma.c block: Add rdma affinity based queue mapping helper 2017-08-08 14:58:03 -04:00
blk-mq-sched.c blk-mq: only attempt to merge bio if there is rq in sw queue 2018-09-26 08:38:13 +02:00
blk-mq-sched.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blk-mq-sysfs.c blk-mq: make sure that line break can be printed 2019-12-17 20:39:59 +01:00
blk-mq-tag.c blk-mq: fix updating tags depth 2018-09-19 22:43:39 +02:00
blk-mq-tag.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blk-mq-virtio.c
blk-mq.c blk-mq: move cancel of requeue_work to the front of blk_exit_queue 2019-10-05 12:47:37 +02:00
blk-mq.h blk-mq: fix sysfs inflight counter 2018-06-21 04:02:49 +09:00
blk-settings.c block: allow max_discard_segments to be stacked 2018-09-26 08:38:00 +02:00
blk-softirq.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blk-stat.c
blk-stat.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blk-sysfs.c blk-mq: move cancel of requeue_work to the front of blk_exit_queue 2019-10-05 12:47:37 +02:00
blk-tag.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blk-throttle.c block-throttle: avoid double charge 2017-12-29 17:53:47 +01:00
blk-timeout.c block: Fix a race between blk_cleanup_queue() and timeout handling 2017-11-30 08:40:52 +00:00
blk-wbt.c blk-wbt: account flush requests correctly 2018-02-22 15:42:29 +01:00
blk-wbt.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blk-zoned.c blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers 2018-06-16 09:45:14 +02:00
blk.h block: drain queue before waiting for q_usage_counter becoming zero 2018-03-03 10:24:35 +01:00
bounce.c block: don't let passthrough IO go into .make_request_fn() 2018-01-02 20:31:05 +01:00
bsg-lib.c bsg-lib: fix use-after-free under memory-pressure 2017-10-04 08:35:04 -06:00
bsg.c bsg: remove #if 0'ed code 2017-08-29 10:50:30 -06:00
cfq-iosched.c cfq: Suppress compiler warnings about comparisons 2018-09-15 09:45:31 +02:00
cmdline-parser.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
compat_ioctl.c compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE 2020-01-09 10:17:55 +01:00
deadline-iosched.c block, scheduler: convert xxx_var_store to void 2017-08-28 10:01:08 -06:00
elevator.c elevator: lookup mq vs non-mq elevators 2018-12-21 14:13:10 +01:00
genhd.c blk-mq: fix sysfs inflight counter 2018-06-21 04:02:49 +09:00
ioctl.c
ioprio.c block: Add fallthrough markers to switch statements 2017-06-21 11:46:07 -06:00
Kconfig License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig.iosched License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
kyber-iosched.c block: kyber: fix domain token leak during requeue 2018-03-08 22:41:05 -08:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mq-deadline.c mq-deadline: Enable auto-loading when built as module 2017-08-29 10:47:23 -06:00
noop-iosched.c
opal_proto.h block: sed-opal: Set MBRDone on S3 resume path if TPER is MBREnabled 2017-09-11 09:45:52 -06:00
partition-generic.c blk-mq: fix sysfs inflight counter 2018-06-21 04:02:49 +09:00
scsi_ioctl.c block: Change argument type of scsi_req_init() 2017-06-20 19:27:14 -06:00
sed-opal.c block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR 2019-05-31 06:47:29 -07:00
t10-pi.c t10-pi: Move opencoded contants to common header 2017-07-03 16:56:25 -06:00