From: Mike Christie <michaelc@cs.wisc.edu>
To: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Ethan Zhao <ethan.kernel@gmail.com>,
pjones@redhat.com, LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] [SCSI] iscsi_boot_sysfs: Fix a memory leak in iscsi_boot_destroy_kset()
Date: Tue, 10 Dec 2013 12:46:36 -0600 [thread overview]
Message-ID: <52A7618C.3050308@cs.wisc.edu> (raw)
In-Reply-To: <74430a05-1640-4174-977d-52d2d2b8519f@email.android.com>
On 12/10/13 8:11 AM, Konrad Rzeszutek Wilk wrote:
> Ethan Zhao <ethan.kernel@gmail.com> wrote:
>> Konrad,
>>
>> boot_kset was allocated when module loaded by
>> ibft_init()
>> iscsi_boot_create_kset()
>> kzalloc()
>>
>> but wasn't freed when module unloaded by
>> ibft_exit()
>> ibft_cleanup()
>> iscsi_boot_destroy_kset()
>>
>> Thanks,
>> Ethan
>>
>> On Tue, Dec 10, 2013 at 5:30 AM, Konrad Rzeszutek Wilk
>> <konrad.wilk@oracle.com> wrote:
>>> On Mon, Dec 09, 2013 at 05:37:11PM +0800, Ethan Zhao wrote:
>>>> From: "Ethan Zhao" <ethan.kernel@gmail.com>
>>>>
>>>> Load and unload iscsi_ibft module will cause kernel memory leak, fix
>> it
>>>> in scsi/iscsi_boot_sysfs.c iscsi_boot_destroy_kset().
>>>>
>>>
>>> Is there a stack trace?
>>>> Signed-off-by: Ethan Zhao <ethan.kernel@gmail.com>
>>>> ---
>>>> drivers/scsi/iscsi_boot_sysfs.c | 1 +
>>>> 1 file changed, 1 insertion(+)
>>>>
>>>> diff --git a/drivers/scsi/iscsi_boot_sysfs.c
>> b/drivers/scsi/iscsi_boot_sysfs.c
>>>> index 14c1c8f..680bf6f 100644
>>>> --- a/drivers/scsi/iscsi_boot_sysfs.c
>>>> +++ b/drivers/scsi/iscsi_boot_sysfs.c
>>>> @@ -490,5 +490,6 @@ void iscsi_boot_destroy_kset(struct
>> iscsi_boot_kset *boot_kset)
>>>> iscsi_boot_remove_kobj(boot_kobj);
>>>>
>>>> kset_unregister(boot_kset->kset);
>>>> + kfree(boot_kset);
>>>> }
>>>> EXPORT_SYMBOL_GPL(iscsi_boot_destroy_kset);
>>>> --
>>>> 1.8.3.4 (Apple Git-47)
>>>>
>
> Right. In the past we did not do that b/c certain drivers (like broadcom) would allocate on the kset their name and try to free (the driver would after freeing the ibft). So you would end up with this patch a double free ( and it might be fixed by now but I can't recall).
>
Do you mean the name string that is passed into kset_create_and_add? If
so that should not happen now. There does not seem to be any user
freeing that string.
There used to be bug where at the initiator/target/ethernet level there
was a double free because iscsi_boot_sysfs and be2iscsi were both
freeing the struct associated with the initiator/target/ethernet. That
is fixed in f457a46f179df41b0f6d80dee33b6e629945f276.
next prev parent reply other threads:[~2013-12-10 18:46 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-09 9:37 [PATCH] [SCSI] iscsi_boot_sysfs: Fix a memory leak in iscsi_boot_destroy_kset() Ethan Zhao
2013-12-09 21:30 ` Konrad Rzeszutek Wilk
2013-12-10 6:03 ` Ethan Zhao
2013-12-10 14:11 ` Konrad Rzeszutek Wilk
2013-12-10 18:46 ` Mike Christie [this message]
2013-12-11 17:18 ` Konrad Rzeszutek Wilk
2013-12-11 17:19 ` Konrad Rzeszutek Wilk
2013-12-11 2:47 ` Ethan Zhao
2013-12-10 0:16 ` Mike Christie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52A7618C.3050308@cs.wisc.edu \
--to=michaelc@cs.wisc.edu \
--cc=ethan.kernel@gmail.com \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pjones@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox