From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Xiaotao Yin <xiaotao.yin@windriver.com>,
Robin Murphy <robin.murphy@arm.com>,
Joerg Roedel <jroedel@suse.de>, Sasha Levin <sashal@kernel.org>
Subject: [PATCH 4.19 44/84] iommu/iova: Init the struct iova to fix the possible memleak
Date: Sat, 11 Jan 2020 10:50:21 +0100 [thread overview]
Message-ID: <20200111094902.979778161@linuxfoundation.org> (raw)
In-Reply-To: <20200111094845.328046411@linuxfoundation.org>
From: Xiaotao Yin <xiaotao.yin@windriver.com>
[ Upstream commit 472d26df5e8075eda677b6be730e0fbf434ff2a8 ]
During ethernet(Marvell octeontx2) set ring buffer test:
ethtool -G eth1 rx <rx ring size> tx <tx ring size>
following kmemleak will happen sometimes:
unreferenced object 0xffff000b85421340 (size 64):
comm "ethtool", pid 867, jiffies 4295323539 (age 550.500s)
hex dump (first 64 bytes):
80 13 42 85 0b 00 ff ff ff ff ff ff ff ff ff ff ..B.............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
ff ff ff ff ff ff ff ff 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<000000001b204ddf>] kmem_cache_alloc+0x1b0/0x350
[<00000000d9ef2e50>] alloc_iova+0x3c/0x168
[<00000000ea30f99d>] alloc_iova_fast+0x7c/0x2d8
[<00000000b8bb2f1f>] iommu_dma_alloc_iova.isra.0+0x12c/0x138
[<000000002f1a43b5>] __iommu_dma_map+0x8c/0xf8
[<00000000ecde7899>] iommu_dma_map_page+0x98/0xf8
[<0000000082004e59>] otx2_alloc_rbuf+0xf4/0x158
[<000000002b107f6b>] otx2_rq_aura_pool_init+0x110/0x270
[<00000000c3d563c7>] otx2_open+0x15c/0x734
[<00000000a2f5f3a8>] otx2_dev_open+0x3c/0x68
[<00000000456a98b5>] otx2_set_ringparam+0x1ac/0x1d4
[<00000000f2fbb819>] dev_ethtool+0xb84/0x2028
[<0000000069b67c5a>] dev_ioctl+0x248/0x3a0
[<00000000af38663a>] sock_ioctl+0x280/0x638
[<000000002582384c>] do_vfs_ioctl+0x8b0/0xa80
[<000000004e1a2c02>] ksys_ioctl+0x84/0xb8
The reason:
When alloc_iova_mem() without initial with Zero, sometimes fpn_lo will
equal to IOVA_ANCHOR by chance, so when return with -ENOMEM(iova32_full)
from __alloc_and_insert_iova_range(), the new_iova will not be freed in
free_iova_mem().
Fixes: bb68b2fbfbd6 ("iommu/iova: Add rbtree anchor node")
Signed-off-by: Xiaotao Yin <xiaotao.yin@windriver.com>
Reviewed-by: Robin Murphy <robin.murphy@arm.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/iommu/iova.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/iommu/iova.c b/drivers/iommu/iova.c
index da4516fbf542..34c058c24b9d 100644
--- a/drivers/iommu/iova.c
+++ b/drivers/iommu/iova.c
@@ -236,7 +236,7 @@ static DEFINE_MUTEX(iova_cache_mutex);
struct iova *alloc_iova_mem(void)
{
- return kmem_cache_alloc(iova_cache, GFP_ATOMIC);
+ return kmem_cache_zalloc(iova_cache, GFP_ATOMIC);
}
EXPORT_SYMBOL(alloc_iova_mem);
--
2.20.1
next prev parent reply other threads:[~2020-01-11 10:18 UTC|newest]
Thread overview: 95+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-11 9:49 [PATCH 4.19 00/84] 4.19.95-stable review Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 01/84] USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 02/84] USB: dummy-hcd: increase max number of devices to 32 Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 03/84] bpf: Fix passing modified ctx to ld/abs/ind instruction Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 04/84] regulator: fix use after free issue Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 05/84] ASoC: max98090: fix possible race conditions Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 06/84] locking/spinlock/debug: Fix various data races Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 07/84] netfilter: ctnetlink: netns exit must wait for callbacks Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 08/84] mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 09/84] libtraceevent: Fix lib installation with O= Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 10/84] x86/efi: Update e820 with reserved EFI boot services data to fix kexec breakage Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 11/84] ASoC: Intel: bytcr_rt5640: Update quirk for Teclast X89 Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 12/84] efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 13/84] efi/gop: Return EFI_SUCCESS if a usable GOP was found Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 14/84] efi/gop: Fix memory leak in __gop_query32/64() Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 15/84] ARM: dts: imx6ul: imx6ul-14x14-evk.dtsi: Fix SPI NOR probing Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 16/84] ARM: vexpress: Set-up shared OPP table instead of individual for each CPU Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 17/84] netfilter: uapi: Avoid undefined left-shift in xt_sctp.h Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 18/84] netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 19/84] netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 20/84] netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 21/84] ARM: dts: BCM5301X: Fix MDIO node address/size cells Greg Kroah-Hartman
2020-01-11 9:49 ` [PATCH 4.19 22/84] selftests/ftrace: Fix multiple kprobe testcase Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 23/84] ARM: dts: Cygnus: Fix MDIO node address/size cells Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 24/84] spi: spi-cavium-thunderx: Add missing pci_release_regions() Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 25/84] ASoC: topology: Check return value for soc_tplg_pcm_create() Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 26/84] ARM: dts: bcm283x: Fix critical trip point Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 27/84] bnxt_en: Return error if FW returns more data than dump length Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 28/84] bpf, mips: Limit to 33 tail calls Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 29/84] spi: spi-ti-qspi: Fix a bug when accessing non default CS Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 30/84] ARM: dts: am437x-gp/epos-evm: fix panel compatible Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 31/84] samples: bpf: Replace symbol compare of trace_event Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 32/84] samples: bpf: fix syscall_tp due to unused syscall Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 33/84] powerpc: Ensure that swiotlb buffer is allocated from low memory Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 34/84] btrfs: Fix error messages in qgroup_rescan_init Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 35/84] bpf: Clear skb->tstamp in bpf_redirect when necessary Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 36/84] bnx2x: Do not handle requests from VFs after parity Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 37/84] bnx2x: Fix logic to get total no. of PFs per engine Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 38/84] cxgb4: Fix kernel panic while accessing sge_info Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 39/84] net: usb: lan78xx: Fix error message format specifier Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 40/84] parisc: add missing __init annotation Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 41/84] rfkill: Fix incorrect check to avoid NULL pointer dereference Greg Kroah-Hartman
2020-01-13 8:08 ` Pavel Machek
2020-01-11 9:50 ` [PATCH 4.19 42/84] ASoC: wm8962: fix lambda value Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 43/84] regulator: rn5t618: fix module aliases Greg Kroah-Hartman
2020-01-11 9:50 ` Greg Kroah-Hartman [this message]
2020-01-11 9:50 ` [PATCH 4.19 45/84] kconfig: dont crash on NULL expressions in expr_eq() Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 46/84] perf/x86/intel: Fix PT PMI handling Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 47/84] fs: avoid softlockups in s_inodes iterators Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 48/84] net: stmmac: Do not accept invalid MTU values Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 49/84] net: stmmac: xgmac: Clear previous RX buffer size Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 50/84] net: stmmac: RX buffer size must be 16 byte aligned Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 51/84] net: stmmac: Always arm TX Timer at end of transmission start Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 52/84] s390/purgatory: do not build purgatory with kcov, kasan and friends Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 53/84] drm/exynos: gsc: add missed component_del Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 54/84] s390/dasd/cio: Interpret ccw_device_get_mdc return value correctly Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 55/84] s390/dasd: fix memleak in path handling error case Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 56/84] block: fix memleak when __blk_rq_map_user_iov() is failed Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 57/84] parisc: Fix compiler warnings in debug_core.c Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 58/84] llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 59/84] hv_netvsc: Fix unwanted rx_table reset Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 60/84] powerpc/vcpu: Assume dedicated processors as non-preempt Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 61/84] powerpc/spinlocks: Include correct header for static key Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 62/84] cpufreq: imx6q: read OCOTP through nvmem for imx6ul/imx6ull Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 63/84] ARM: dts: imx6ul: use nvmem-cells for cpu speed grading Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 64/84] PCI/switchtec: Read all 64 bits of part_event_bitmap Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 65/84] arm64: KVM: Trap VM ops when ARM64_WORKAROUND_CAVIUM_TX2_219_TVM is set Greg Kroah-Hartman
2020-01-11 12:30 ` Naresh Kamboju
2020-01-11 17:44 ` Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 66/84] gtp: fix bad unlock balance in gtp_encap_enable_socket Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 67/84] macvlan: do not assume mac_header is set in macvlan_broadcast() Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 68/84] net: dsa: mv88e6xxx: Preserve priority when setting CPU port Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 69/84] net: stmmac: dwmac-sun8i: Allow all RGMII modes Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 70/84] net: stmmac: dwmac-sunxi: " Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 71/84] net: usb: lan78xx: fix possible skb leak Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 72/84] pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 73/84] sch_cake: avoid possible divide by zero in cake_enqueue() Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 74/84] sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 75/84] tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 76/84] vxlan: fix tos value before xmit Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 77/84] vlan: fix memory leak in vlan_dev_set_egress_priority Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 78/84] vlan: vlan_changelink() should propagate errors Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 79/84] mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 80/84] net: sch_prio: When ungrafting, replace with FIFO Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 81/84] usb: dwc3: gadget: Fix request complete check Greg Kroah-Hartman
2020-01-11 9:50 ` [PATCH 4.19 82/84] USB: core: fix check for duplicate endpoints Greg Kroah-Hartman
2020-01-11 9:51 ` [PATCH 4.19 83/84] USB: serial: option: add Telit ME910G1 0x110a composition Greg Kroah-Hartman
2020-01-11 9:51 ` [PATCH 4.19 84/84] usb: missing parentheses in USE_NEW_SCHEME Greg Kroah-Hartman
2020-01-11 16:02 ` [PATCH 4.19 00/84] 4.19.95-stable review Guenter Roeck
2020-01-11 17:47 ` Greg Kroah-Hartman
2020-01-11 20:10 ` Guenter Roeck
2020-01-11 20:41 ` Greg Kroah-Hartman
2020-01-12 4:57 ` Naresh Kamboju
2020-01-12 8:14 ` Greg Kroah-Hartman
2020-01-13 15:48 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200111094902.979778161@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=jroedel@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=robin.murphy@arm.com \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
--cc=xiaotao.yin@windriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).