Re: [PATCH] rbd: fix leak of format 2 snapshot context

[Josh Durgin <josh.durgin@xxxxxxxxxxxxx>]

Alex Elder <elder@xxxxxxxxxxx> wrote:

>When rbd_dev_v2_refresh() is called, the rbd device already has a
>snapshot context associated with it.  But that never gets freed,
>the pointer just gets overwritten.
>
>Fix this by dropping the rbd device's reference to the snapshot
>context before overwriting the pointer.
>
>Because ceph_put_snap_context() already handles for a null pointer
>we don't need to check for that (for the probe case, where no
>context has yet been assigned).
>
>This resolves:
>    http://tracker.ceph.com/issues/4912
>
>Signed-off-by: Alex Elder <elder@xxxxxxxxxxx>
>---
> drivers/block/rbd.c |    1 +
> 1 file changed, 1 insertion(+)
>
>diff --git a/drivers/block/rbd.c b/drivers/block/rbd.c
>index c2ca181..4263743 100644
>--- a/drivers/block/rbd.c
>+++ b/drivers/block/rbd.c
>@@ -4004,6 +4004,7 @@ static int rbd_dev_v2_snap_context(struct
>rbd_device *rbd_dev)
> 	for (i = 0; i < snap_count; i++)
> 		snapc->snaps[i] = ceph_decode_64(&p);
>
>+	ceph_put_snap_context(rbd_dev->header.snapc);
> 	rbd_dev->header.snapc = snapc;
>
> 	dout("  snap context seq = %llu, snap_count = %u\n",

Reviewed-by: Josh Durgin <josh.durgin@xxxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html