Patch "rpmsg: glink: Fix reuse intents memory leak issue" has been added to the 4.14-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Thu, 19 Dec 2019 12:36:51 +0100

This is a note to let you know that I've just added the patch titled

    rpmsg: glink: Fix reuse intents memory leak issue

to the 4.14-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     rpmsg-glink-fix-reuse-intents-memory-leak-issue.patch
and it can be found in the queue-4.14 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From b85f6b601407347f5425c4c058d1b7871f5bf4f0 Mon Sep 17 00:00:00 2001
From: Arun Kumar Neelakantam <aneela@xxxxxxxxxxxxxx>
Date: Fri, 4 Oct 2019 15:26:57 -0700
Subject: rpmsg: glink: Fix reuse intents memory leak issue

From: Arun Kumar Neelakantam <aneela@xxxxxxxxxxxxxx>

commit b85f6b601407347f5425c4c058d1b7871f5bf4f0 upstream.

Memory allocated for re-usable intents are not freed during channel
cleanup which causes memory leak in system.

Check and free all re-usable memory to avoid memory leak.

Fixes: 933b45da5d1d ("rpmsg: glink: Add support for TX intents")
Cc: stable@xxxxxxxxxxxxxxx
Acked-By: Chris Lew <clew@xxxxxxxxxxxxxx>
Tested-by: Srinivas Kandagatla <srinivas.kandagatla@xxxxxxxxxx>
Signed-off-by: Arun Kumar Neelakantam <aneela@xxxxxxxxxxxxxx>
Reported-by: Srinivas Kandagatla <srinivas.kandagatla@xxxxxxxxxx>
Signed-off-by: Bjorn Andersson <bjorn.andersson@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 drivers/rpmsg/qcom_glink_native.c |    9 +++++++++
 1 file changed, 9 insertions(+)

--- a/drivers/rpmsg/qcom_glink_native.c
+++ b/drivers/rpmsg/qcom_glink_native.c
@@ -243,10 +243,19 @@ static void qcom_glink_channel_release(s
 {
 	struct glink_channel *channel = container_of(ref, struct glink_channel,
 						     refcount);
+	struct glink_core_rx_intent *tmp;
 	unsigned long flags;
+	int iid;
 
 	spin_lock_irqsave(&channel->intent_lock, flags);
+	idr_for_each_entry(&channel->liids, tmp, iid) {
+		kfree(tmp->data);
+		kfree(tmp);
+	}
 	idr_destroy(&channel->liids);
+
+	idr_for_each_entry(&channel->riids, tmp, iid)
+		kfree(tmp);
 	idr_destroy(&channel->riids);
 	spin_unlock_irqrestore(&channel->intent_lock, flags);
 


Patches currently in stable-queue which might be from aneela@xxxxxxxxxxxxxx are

queue-4.14/rpmsg-glink-fix-reuse-intents-memory-leak-issue.patch
queue-4.14/rpmsg-glink-fix-use-after-free-in-open_ack-timeout-case.patch






