Patch "coresight: tmc: sg: Do not leak sg_table" has been added to the 5.4-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    coresight: tmc: sg: Do not leak sg_table

to the 5.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     coresight-tmc-sg-do-not-leak-sg_table.patch
and it can be found in the queue-5.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit dcc95f487e1816f1e9c99bb141b88a7a549a3c6f
Author: Suzuki K Poulose <suzuki.poulose@xxxxxxx>
Date:   Tue Jul 2 14:28:46 2024 +0100

    coresight: tmc: sg: Do not leak sg_table
    
    [ Upstream commit c58dc5a1f886f2fcc1133746d0cbaa1fe7fd44ff ]
    
    Running perf with cs_etm on Juno triggers the following kmemleak warning !
    
    :~# cat /sys/kernel/debug/kmemleak
     unreferenced object 0xffffff8806b6d720 (size 96):
     comm "perf", pid 562, jiffies 4297810960
     hex dump (first 32 bytes):
     38 d8 13 07 88 ff ff ff 00 d0 9e 85 c0 ff ff ff  8...............
     00 10 00 88 c0 ff ff ff 00 f0 ff f7 ff 00 00 00  ................
     backtrace (crc 1dbf6e00):
     [<ffffffc08107381c>] kmemleak_alloc+0xbc/0xd8
     [<ffffffc0802f9798>] kmalloc_trace_noprof+0x220/0x2e8
     [<ffffffc07bb71948>] tmc_alloc_sg_table+0x48/0x208 [coresight_tmc]
     [<ffffffc07bb71cbc>] tmc_etr_alloc_sg_buf+0xac/0x240 [coresight_tmc]
     [<ffffffc07bb72538>] tmc_alloc_etr_buf.constprop.0+0x1f0/0x260 [coresight_tmc]
     [<ffffffc07bb7280c>] alloc_etr_buf.constprop.0.isra.0+0x74/0xa8 [coresight_tmc]
     [<ffffffc07bb72950>] tmc_alloc_etr_buffer+0x110/0x260 [coresight_tmc]
     [<ffffffc07bb38afc>] etm_setup_aux+0x204/0x3b0 [coresight]
     [<ffffffc08025837c>] rb_alloc_aux+0x20c/0x318
     [<ffffffc08024dd84>] perf_mmap+0x2e4/0x7a0
     [<ffffffc0802cceb0>] mmap_region+0x3b0/0xa08
     [<ffffffc0802cd8a8>] do_mmap+0x3a0/0x500
     [<ffffffc080295328>] vm_mmap_pgoff+0x100/0x1d0
     [<ffffffc0802cadf8>] ksys_mmap_pgoff+0xb8/0x110
     [<ffffffc080020688>] __arm64_sys_mmap+0x38/0x58
     [<ffffffc080028fc0>] invoke_syscall.constprop.0+0x58/0x100
    
    This due to the fact that we do not free the "sg_table" itself while
    freeing up  the SG table and data pages. Fix this by freeing the sg_table
    in tmc_free_sg_table().
    
    Fixes: 99443ea19e8b ("coresight: Add generic TMC sg table framework")
    Cc: Mike Leach <mike.leach@xxxxxxxxxx>
    Cc: James Clark <james.clark@xxxxxxx>
    Signed-off-by: Suzuki K Poulose <suzuki.poulose@xxxxxxx>
    Reviewed-by: Anshuman Khandual <anshuman.khandual@xxxxxxx>
    Link: https://lore.kernel.org/r/20240702132846.1677261-1-suzuki.poulose@xxxxxxx
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/drivers/hwtracing/coresight/coresight-tmc-etr.c b/drivers/hwtracing/coresight/coresight-tmc-etr.c
index 2a0a12c194c05..17a5ceff48f24 100644
--- a/drivers/hwtracing/coresight/coresight-tmc-etr.c
+++ b/drivers/hwtracing/coresight/coresight-tmc-etr.c
@@ -257,6 +257,7 @@ void tmc_free_sg_table(struct tmc_sg_table *sg_table)
 {
 	tmc_free_table_pages(sg_table);
 	tmc_free_data_pages(sg_table);
+	kfree(sg_table);
 }
 
 /*
@@ -337,7 +338,6 @@ struct tmc_sg_table *tmc_alloc_sg_table(struct device *dev,
 		rc = tmc_alloc_table_pages(sg_table);
 	if (rc) {
 		tmc_free_sg_table(sg_table);
-		kfree(sg_table);
 		return ERR_PTR(rc);
 	}
 




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux