Satoru Takeuchi <satoru.takeuchi@xxxxxxxxx> writes:
> At Thu, 14 Mar 2013 17:11:21 +1030,
> Rusty Russell wrote:
>>
>> Satoru Takeuchi <satoru.takeuchi@xxxxxxxxx> writes:
>> > Hi Rusty,
>> >
>> > At Tue, 12 Mar 2013 15:43:33 -0700,
>> > Greg Kroah-Hartman wrote:
>> >> @@ -307,6 +312,14 @@ int hwrng_register(struct hwrng *rng)
>> >>
>> >> mutex_lock(&rng_mutex);
>> >>
>> >> + /* kmalloc makes this safe for virt_to_page() in virtio_rng.c */
>> >> + err = -ENOMEM;
>> >> + if (!rng_buffer) {
>> >> + rng_buffer = kmalloc(rng_buffer_size(), GFP_KERNEL);
>> >
>> > rng_buffer is now kmalloc-ed, but not kfree-ed. Shoudn't it be kfree-ed
>> > at hwrng_unregister()? If my suspect is correct, the same problem is
>> > in 3.8.3-rc1 and 3.0.69-rc1. I'm OK to make a patch, but it'll be after
>> > some hours.
>> >
>> > Corecct me if I'm wrong.
>>
>> Yes, it would be nice to free it, but it really makes sense to free it
>> in module_cleanup() (which would have to be written, as the module
>> currently doesn't have one).
>>
>> Cheers,
>> Rusty.
>
> From: Satoru Takeuchi <satoru.takeuchi@xxxxxxxxx>
>
> rng-core module allocates rng_buffer by kmalloc() since commit
> f7f154f1246ccc5a0a7e9ce50932627d60a0c878. But this buffer won't be
> freed and there is a memory leak possibility at module exit.
>
> Signed-off-by: Satoru Takeuchi <satoru.takeuchi@xxxxxxxxx>
> Cc: Rusty Russell <rusty@xxxxxxxxxxxxxxx>
> Cc: Matt Mackall <mpm@xxxxxxxxxxx>
> Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Cc: Aurelien Jarno <aurelien@xxxxxxxxxxx>
> Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> Cc: stable@xxxxxxxxxxxxxxx
Cc: stable might be overkill, but I've tested it and put it in my patch
queue, and will push it to Linus once it's survived linux-next.
Thanks,
Rusty.
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html