Re: [PATCH 0/2] scsi: target: tcmu: Fix memory leak

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2/18/21 11:50 AM, Bodo Stroesser wrote:
> This small series applies to Martin's for-next.
> 
> This is the third attempt to fix a severe memory leak in tcmu.
> Previous patches:
>   https://urldefense.com/v3/__https://lore.kernel.org/linux-scsi/20201218141534.9918-1-bostroesser@xxxxxxxxx/__;!!GqivPVa7Brio!Oz9qazrvG2YRDRkm5ey3KEvdVmuukGz523-nIrg5dvnwt1bKlOAjBmh4g8ADxdmcca5_$ 
>   and
>   https://urldefense.com/v3/__https://lore.kernel.org/linux-scsi/20210210194031.7422-1-bostroesser@xxxxxxxxx/__;!!GqivPVa7Brio!Oz9qazrvG2YRDRkm5ey3KEvdVmuukGz523-nIrg5dvnwt1bKlOAjBmh4g8ADxY8eTeL_$ 
> 
> Tcmu's refcounting relies on tcmu_open and tcmu_release being
> called symmetrically by uio. But that is not true if userspace
> daemon holds the uio device open or mmap'ed while tcmu calls
> uio_unregister device. So refcount can stay above 0 for ever,
> which means that tcmu does not free resources of a tcmu device.
> In extreme cases the amount of memory leaked can be > 1 GB for
> a single destroyed tcmu device.
> 
> This new patch series fixes the problem by moving refcounting from
> tcmu_open/tcmu_release to new vm_operations_struct::open/*::close
> handlers, which are called under all conditions.
> 
> Bodo Stroesser (2):
>   scsi: target: tcmu: Move some functions without code change
>   scsi: target: tcmu: Fix memory leak caused by wrong uio usage
> 
>  drivers/target/target_core_user.c | 189 +++++++++++++++++++++-----------------
>  1 file changed, 106 insertions(+), 83 deletions(-)
> 

Reviewed-by: Mike Christie <michael.christie@xxxxxxxxxx>



[Index of Archives]     [Linux SCSI]     [Kernel Newbies]     [Linux SCSI Target Infrastructure]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Device Mapper]

  Powered by Linux