hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

xsk: fix umem memory leak on cleanup 

When the umem is cleaned up, the task that created it might already be
gone. If the task was gone, the xdp_umem_release function did not free
the pages member of struct xdp_umem.

It turned out that the task lookup was not needed at all; The code was
a left-over when we moved from task accounting to user accounting [1].

This patch fixes the memory leak by removing the task lookup logic
completely.

[1] https://lore.kernel.org/netdev/20180131135356.19134-3-bjorn.topel@gmail.com/

Link: https://lore.kernel.org/netdev/c1cb2ca8-6a14-3980-8672-f3de0bb38dfd@suse.cz/
Fixes: c0c77d8fb7 ("xsk: add user memory registration support sockopt")
Reported-by: Jiri Slaby <jslaby@suse.cz>
Signed-off-by: Björn Töpel <bjorn.topel@intel.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
This commit is contained in:
Björn Töpel 2019-03-13 15:15:49 +01:00 committed by Daniel Borkmann
parent 895383983e
commit 044175a067
2 changed files with 1 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/net/xdp_sock.h
View File

@ -36,7 +36,6 @@ struct xdp_umem {
u32 headroom; u32 headroom;
u32 chunk_size_nohr; u32 chunk_size_nohr;
struct user_struct *user; struct user_struct *user;
struct pid *pid;
unsigned long address; unsigned long address;
refcount_t users; refcount_t users;
struct work_struct work; struct work_struct work;

19
net/xdp/xdp_umem.c
View File

@ -193,9 +193,6 @@ static void xdp_umem_unaccount_pages(struct xdp_umem *umem)
static void xdp_umem_release(struct xdp_umem *umem) static void xdp_umem_release(struct xdp_umem *umem)
{ {
struct task_struct *task;
struct mm_struct *mm;
xdp_umem_clear_dev(umem); xdp_umem_clear_dev(umem);
ida_simple_remove(&umem_ida, umem->id); ida_simple_remove(&umem_ida, umem->id);
@ -214,21 +211,10 @@ static void xdp_umem_release(struct xdp_umem *umem)
xdp_umem_unpin_pages(umem); xdp_umem_unpin_pages(umem);
task = get_pid_task(umem->pid, PIDTYPE_PID);
put_pid(umem->pid);
if (!task)
goto out;
mm = get_task_mm(task);
put_task_struct(task);
if (!mm)
goto out;
mmput(mm);
kfree(umem->pages); kfree(umem->pages);
umem->pages = NULL; umem->pages = NULL;
xdp_umem_unaccount_pages(umem); xdp_umem_unaccount_pages(umem);
out:
kfree(umem); kfree(umem);
} }
@ -357,7 +343,6 @@ static int xdp_umem_reg(struct xdp_umem *umem, struct xdp_umem_reg *mr)
if (size_chk < 0) if (size_chk < 0)
return -EINVAL; return -EINVAL;
umem->pid = get_task_pid(current, PIDTYPE_PID);
umem->address = (unsigned long)addr; umem->address = (unsigned long)addr;
umem->chunk_mask = ~((u64)chunk_size - 1); umem->chunk_mask = ~((u64)chunk_size - 1);
umem->size = size; umem->size = size;
@ -373,7 +358,7 @@ static int xdp_umem_reg(struct xdp_umem *umem, struct xdp_umem_reg *mr)
err = xdp_umem_account_pages(umem); err = xdp_umem_account_pages(umem);
if (err) if (err)
goto out; return err;
err = xdp_umem_pin_pages(umem); err = xdp_umem_pin_pages(umem);
if (err) if (err)
@ -392,8 +377,6 @@ static int xdp_umem_reg(struct xdp_umem *umem, struct xdp_umem_reg *mr)
out_account: out_account:
xdp_umem_unaccount_pages(umem); xdp_umem_unaccount_pages(umem);
out:
put_pid(umem->pid);
return err; return err;
} }