Skip to content

Commit

Permalink
cxl: fix leak of ctx->irq_bitmap when releasing context via kernel API
Browse files Browse the repository at this point in the history 
At present, ctx->irq_bitmap is freed in afu_release_irqs(), which is called
from afu_release() via cxl_context_detach().

Move the freeing of ctx->irq_bitmap from afu_release_irqs() to
reclaim_ctx() (called through cxl_context_free()) so it's freed when
releasing a context via the kernel API (cxl_release_context()) or the
userspace API (afu_release()).

Reported-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Fixes: 6f7f0b3 ("cxl: Add AFU virtual PHB and kernel API")
Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Acked-by: Ian Munsie <imunsie@au1.ibm.com>
Reviewed-by: Matthew R. Ochs <mrochs@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
  • Loading branch information
Andrew Donnellan authored and Michael Ellerman committed Oct 1, 2015
1 parent 8dde152 commit 52adee5
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
3 changes: 3 additions & 0 deletions drivers/misc/cxl/context.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,9 @@ static void reclaim_ctx(struct rcu_head *rcu)
if (ctx->kernelapi)
kfree(ctx->mapping);

if (ctx->irq_bitmap)
kfree(ctx->irq_bitmap);

kfree(ctx);
}

Expand Down
2 changes: 0 additions & 2 deletions drivers/misc/cxl/irq.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -524,7 +524,5 @@ void afu_release_irqs(struct cxl_context *ctx, void *cookie)
afu_irq_name_free(ctx);
cxl_release_irq_ranges(&ctx->irqs, ctx->afu->adapter);

kfree(ctx->irq_bitmap);
ctx->irq_bitmap = NULL;
ctx->irq_count = 0;
}

0 comments on commit 52adee5

Please sign in to comment.