5.3-stable patches

author Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Mon, 2 Dec 2019 18:49:49 +0000 (19:49 +0100)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Mon, 2 Dec 2019 18:49:49 +0000 (19:49 +0100)
author Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 2 Dec 2019 18:49:49 +0000 (19:49 +0100)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 2 Dec 2019 18:49:49 +0000 (19:49 +0100)
diff --git a/queue-5.3/series b/queue-5.3/series

index a90ff9c122fd8302508549d2d765592d239ff252..07612028010b0645dfbcf4e37ccc07a984b42c8c 100644 (file)
--- a/queue-5.3/series
+++ b/queue-5.3/series
@@ -104,3 +104,4 @@ usb-serial-ftdi_sio-add-device-ids-for-u-blox-c099-f9p.patch
  mei-bus-prefix-device-names-on-bus-with-the-bus-name.patch
  mei-me-add-comet-point-v-device-id.patch
  thunderbolt-power-cycle-the-router-if-nvm-authentication-fails.patch
+xfrm-fix-memleak-on-xfrm-state-destroy.patch
diff --git a/queue-5.3/xfrm-fix-memleak-on-xfrm-state-destroy.patch b/queue-5.3/xfrm-fix-memleak-on-xfrm-state-destroy.patch

new file mode 100644 (file)

index 0000000..9758b27
--- /dev/null
+++ b/queue-5.3/xfrm-fix-memleak-on-xfrm-state-destroy.patch
@@ -0,0 +1,34 @@
+From 86c6739eda7d2a03f2db30cbee67a5fb81afa8ba Mon Sep 17 00:00:00 2001
+From: Steffen Klassert <steffen.klassert@secunet.com>
+Date: Wed, 6 Nov 2019 08:13:49 +0100
+Subject: xfrm: Fix memleak on xfrm state destroy
+
+From: Steffen Klassert <steffen.klassert@secunet.com>
+
+commit 86c6739eda7d2a03f2db30cbee67a5fb81afa8ba upstream.
+
+We leak the page that we use to create skb page fragments
+when destroying the xfrm_state. Fix this by dropping a
+page reference if a page was assigned to the xfrm_state.
+
+Fixes: cac2661c53f3 ("esp4: Avoid skb_cow_data whenever possible")
+Reported-by: JD <jdtxs00@gmail.com>
+Reported-by: Paul Wouters <paul@nohats.ca>
+Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/xfrm/xfrm_state.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/net/xfrm/xfrm_state.c
++++ b/net/xfrm/xfrm_state.c
+@@ -495,6 +495,8 @@ static void ___xfrm_state_destroy(struct
+               x->type->destructor(x);
+               xfrm_put_type(x->type);
+       }
++      if (x->xfrag.page)
++              put_page(x->xfrag.page);
+       xfrm_dev_state_free(x);
+       security_xfrm_state_free(x);
+       xfrm_state_free(x);
author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Mon, 2 Dec 2019 18:49:49 +0000 (19:49 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Mon, 2 Dec 2019 18:49:49 +0000 (19:49 +0100)
queue-5.3/series		patch \| blob \| blame \| history
queue-5.3/xfrm-fix-memleak-on-xfrm-state-destroy.patch	[new file with mode: 0644]	patch \| blob