git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Ilya Dryomov <idryomov@gmail.com>
	Tue, 10 Mar 2020 15:19:01 +0000 (16:19 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 2 Apr 2020 13:09:53 +0000 (15:09 +0200)
commit	cf1d99484480a5a17c0dcf206e45402abe3476cc
tree	eb30cf90dee210274955e2da4b2b33888a920e58	tree \| snapshot
parent	3dea08e7ac2954baa42f86af3ce81dfb0dd7a4cb	commit \| diff

libceph: fix alloc_msg_with_page_vector() memory leaks

commit e886274031200bb60965c1b9c49b7acda56a93bd upstream.

Make it so that CEPH_MSG_DATA_PAGES data item can own pages,
fixing a bunch of memory leaks for a page vector allocated in
alloc_msg_with_page_vector(). Currently, only watch-notify
messages trigger this allocation, and normally the page vector
is freed either in handle_watch_notify() or by the caller of
ceph_osdc_notify(). But if the message is freed before that
(e.g. if the session faults while reading in the message or
if the notify is stale), we leak the page vector.

This was supposed to be fixed by switching to a message-owned
pagelist, but that never happened.

Fixes: 1907920324f1 ("libceph: support for sending notifies")
Reported-by: Roman Penyaev <rpenyaev@suse.de>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Roman Penyaev <rpenyaev@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

include/linux/ceph/messenger.h		diff \| blob \| blame \| history
net/ceph/messenger.c		diff \| blob \| blame \| history
net/ceph/osd_client.c		diff \| blob \| blame \| history