[ 31/85] USB: oti6858: fix port-data memory leak
From: Greg Kroah-Hartman
Date: Thu Oct 25 2012 - 20:26:06 EST
3.6-stable review patch. If anyone has any objections, please let me know.
------------------
From: Johan Hovold <jhovold@xxxxxxxxx>
commit 289b076f89c2c3260e914dad18ae12f193ea86d5 upstream.
Fix port-data memory leak by replacing attach and release with
port_probe and port_remove.
Since commit 0998d0631001288 (device-core: Ensure drvdata = NULL when no
driver is bound) the port private data is no longer freed at release as
it is no longer accessible.
Compile-only tested.
Signed-off-by: Johan Hovold <jhovold@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/usb/serial/oti6858.c | 68 +++++++++++++++++--------------------------
1 file changed, 28 insertions(+), 40 deletions(-)
--- a/drivers/usb/serial/oti6858.c
+++ b/drivers/usb/serial/oti6858.c
@@ -139,8 +139,8 @@ static int oti6858_chars_in_buffer(struc
static int oti6858_tiocmget(struct tty_struct *tty);
static int oti6858_tiocmset(struct tty_struct *tty,
unsigned int set, unsigned int clear);
-static int oti6858_startup(struct usb_serial *serial);
-static void oti6858_release(struct usb_serial *serial);
+static int oti6858_port_probe(struct usb_serial_port *port);
+static int oti6858_port_remove(struct usb_serial_port *port);
/* device info */
static struct usb_serial_driver oti6858_device = {
@@ -163,8 +163,8 @@ static struct usb_serial_driver oti6858_
.write_bulk_callback = oti6858_write_bulk_callback,
.write_room = oti6858_write_room,
.chars_in_buffer = oti6858_chars_in_buffer,
- .attach = oti6858_startup,
- .release = oti6858_release,
+ .port_probe = oti6858_port_probe,
+ .port_remove = oti6858_port_remove,
};
static struct usb_serial_driver * const serial_drivers[] = {
@@ -333,36 +333,33 @@ static void send_data(struct work_struct
usb_serial_port_softint(port);
}
-static int oti6858_startup(struct usb_serial *serial)
+static int oti6858_port_probe(struct usb_serial_port *port)
{
- struct usb_serial_port *port = serial->port[0];
struct oti6858_private *priv;
- int i;
- for (i = 0; i < serial->num_ports; ++i) {
- priv = kzalloc(sizeof(struct oti6858_private), GFP_KERNEL);
- if (!priv)
- break;
-
- spin_lock_init(&priv->lock);
- init_waitqueue_head(&priv->intr_wait);
-/* INIT_WORK(&priv->setup_work, setup_line, serial->port[i]); */
-/* INIT_WORK(&priv->write_work, send_data, serial->port[i]); */
- priv->port = port;
- INIT_DELAYED_WORK(&priv->delayed_setup_work, setup_line);
- INIT_DELAYED_WORK(&priv->delayed_write_work, send_data);
-
- usb_set_serial_port_data(serial->port[i], priv);
- }
- if (i == serial->num_ports)
- return 0;
-
- for (--i; i >= 0; --i) {
- priv = usb_get_serial_port_data(serial->port[i]);
- kfree(priv);
- usb_set_serial_port_data(serial->port[i], NULL);
- }
- return -ENOMEM;
+ priv = kzalloc(sizeof(*priv), GFP_KERNEL);
+ if (!priv)
+ return -ENOMEM;
+
+ spin_lock_init(&priv->lock);
+ init_waitqueue_head(&priv->intr_wait);
+ priv->port = port;
+ INIT_DELAYED_WORK(&priv->delayed_setup_work, setup_line);
+ INIT_DELAYED_WORK(&priv->delayed_write_work, send_data);
+
+ usb_set_serial_port_data(port, priv);
+
+ return 0;
+}
+
+static int oti6858_port_remove(struct usb_serial_port *port)
+{
+ struct oti6858_private *priv;
+
+ priv = usb_get_serial_port_data(port);
+ kfree(priv);
+
+ return 0;
}
static int oti6858_write(struct tty_struct *tty, struct usb_serial_port *port,
@@ -714,15 +711,6 @@ static int oti6858_ioctl(struct tty_stru
return -ENOIOCTLCMD;
}
-
-static void oti6858_release(struct usb_serial *serial)
-{
- int i;
-
- for (i = 0; i < serial->num_ports; ++i)
- kfree(usb_get_serial_port_data(serial->port[i]));
-}
-
static void oti6858_read_int_callback(struct urb *urb)
{
struct usb_serial_port *port = urb->context;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/