Re: [PATCH] dmaengine: at_hdmac: fix memory leak in at_dma_xlate()

From: Mario Forner
Date: Fri Nov 30 2018 - 05:07:48 EST


Am Dienstag, 27. November 2018, 17:06:34 CET schrieb Richard Genoud:
> The leak was found when opening/closing a serial port a great number of
> time, increasing kmalloc-32 in slabinfo.
>
> Each time the port was opened, dma_request_slave_channel() was called.
> Then, in at_dma_xlate(), atslave was allocated with devm_kzalloc() and
> never freed. (Well, it was free at module unload, but that's not what we
> want).
> So, here, kzalloc is more suited for the job since it has to be freed in
> atc_free_chan_resources().
>
> Cc: stable@xxxxxxxxxxxxxxx
> Fixes: bbe89c8e3d59 ("at_hdmac: move to generic DMA binding")
> Reported-by: Mario Forner <m.forner@xxxxxxxxxxxxx>
> Suggested-by: Alexandre Belloni <alexandre.belloni@xxxxxxxxxxx>
> Acked-by: Alexandre Belloni <alexandre.belloni@xxxxxxxxxxx>
> Signed-off-by: Richard Genoud <richard.genoud@xxxxxxxxx>

After testing I installed an updated kernel on a production machine, which
worked fine. The memory leak has been repaired successfully. There have been
no adverse side-effects.

Thank you for providing the patch.

> ---
> drivers/dma/at_hdmac.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/dma/at_hdmac.c b/drivers/dma/at_hdmac.c
> index 7cbac6e8c113..1b7f0ca0d5cd 100644
> --- a/drivers/dma/at_hdmac.c
> +++ b/drivers/dma/at_hdmac.c
> @@ -1641,6 +1641,12 @@ static void atc_free_chan_resources(struct dma_chan *chan)
> atchan->descs_allocated = 0;
> atchan->status = 0;
>
> + /*
> + * Free atslave allocated in at_dma_xlate()
> + */
> + kfree(chan->private);
> + chan->private = NULL;
> +
> dev_vdbg(chan2dev(chan), "free_chan_resources: done\n");
> }
>
> @@ -1675,7 +1681,7 @@ static struct dma_chan *at_dma_xlate(struct of_phandle_args *dma_spec,
> dma_cap_zero(mask);
> dma_cap_set(DMA_SLAVE, mask);
>
> - atslave = devm_kzalloc(&dmac_pdev->dev, sizeof(*atslave), GFP_KERNEL);
> + atslave = kzalloc(sizeof(*atslave), GFP_KERNEL);
> if (!atslave)
> return NULL;
>
>