commit e7bf90e5afe3 ("block/bio-integrity: fix a memory leak bug") add a
kree() for 'buf' if bio_integrity_add_page() return '0'. However, the
object will be freed in bio_integrity_free() since 'bio->bi_opf' and
'bio->bi_integrity' was set previousy in bio_integrity_alloc().
Fixes: commit e7bf90e5afe3 ("block/bio-integrity: fix a memory leak bug")
Signed-off-by: yu kuai <[email protected]>
---
block/bio-integrity.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/block/bio-integrity.c b/block/bio-integrity.c
index bf62c25cde8f..ae07dd78e951 100644
--- a/block/bio-integrity.c
+++ b/block/bio-integrity.c
@@ -278,7 +278,6 @@ bool bio_integrity_prep(struct bio *bio)
if (ret == 0) {
printk(KERN_ERR "could not attach integrity payload\n");
- kfree(buf);
status = BLK_STS_RESOURCE;
goto err_end_io;
}
--
2.25.4
On Mon, Jun 01, 2020 at 08:38:56PM +0800, yu kuai wrote:
> commit e7bf90e5afe3 ("block/bio-integrity: fix a memory leak bug") add a
> kree() for 'buf' if bio_integrity_add_page() return '0'. However, the
> object will be freed in bio_integrity_free() since 'bio->bi_opf' and
> 'bio->bi_integrity' was set previousy in bio_integrity_alloc().
>
> Fixes: commit e7bf90e5afe3 ("block/bio-integrity: fix a memory leak bug")
> Signed-off-by: yu kuai <[email protected]>
> ---
> block/bio-integrity.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/block/bio-integrity.c b/block/bio-integrity.c
> index bf62c25cde8f..ae07dd78e951 100644
> --- a/block/bio-integrity.c
> +++ b/block/bio-integrity.c
> @@ -278,7 +278,6 @@ bool bio_integrity_prep(struct bio *bio)
>
> if (ret == 0) {
> printk(KERN_ERR "could not attach integrity payload\n");
> - kfree(buf);
> status = BLK_STS_RESOURCE;
> goto err_end_io;
> }
Looks correct, and it relies on the fact the 1st 'page' is always added
successfully, so 'buf' is always attached to the bip since then:
Reviewed-by: Ming Lei <[email protected]>
thanks,
Ming
On 6/1/20 8:38 PM, yu kuai wrote:
> commit e7bf90e5afe3 ("block/bio-integrity: fix a memory leak bug") add a
> kree() for 'buf' if bio_integrity_add_page() return '0'. However, the
> object will be freed in bio_integrity_free() since 'bio->bi_opf' and
> 'bio->bi_integrity' was set previousy in bio_integrity_alloc().
>
> Fixes: commit e7bf90e5afe3 ("block/bio-integrity: fix a memory leak bug")
> Signed-off-by: yu kuai <[email protected]>> ---
> block/bio-integrity.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/block/bio-integrity.c b/block/bio-integrity.c
> index bf62c25cde8f..ae07dd78e951 100644
> --- a/block/bio-integrity.c
> +++ b/block/bio-integrity.c
> @@ -278,7 +278,6 @@ bool bio_integrity_prep(struct bio *bio)
>
> if (ret == 0) {
> printk(KERN_ERR "could not attach integrity payload\n");
> - kfree(buf);
> status = BLK_STS_RESOURCE;
> goto err_end_io;
> }
>
Looks good to me.
Reviewed-by: Bob Liu <[email protected]>
On 6/1/20 6:38 AM, yu kuai wrote:
> commit e7bf90e5afe3 ("block/bio-integrity: fix a memory leak bug") add a
> kree() for 'buf' if bio_integrity_add_page() return '0'. However, the
> object will be freed in bio_integrity_free() since 'bio->bi_opf' and
> 'bio->bi_integrity' was set previousy in bio_integrity_alloc().
Applied, thanks.
--
Jens Axboe
Hi Yu!
I suggest a few minor wording tweaks to the commit message:
> commit e7bf90e5afe3 ("block/bio-integrity: fix a memory leak bug") add
s/add/added/
> a kree() for 'buf' if bio_integrity_add_page() return '0'. However,
> the
s/kree/kfree/
s/return/returns/
> object will be freed in bio_integrity_free() since 'bio->bi_opf' and
> 'bio->bi_integrity' was set previousy in bio_integrity_alloc().
s/was/were/
Otherwise OK.
And like Ming pointed out, you may want to add a comment about the
assertion that the first vec is valid.
Acked-by: Martin K. Petersen <[email protected]>
--
Martin K. Petersen Oracle Linux Engineering