From: Long Li <[email protected]>
When storvsc is sending I/O to Hyper-v, it may allocate a bigger buffer
descriptor for large data payload that can't fit into a pre-allocated
buffer descriptor. This bigger buffer is freed on return path.
If I/O request to Hyper-v fails due to ring buffer busy, the storvsc allocated
buffer descriptor should also be freed.
Signed-off-by: Long Li <[email protected]>
---
drivers/scsi/storvsc_drv.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/scsi/storvsc_drv.c b/drivers/scsi/storvsc_drv.c
index 009adb0..db52882 100644
--- a/drivers/scsi/storvsc_drv.c
+++ b/drivers/scsi/storvsc_drv.c
@@ -1657,6 +1657,8 @@ static int storvsc_queuecommand(struct Scsi_Host *host, struct scsi_cmnd *scmnd)
ret = storvsc_do_io(dev, cmd_request, smp_processor_id());
if (ret == -EAGAIN) {
+ if (payload_sz > sizeof(cmd_request->mpb))
+ kfree(payload);
/* no more space */
return SCSI_MLQUEUE_DEVICE_BUSY;
}
--
2.7.4
Long,
> When storvsc is sending I/O to Hyper-v, it may allocate a bigger
> buffer descriptor for large data payload that can't fit into a
> pre-allocated buffer descriptor. This bigger buffer is freed on return
> path.
>
> If I/O request to Hyper-v fails due to ring buffer busy, the storvsc
> allocated buffer descriptor should also be freed.
Which kernel version is this patch aimed at?
--
Martin K. Petersen Oracle Linux Engineering
> -----Original Message-----
> From: Martin K. Petersen [mailto:[email protected]]
> Sent: Tuesday, August 29, 2017 6:31 PM
> To: Long Li <[email protected]>
> Cc: KY Srinivasan <[email protected]>; Haiyang Zhang
> <[email protected]>; James E . J . Bottomley
> <[email protected]>; [email protected]; linux-
> [email protected]; [email protected]; Long Li
> <[email protected]>
> Subject: Re: [PATCH] storvsc: fix memory leak on ring buffer busy
>
>
> Long,
>
> > When storvsc is sending I/O to Hyper-v, it may allocate a bigger
> > buffer descriptor for large data payload that can't fit into a
> > pre-allocated buffer descriptor. This bigger buffer is freed on return
> > path.
> >
> > If I/O request to Hyper-v fails due to ring buffer busy, the storvsc
> > allocated buffer descriptor should also be freed.
>
> Which kernel version is this patch aimed at?
Martin, thanks for pointing this out. This should also go to stable trees.
Cc: [email protected]
>
> --
> Martin K. Petersen Oracle Linux Engineering
On Tue, 29 Aug 2017 21:31:11 -0400
"Martin K. Petersen" <[email protected]> wrote:
> Long,
>
> > When storvsc is sending I/O to Hyper-v, it may allocate a bigger
> > buffer descriptor for large data payload that can't fit into a
> > pre-allocated buffer descriptor. This bigger buffer is freed on return
> > path.
> >
> > If I/O request to Hyper-v fails due to ring buffer busy, the storvsc
> > allocated buffer descriptor should also be freed.
>
> Which kernel version is this patch aimed at?
>
Looks like this an old issue. Probably should add
Fixes: be0cf6ca301c ("scsi: storvsc: Set the tablesize based on the information given by the host")
Long,
>> Which kernel version is this patch aimed at?
>
> Martin, thanks for pointing this out. This should also go to stable
> trees.
The reason I asked is that it didn't apply to neither fixes, nor
for-next.
I applied it to 4.13/scsi-fixes by hand and added a stable tag.
--
Martin K. Petersen Oracle Linux Engineering
> Long,
>
> >> Which kernel version is this patch aimed at?
> >
> > Martin, thanks for pointing this out. This should also go to stable
> > trees.
>
> The reason I asked is that it didn't apply to neither fixes, nor for-next.
>
> I applied it to 4.13/scsi-fixes by hand and added a stable tag.
Thank you. I'm sorry I misunderstood your question. I just realized I was working on an experimental branch. Sorry about that.
>
> --
> Martin K. Petersen Oracle Linux Engineering