From: Rafał Miłecki <[email protected]>
This function is called from get_station callback which means that every
time user space was getting/dumping station(s) we were leaking 2 KiB.
Signed-off-by: Rafał Miłecki <[email protected]>
Fixes: 1f0dc59a6de ("brcmfmac: rework .get_station() callback")
Cc: [email protected] # 4.2+
---
Kalle, ideally this should go as 4.8 fix, but I'm aware it's quite late.
If you are not planning to send another pull request, just get it for
the next release and let's let stable guys backport it.
---
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
index b8aec5e5..62a7675 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
@@ -2533,7 +2533,7 @@ static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
WL_BSS_INFO_MAX);
if (err) {
brcmf_err("Failed to get bss info (%d)\n", err);
- return;
+ goto out_kfree;
}
si->filled |= BIT(NL80211_STA_INFO_BSS_PARAM);
si->bss_param.beacon_interval = le16_to_cpu(buf->bss_le.beacon_period);
@@ -2545,6 +2545,9 @@ static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE;
if (capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME;
+
+out_kfree:
+ kfree(buf);
}
static s32
--
2.9.3
Rafa=C5=82 Mi=C5=82ecki <[email protected]> writes:
> From: Rafa=C5=82 Mi=C5=82ecki <[email protected]>
>
> This function is called from get_station callback which means that every
> time user space was getting/dumping station(s) we were leaking 2 KiB.
>
> Signed-off-by: Rafa=C5=82 Mi=C5=82ecki <[email protected]>
> Fixes: 1f0dc59a6de ("brcmfmac: rework .get_station() callback")
> Cc: [email protected] # 4.2+
> ---
> Kalle, ideally this should go as 4.8 fix, but I'm aware it's quite late.
> If you are not planning to send another pull request, just get it for
> the next release and let's let stable guys backport it.
An old memory leak is not severe enough for 4.8 at this stage, so I'll
queue this to 4.9.
BTW, either my Gnus or my SMTP server (I haven't bothered to check yet
why exactly) don't like the names with style of "(open list:NETWORKING
DRIVERS)" in the CC list, I have to edit them away everytime I reply.
Does anyone have any ideas why that's happening just to me?
--=20
Kalle Valo
On 21-9-2016 8:23, Rafał Miłecki wrote:
> From: Rafał Miłecki <[email protected]>
>
> This function is called from get_station callback which means that every
> time user space was getting/dumping station(s) we were leaking 2 KiB.
>
Acked-by: Arend van Spriel <[email protected]>
> Signed-off-by: Rafał Miłecki <[email protected]>
> Fixes: 1f0dc59a6de ("brcmfmac: rework .get_station() callback")
> Cc: [email protected] # 4.2+
> ---
> Kalle, ideally this should go as 4.8 fix, but I'm aware it's quite late.
> If you are not planning to send another pull request, just get it for
> the next release and let's let stable guys backport it.
> ---
> drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> index b8aec5e5..62a7675 100644
> --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> @@ -2533,7 +2533,7 @@ static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
> WL_BSS_INFO_MAX);
> if (err) {
> brcmf_err("Failed to get bss info (%d)\n", err);
> - return;
> + goto out_kfree;
> }
> si->filled |= BIT(NL80211_STA_INFO_BSS_PARAM);
> si->bss_param.beacon_interval = le16_to_cpu(buf->bss_le.beacon_period);
> @@ -2545,6 +2545,9 @@ static void brcmf_fill_bss_param(struct brcmf_if *ifp, struct station_info *si)
> si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_PREAMBLE;
> if (capability & WLAN_CAPABILITY_SHORT_SLOT_TIME)
> si->bss_param.flags |= BSS_PARAM_FLAGS_SHORT_SLOT_TIME;
> +
> +out_kfree:
> + kfree(buf);
> }
>
> static s32
>
Rafał Miłecki wrote:
> From: Rafał Miłecki <[email protected]>
>
> This function is called from get_station callback which means that every
> time user space was getting/dumping station(s) we were leaking 2 KiB.
>
> Signed-off-by: Rafał Miłecki <[email protected]>
> Fixes: 1f0dc59a6de ("brcmfmac: rework .get_station() callback")
> Cc: [email protected] # 4.2+
> Acked-by: Arend van Spriel <[email protected]>
Patch applied to wireless-drivers-next.git, thanks.
23e9c128adb2 brcmfmac: fix memory leak in brcmf_fill_bss_param
--
https://patchwork.kernel.org/patch/9342879/
Documentation about submitting wireless patches and checking status
from patchwork:
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches