[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 38/47] vfio: Fix memory leak of hostwin
From: |
Michael Roth |
Subject: |
[PATCH 38/47] vfio: Fix memory leak of hostwin |
Date: |
Tue, 14 Dec 2021 18:01:16 -0600 |
From: Peng Liang <liangpeng10@huawei.com>
hostwin is allocated and added to hostwin_list in vfio_host_win_add, but
it is only deleted from hostwin_list in vfio_host_win_del, which causes
a memory leak. Also, freeing all elements in hostwin_list is missing in
vfio_disconnect_container.
Fix: 2e4109de8e58 ("vfio/spapr: Create DMA window dynamically (SPAPR IOMMU v2)")
CC: qemu-stable@nongnu.org
Signed-off-by: Peng Liang <liangpeng10@huawei.com>
Link: https://lore.kernel.org/r/20211117014739.1839263-1-liangpeng10@huawei.com
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
(cherry picked from commit f3bc3a73c908df15966e66f88d5a633bd42fd029)
Signed-off-by: Michael Roth <michael.roth@amd.com>
---
hw/vfio/common.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/hw/vfio/common.c b/hw/vfio/common.c
index 8728d4d5c2..af37346aca 100644
--- a/hw/vfio/common.c
+++ b/hw/vfio/common.c
@@ -551,6 +551,7 @@ static int vfio_host_win_del(VFIOContainer *container,
hwaddr min_iova,
QLIST_FOREACH(hostwin, &container->hostwin_list, hostwin_next) {
if (hostwin->min_iova == min_iova && hostwin->max_iova == max_iova) {
QLIST_REMOVE(hostwin, hostwin_next);
+ g_free(hostwin);
return 0;
}
}
@@ -2230,6 +2231,7 @@ static void vfio_disconnect_container(VFIOGroup *group)
if (QLIST_EMPTY(&container->group_list)) {
VFIOAddressSpace *space = container->space;
VFIOGuestIOMMU *giommu, *tmp;
+ VFIOHostDMAWindow *hostwin, *next;
QLIST_REMOVE(container, next);
@@ -2240,6 +2242,12 @@ static void vfio_disconnect_container(VFIOGroup *group)
g_free(giommu);
}
+ QLIST_FOREACH_SAFE(hostwin, &container->hostwin_list, hostwin_next,
+ next) {
+ QLIST_REMOVE(hostwin, hostwin_next);
+ g_free(hostwin);
+ }
+
trace_vfio_disconnect_container(container->fd);
close(container->fd);
g_free(container);
--
2.25.1
- [PATCH 29/47] target-i386: mmu: use pg_mode instead of HF_LMA_MASK, (continued)
- [PATCH 29/47] target-i386: mmu: use pg_mode instead of HF_LMA_MASK, Michael Roth, 2021/12/14
- [PATCH 30/47] target-i386: mmu: fix handling of noncanonical virtual addresses, Michael Roth, 2021/12/14
- [PATCH 02/47] target/arm: Don't skip M-profile reset entirely in user mode, Michael Roth, 2021/12/14
- [PATCH 31/47] hw/scsi/scsi-disk: MODE_PAGE_ALLS not allowed in MODE SELECT commands, Michael Roth, 2021/12/14
- [PATCH 32/47] hw: m68k: virt: Add compat machine for 6.1, Michael Roth, 2021/12/14
- [PATCH 33/47] rcu: Introduce force_rcu notifier, Michael Roth, 2021/12/14
- [PATCH 34/47] accel/tcg: Register a force_rcu notifier, Michael Roth, 2021/12/14
- [PATCH 35/47] pcie: rename 'native-hotplug' to 'x-native-hotplug', Michael Roth, 2021/12/14
- [PATCH 36/47] virtio: use virtio accessor to access packed descriptor flags, Michael Roth, 2021/12/14
- [PATCH 37/47] virtio: use virtio accessor to access packed event, Michael Roth, 2021/12/14
- [PATCH 38/47] vfio: Fix memory leak of hostwin,
Michael Roth <=
- [PATCH 39/47] nbd/server: Don't complain on certain client disconnects, Michael Roth, 2021/12/14
- [PATCH 40/47] hw/nvme: fix buffer overrun in nvme_changed_nslist (CVE-2021-3947), Michael Roth, 2021/12/14
- [PATCH 03/47] virtio-net: fix use after unmap/free for sg, Michael Roth, 2021/12/14
- [PATCH 41/47] chardev/wctable: don't free the instance in wctablet_chr_finalize, Michael Roth, 2021/12/14
- [PATCH 42/47] hw/block/fdc: Extract blk_create_empty_drive(), Michael Roth, 2021/12/14
- [PATCH 43/47] hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196, Michael Roth, 2021/12/14
- [PATCH 44/47] tests/qtest/fdc-test: Add a regression test for CVE-2021-20196, Michael Roth, 2021/12/14
- [PATCH 45/47] virtio-blk: Fix clean up of host notifiers for single MR transaction., Michael Roth, 2021/12/14
- [PATCH 46/47] net: vmxnet3: validate configuration values during activate (CVE-2021-20203), Michael Roth, 2021/12/14
- [PATCH 47/47] e1000: fix tx re-entrancy problem, Michael Roth, 2021/12/14