iommu/dma: Fix leak in non-contiguous API

Message ID	20210723010552.50969-1-ezequiel@collabora.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-media-owner@kernel.org> sender: ezequiel) with ESMTPSA id 5C8B01F447F8 From: Ezequiel Garcia <ezequiel@collabora.com> To: iommu@lists.linux-foundation.org, linux-media@vger.kernel.org Cc: Joerg Roedel <joro@8bytes.org>, Will Deacon <will@kernel.org>, Christoph Hellwig <hch@lst.de>, Tomasz Figa <tfiga@chromium.org>, Ricardo Ribalda <ribalda@chromium.org>, Ezequiel Garcia <ezequiel@collabora.com>, kernel@collabora.com, stable@vger.kernel.org Subject: [PATCH] iommu/dma: Fix leak in non-contiguous API Date: Thu, 22 Jul 2021 22:05:52 -0300 Message-Id: <20210723010552.50969-1-ezequiel@collabora.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	iommu/dma: Fix leak in non-contiguous API \| expand iommu/dma: Fix leak in non-contiguous API

Message ID

20210723010552.50969-1-ezequiel@collabora.com (mailing list archive)

State

New, archived

Headers

From: Ezequiel Garcia <ezequiel@collabora.com>
To: iommu@lists.linux-foundation.org, linux-media@vger.kernel.org
Cc: Joerg Roedel <joro@8bytes.org>, Will Deacon <will@kernel.org>,
        Christoph Hellwig <hch@lst.de>,
        Tomasz Figa <tfiga@chromium.org>,
        Ricardo Ribalda <ribalda@chromium.org>,
        Ezequiel Garcia <ezequiel@collabora.com>, kernel@collabora.com,
        stable@vger.kernel.org
Subject: [PATCH] iommu/dma: Fix leak in non-contiguous API
Date: Thu, 22 Jul 2021 22:05:52 -0300
Message-Id: <20210723010552.50969-1-ezequiel@collabora.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

iommu/dma: Fix leak in non-contiguous API | expand

Commit Message

Ezequiel Garcia July 23, 2021, 1:05 a.m. UTC

Currently, iommu_dma_alloc_noncontiguous() allocates a
struct dma_sgt_handle object to hold some state needed for
iommu_dma_free_noncontiguous().

However, the handle is neither freed nor returned explicitly by
the ->alloc_noncontiguous method, and therefore seems leaked.
This was found by code inspection, so please review carefully and test.

As a side note, it appears the struct dma_sgt_handle type is exposed
to users of the DMA-API by linux/dma-map-ops.h, but is has no users
or functions returning the type explicitly.

This may indicate it's a good idea to move the struct dma_sgt_handle type
to drivers/iommu/dma-iommu.c. The decision is left to maintainers :-)

Cc: stable@vger.kernel.org
Fixes: e817ee5f2f95c ("dma-iommu: implement ->alloc_noncontiguous")
Signed-off-by: Ezequiel Garcia <ezequiel@collabora.com>
---
 drivers/iommu/dma-iommu.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Christoph Hellwig July 23, 2021, 5:09 a.m. UTC | #1

Looks good,

Reviewed-by: Christoph Hellwig <hch@lst.de>

> As a side note, it appears the struct dma_sgt_handle type is exposed
> to users of the DMA-API by linux/dma-map-ops.h, but is has no users
> or functions returning the type explicitly.
> 
> This may indicate it's a good idea to move the struct dma_sgt_handle type
> to drivers/iommu/dma-iommu.c. The decision is left to maintainers :-)

linux/dma-map-ops.h is a helper header for the dma_ops implementations,
not for users of the DMA API.  sgt_handle, which references
dma_sgt_handle is used in kernel/dma/mapping.c

Joerg Roedel July 26, 2021, 12:27 p.m. UTC | #2

On Thu, Jul 22, 2021 at 10:05:52PM -0300, Ezequiel Garcia wrote:
>  drivers/iommu/dma-iommu.c | 1 +
>  1 file changed, 1 insertion(+)

Applied to iommu/fixes, thanks.

diff --git a/drivers/iommu/dma-iommu.c b/drivers/iommu/dma-iommu.c
index 4e34e8b26579..16c06a1aab80 100644
--- a/drivers/iommu/dma-iommu.c
+++ b/drivers/iommu/dma-iommu.c
@@ -768,6 +768,7 @@  static void iommu_dma_free_noncontiguous(struct device *dev, size_t size,
 	__iommu_dma_unmap(dev, sgt->sgl->dma_address, size);
 	__iommu_dma_free_pages(sh->pages, PAGE_ALIGN(size) >> PAGE_SHIFT);
 	sg_free_table(&sh->sgt);
+	kfree(sh);
 }
 #endif /* CONFIG_DMA_REMAP */

iommu/dma: Fix leak in non-contiguous API

Commit Message

Comments

Patch