OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/drivers/base
History
Alex Williamson e9820ed9a2 driver core: Fix unbalanced device reference in drivers_probe 
commit bb34cb6bbd upstream.

bus_find_device_by_name() acquires a device reference which is never
released.  This results in an object leak, which on older kernels
results in failure to release all resources of PCI devices.  libvirt
uses drivers_probe to re-attach devices to the host after assignment
and is therefore a common trigger for this leak.

Example:

# cd /sys/bus/pci/
# dmesg -C
# echo 1 > devices/0000\:01\:00.0/sriov_numvfs
# echo 0 > devices/0000\:01\:00.0/sriov_numvfs
# dmesg | grep 01:10
 pci 0000:01:10.0: [8086:10ca] type 00 class 0x020000
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_add_internal: parent: '0000:00:01.0', set: 'devices'
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_cleanup, parent           (null)
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): calling ktype release
 kobject: '0000:01:10.0': free name

[kobject freed as expected]

# dmesg -C
# echo 1 > devices/0000\:01\:00.0/sriov_numvfs
# echo 0000:01:10.0 > drivers_probe
# echo 0 > devices/0000\:01\:00.0/sriov_numvfs
# dmesg | grep 01:10
 pci 0000:01:10.0: [8086:10ca] type 00 class 0x020000
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_add_internal: parent: '0000:00:01.0', set: 'devices'
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'

[no free]

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2015-01-16 06:59:31 -08:00
..
power PM / OPP: fix incorrect OPP count handling in of_init_opp_table 2014-06-30 20:11:59 -07:00
regmap regmap: fix kernel hang on regmap_bulk_write with zero val_count. 2014-11-21 09:23:06 -08:00
Kconfig drivers: fix typo in DEVTMPFS_MOUNT Kconfig help text 2013-12-19 15:13:18 +01:00
Makefile ACPI and power management updates for 3.14-rc1 2014-01-24 15:51:02 -08:00
attribute_container.c drivers: avoid format string in dev_set_name 2013-07-03 16:07:41 -07:00
base.h ACPI / hotplug / driver core: Handle containers in a special way 2013-12-29 15:25:48 +01:00
bus.c driver core: Fix unbalanced device reference in drivers_probe 2015-01-16 06:59:31 -08:00
class.c sysfs: make attr namespace interface less convoluted 2013-09-26 14:50:01 -07:00
component.c drivers/base: fix devres handling for master device 2014-02-07 16:45:14 -08:00
container.c ACPI / hotplug / driver core: Handle containers in a special way 2013-12-29 15:25:48 +01:00
core.c sysfs: driver core: Fix glue dir race condition by gdp_mutex 2014-11-14 09:00:13 -08:00
cpu.c hotplug, powerpc, x86: Remove cpu_hotplug_driver_lock() 2013-09-30 19:55:51 +02:00
dd.c drivercore: deferral race condition fix 2014-06-07 10:28:11 -07:00
devres.c devres: restore zeroing behavior of devres_alloc() 2013-10-25 05:46:27 +01:00
devtmpfs.c devtmpfs: Calling delete_path() only when necessary 2013-12-19 10:10:32 -08:00
dma-buf.c dma-buf: update debugfs output 2014-02-13 10:08:52 +05:30
dma-coherent.c drivers: dma-coherent: Fix typo in dma_mmap_from_coherent documentation 2012-10-23 14:05:32 +02:00
dma-contiguous.c DMA, CMA: fix possible memory leak 2014-07-17 16:21:06 -07:00
dma-mapping.c [media] dma-mapping: fix dma_common_get_sgtable() conditional compilation 2012-11-27 09:42:31 -02:00
driver.c driver core: add #include <linux/sysfs.h> to core files. 2013-08-27 10:24:15 -07:00
firmware.c
firmware_class.c firmware_class: make sure fw requests contain a name 2014-10-30 09:38:20 -07:00
hypervisor.c drivers/base: Add export.h for EXPORT_SYMBOL/THIS_MODULE as required. 2011-10-31 19:31:38 -04:00
init.c ACPI / hotplug / driver core: Handle containers in a special way 2013-12-29 15:25:48 +01:00
isa.c
map.c
memory.c driver core: Release device_hotplug_lock when store_mem_state returns EINVAL 2013-10-16 18:42:41 -07:00
module.c
node.c thp: account anon transparent huge pages into NR_ANON_PAGES 2013-09-12 15:38:03 -07:00
pinctrl.c drivers: pinctrl sleep and idle states in the core 2013-06-16 11:56:52 +02:00
platform.c platform_get_irq: Revert to platform_get_resource if of_irq_get fails 2014-07-31 12:52:57 -07:00
reservation.c reservation: cross-device reservation support, v4 2013-06-28 12:02:15 +10:00
soc.c mode_t whack-a-mole: ->is_visible() returns umode_t... 2012-05-29 23:28:42 -04:00
syscore.c
topology.c topology: Fix compilation warning when not in SMP 2014-06-07 10:28:08 -07:00
transport_class.c drivers/base: transport_class explicitly requires EXPORT_SYMBOL 2011-10-31 19:31:15 -04:00