github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 15:12:59 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
c5bcceb0e6
linux/drivers
History
Alex Williamson bdf2a0db17 driver core: Fix unbalanced device reference in drivers_probe 
commit bb34cb6bbd upstream.

bus_find_device_by_name() acquires a device reference which is never
released.  This results in an object leak, which on older kernels
results in failure to release all resources of PCI devices.  libvirt
uses drivers_probe to re-attach devices to the host after assignment
and is therefore a common trigger for this leak.

Example:

# cd /sys/bus/pci/
# dmesg -C
# echo 1 > devices/0000\:01\:00.0/sriov_numvfs
# echo 0 > devices/0000\:01\:00.0/sriov_numvfs
# dmesg | grep 01:10
 pci 0000:01:10.0: [8086:10ca] type 00 class 0x020000
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_add_internal: parent: '0000:00:01.0', set: 'devices'
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_cleanup, parent           (null)
 kobject: '0000:01:10.0' (ffff8801d79cd0a8): calling ktype release
 kobject: '0000:01:10.0': free name

[kobject freed as expected]

# dmesg -C
# echo 1 > devices/0000\:01\:00.0/sriov_numvfs
# echo 0000:01:10.0 > drivers_probe
# echo 0 > devices/0000\:01\:00.0/sriov_numvfs
# dmesg | grep 01:10
 pci 0000:01:10.0: [8086:10ca] type 00 class 0x020000
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_add_internal: parent: '0000:00:01.0', set: 'devices'
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_uevent_env
 kobject: '0000:01:10.0' (ffff8801d79ce0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0'

[no free]

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2015-01-16 06:59:01 -08:00
..
accessibility
acpi ACPICA: Update to GPIO region handler interface. 2014-10-05 14:54:11 -07:00
amba
ata sata_fsl: fix error handling of irq_of_parse_and_map 2014-12-16 09:09:42 -08:00
atm atm: idt77252: fix dev refcnt leak 2013-12-08 07:29:25 -08:00
auxdisplay
base driver core: Fix unbalanced device reference in drivers_probe 2015-01-16 06:59:01 -08:00
bcma
block sunvdc: don't call VD_OP_GET_VTOC 2014-11-21 09:22:52 -08:00
bluetooth Bluetooth: Fix issue with USB suspend in btusb driver 2014-10-30 09:35:12 -07:00
bus bus: mvebu-mbus: allow several windows with the same target/attribute 2014-06-07 13:25:37 -07:00
cdrom
char random: add and use memzero_explicit() for clearing data 2014-11-14 08:47:55 -08:00
clk clk: spear3xx: Use proper control register offset 2014-07-17 15:58:02 -07:00
clocksource clocksource: Exynos_mct: Register clock event after request_irq() 2014-06-07 13:25:29 -07:00
connector net: Use netlink_ns_capable to verify the permisions of netlink messages 2014-06-26 15:12:37 -04:00
cpufreq cpufreq: intel_pstate: Fix setting max_perf_pct in performance policy 2014-11-14 08:47:58 -08:00
cpuidle cpuidle: Check the result of cpuidle_get_driver() against NULL 2014-04-14 06:42:15 -07:00
crypto crypto: ux500 - make interrupt mode plausible 2014-09-05 16:28:35 -07:00
dca
devfreq
dio
dma ioat: fix tasklet tear down 2014-03-06 21:30:14 -08:00
edac cpc925_edac: Report UE events properly 2014-11-14 08:48:00 -08:00
eisa Revert "EISA: Initialize device before its resources" 2014-02-13 13:47:59 -08:00
extcon extcon: max77693: Fix two NULL pointer exceptions on missing pdata 2014-07-06 18:54:15 -07:00
firewire firewire: cdev: prevent kernel stack leaking into ioctl arguments 2014-11-21 09:22:53 -08:00
firmware firmware: Do not use WARN_ON(!spin_is_locked()) 2014-09-17 09:03:57 -07:00
gpio gpio: mxs: Allow for recursive enable_irq_wake() call 2014-05-13 13:59:45 +02:00
gpu drm/i915: Unlock panel even when LVDS is disabled 2014-12-16 09:09:42 -08:00
hid HID: Add a new id 0x501a for Genius MousePen i608X 2015-01-16 06:59:01 -08:00
hsi
hv Drivers: hv: vmbus: Fix a bug in vmbus_open() 2014-10-30 09:35:11 -07:00
hwmon hwmon: (dme1737) Prevent overflow problem when writing large limits 2014-09-05 16:28:35 -07:00
hwspinlock
i2c i2c: davinci: generate STP always when NACK is received 2014-12-16 09:09:42 -08:00
ide
idle x86 idle: Repair large-server 50-watt idle-power regression 2014-01-09 12:24:21 -08:00
iio iio:inkern: fix overwritten -EPROBE_DEFER in of_iio_channel_get_by_name 2014-10-05 14:54:12 -07:00
infiniband iser-target: Handle DEVICE_REMOVAL event on network portal listener correctly 2014-12-06 15:05:49 -08:00
input Input: xpad - use proper endpoint type 2014-12-06 15:05:49 -08:00
iommu iommu/vt-d: Fix an off-by-one bug in __domain_mapping() 2015-01-16 06:59:01 -08:00
ipack
irqchip irqchip: gic: Fix core ID calculation when topology is read from DT 2014-07-28 08:00:06 -07:00
isdn isdnloop: several buffer overflows 2014-04-14 06:42:18 -07:00
leds leds: leds-pwm: properly clean up after probe failure 2014-06-07 13:25:34 -07:00
lguest x86, flags: Rename X86_EFLAGS_BIT1 to X86_EFLAGS_FIXED 2014-11-14 08:47:54 -08:00
macintosh
mailbox
md dm space map metadata: fix sm_bootstrap_get_nr_blocks() 2015-01-08 09:58:15 -08:00
media media: smiapp: Only some selection targets are settable 2014-12-16 09:09:42 -08:00
memory
memstick
message mptfusion: enable no_write_same for vmware scsi disks 2014-10-30 09:35:10 -07:00
mfd mfd: tc6393xb: Fail ohci suspend if full state restore is required 2015-01-08 09:58:15 -08:00
misc mei: bus: fix possible boundaries violation 2014-11-21 09:22:55 -08:00
mmc mmc: block: add newline to sysfs display of force_ro 2015-01-08 09:58:15 -08:00
mtd UBI: Fix double free after do_sync_erase() 2015-01-16 06:59:01 -08:00
net ath5k: fix hardware queue index assignment 2015-01-16 06:59:00 -08:00
nfc NFC: microread: Potential overflows in microread_target_discovered() 2014-10-05 14:54:12 -07:00
ntb NTB: Correct debugfs to work with more than 1 NTB Device 2013-11-13 12:05:35 +09:00
nubus
of of/base: Fix PowerPC address parsing hack 2014-12-06 15:05:47 -08:00
oprofile
parisc
parport parport: parport_pc: remove double PCI ID for NetMos 2014-02-06 11:08:15 -08:00
pci PCI: Restore detection of read-only BARs 2015-01-16 06:59:00 -08:00
pcmcia
pinctrl pinctrl: protect pinctrl_list add 2014-02-20 11:06:11 -08:00
platform dell-wmi: Fix access out of memory 2014-11-21 09:22:55 -08:00
pnp PNP / ACPI: proper handling of ACPI IO/Memory resource parsing failures 2014-03-23 21:38:22 -07:00
power power: max17040: Fix NULL pointer dereference when there is no platform_data 2014-02-22 12:41:29 -08:00
pps
ps3
ptp
pwm
rapidio rapidio/tsi721_dma: fix failure to obtain transaction descriptor 2014-08-07 14:30:25 -07:00
regulator regulator: arizona-ldo1: remove bypass functionality 2014-09-17 09:03:57 -07:00
remoteproc
reset
rpmsg
rtc rtc: rtc-at91rm9200: fix infinite wait for ACKUPD irq 2014-06-26 15:12:37 -04:00
s390 s390/chsc: fix SEI usage on old FW levels 2014-05-13 13:59:42 +02:00
sbus bbc-i2c: Fix BBC I2C envctrl on SunBlade 2000 2014-08-14 09:24:16 +08:00
scsi megaraid_sas: corrected return of wait_event from abort frame path 2015-01-08 09:58:15 -08:00
sfi
sh
sn
spi spi: dw: Fix dynamic speed change. 2014-12-06 15:05:49 -08:00
ssb
ssbi
staging staging:iio:ade7758: Remove "raw" from channel name 2014-11-14 08:47:58 -08:00
target target: Don't call TFO->write_pending if data_length == 0 2014-12-06 15:05:49 -08:00
tc
thermal
tty tty: Fix high cpu load if tty is unreleaseable 2014-11-14 08:48:00 -08:00
uio Fix a few incorrectly checked [io_]remap_pfn_range() calls 2013-11-13 12:05:33 +09:00
usb USB: xhci: don't start a halted endpoint before its new dequeue is set 2014-12-06 15:05:48 -08:00
uwb
vfio mm: close PageTail race 2014-04-03 12:01:05 -07:00
vhost vhost: validate vhost_get_vq_desc return value 2014-04-14 06:42:18 -07:00
video framebuffer: fix border color 2014-11-14 08:47:56 -08:00
virt
virtio virtio_pci: fix virtio spec compliance on restore 2014-11-14 08:47:55 -08:00
vlynq
vme VME: Correct read/write alignment algorithm 2014-02-22 12:41:28 -08:00
w1 w1: fix w1_send_slave dropping a slave id 2014-05-06 07:55:28 -07:00
watchdog watchdog: ath79_wdt: avoid spurious restarts on AR934x 2014-07-06 18:54:14 -07:00
xen swiotlb-xen: pass dev_addr to swiotlb_tbl_unmap_single 2015-01-16 06:59:00 -08:00
zorro
Kconfig
Makefile