summaryrefslogtreecommitdiff
path: root/Documentation
diff options
context:
space:
mode:
authorPan Xinhui <xinhuix.pan@intel.com>2015-03-28 10:42:56 +0800
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2015-05-10 19:25:32 +0200
commit8f9cfeed3eae86c70d3b04445a6f2036b27b6304 (patch)
tree2582a9a80a8961dc8f0598570c77bc871f05598e /Documentation
parentec61847855094d6f6144340b26f14203f25dd4e9 (diff)
downloadkernel-8f9cfeed3eae86c70d3b04445a6f2036b27b6304.tar.gz
tty/n_gsm.c: fix a memory leak when gsmtty is removed
when gsmtty_remove put dlci, it will cause memory leak if dlci->port's refcount is zero. So we do the cleanup work in .cleanup callback instead. dlci will be last put in two call chains. 1) gsmld_close -> gsm_cleanup_mux -> gsm_dlci_release -> dlci_put 2) gsmld_remove -> dlci_put so there is a race. the memory leak depends on the race. In call chain 2. we hit the memory leak. below comment tells. release_tty -> tty_driver_remove_tty -> gsmtty_remove -> dlci_put -> tty_port_destructor (WARN_ON(port->itty) and return directly) | tty->port->itty = NULL; | tty_kref_put ---> release_one_tty -> gsmtty_cleanup (added by our patch) So our patch fix the memory leak by doing the cleanup work after tty core did. Signed-off-by: Pan Xinhui <xinhuix.pan@intel.com> Fixes: dfabf7ffa30585 Cc: stable <stable@vger.kernel.org> # 3.14+ Acked-by: Jiri Slaby <jslaby@suse.cz> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'Documentation')
0 files changed, 0 insertions, 0 deletions