superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/drivers
History
David Disseldorp 1cd41d1669 scsi: target: core: Fix target_cmd_counter leak 
[ Upstream commit d14e3e553e ]

The target_cmd_counter struct allocated via target_alloc_cmd_counter() is
never freed, resulting in leaks across various transport types, e.g.:

 unreferenced object 0xffff88801f920120 (size 96):
  comm "sh", pid 102, jiffies 4294892535 (age 713.412s)
  hex dump (first 32 bytes):
    07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 38 01 92 1f 80 88 ff ff  ........8.......
  backtrace:
    [<00000000e58a6252>] kmalloc_trace+0x11/0x20
    [<0000000043af4b2f>] target_alloc_cmd_counter+0x17/0x90 [target_core_mod]
    [<000000007da2dfa7>] target_setup_session+0x2d/0x140 [target_core_mod]
    [<0000000068feef86>] tcm_loop_tpg_nexus_store+0x19b/0x350 [tcm_loop]
    [<000000006a80e021>] configfs_write_iter+0xb1/0x120
    [<00000000e9f4d860>] vfs_write+0x2e4/0x3c0
    [<000000008143433b>] ksys_write+0x80/0xb0
    [<00000000a7df29b2>] do_syscall_64+0x42/0x90
    [<0000000053f45fb8>] entry_SYSCALL_64_after_hwframe+0x6e/0xd8

Free the structure alongside the corresponding iscsit_conn / se_sess
parent.

Signed-off-by: David Disseldorp <ddiss@suse.de>
Link: https://lore.kernel.org/r/20230831183459.6938-1-ddiss@suse.de
Fixes: becd9be606 ("scsi: target: Move sess cmd counter to new struct")
Reviewed-by: Mike Christie <michael.christie@oracle.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-09-23 11:11:09 +02:00
..
accessibility
acpi ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects 2023-09-23 11:11:00 +02:00
amba amba: bus: fix refcount leak 2023-09-13 09:42:56 +02:00
android binder: fix memory leak in binder_init() 2023-08-16 18:27:24 +02:00
ata ata: pata_ftide010: Add missing MODULE_DESCRIPTION 2023-09-19 12:28:05 +02:00
atm
auxdisplay
base drivers: base: Free devm resources when unregistering a device 2023-09-13 09:42:54 +02:00
bcma
block null_blk: fix poll request timeout handling 2023-09-19 12:27:56 +02:00
bluetooth Bluetooth: btusb: Do not call kfree_skb() under spin_lock_irqsave() 2023-09-13 09:42:34 +02:00
bus bus: ti-sysc: Configure uart quirks for k3 SoC 2023-09-23 11:11:05 +02:00
cdrom
char tpm_tis: Resend command to recover from data transfer errors 2023-09-23 11:11:02 +02:00
clk clk: qcom: mss-sc7180: fix missing resume during probe 2023-09-19 12:27:57 +02:00
clocksource clocksource/drivers/arm_arch_timer: Disable timer before programming CVAL 2023-09-19 12:28:04 +02:00
comedi
connector
counter
cpufreq cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug 2023-09-13 09:43:04 +02:00
cpuidle powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT 2023-09-13 09:42:48 +02:00
crypto crypto: stm32 - fix loop iterating through scatterlist for DMA 2023-09-13 09:43:04 +02:00
cxl cxl/acpi: Return 'rc' instead of '0' in cxl_parse_cfmws() 2023-08-03 10:24:04 +02:00
dax dax/kmem: Pass valid argument to memory_group_register_static 2023-07-19 16:21:43 +02:00
dca
devfreq PM / devfreq: Fix leak in devfreq_dev_release() 2023-09-13 09:42:59 +02:00
dio
dma dmaengine: sh: rz-dmac: Fix destination and source data size setting 2023-09-19 12:28:04 +02:00
dma-buf dma-buf: Add unlocked variant of attachment-mapping functions 2023-09-23 11:11:08 +02:00
edac EDAC/igen6: Fix the issue of no error events 2023-09-13 09:42:45 +02:00
eisa
extcon extcon: cht_wc: add POWER_SUPPLY dependency 2023-09-13 09:42:53 +02:00
firewire firewire: net: fix use after free in fwnet_finish_incoming_packet() 2023-08-23 17:52:24 +02:00
firmware arm64: sdei: abort running SDEI handlers during crash 2023-09-13 09:43:03 +02:00
fpga
fsi fsi: aspeed: Reset master errors after CFAM reset 2023-09-13 09:42:54 +02:00
gnss
gpio gpio: sim: pass the GPIO device's software node to irq domain 2023-08-30 16:11:13 +02:00
gpu drm: gm12u320: Fix the timeout usage for usb_bulk_msg() 2023-09-23 11:11:08 +02:00
greybus
hid HID: multitouch: Correct devm device reference for hidinput input_dev name 2023-09-13 09:42:57 +02:00
hsi
hte
hv Drivers: hv: vmbus: Don't dereference ACPI root object handle 2023-09-13 09:42:59 +02:00
hwmon hwmon: (tmp513) Fix the channel number in tmp51x_is_visible() 2023-09-13 09:42:35 +02:00
hwspinlock hwspinlock: qcom: add missing regmap config for SFPB MMIO implementation 2023-09-19 12:28:05 +02:00
hwtracing coresight: trbe: Fix TRBE potential sleep in atomic context 2023-09-13 09:42:56 +02:00
i2c treewide: Fix probing of devices in DT overlays 2023-09-13 09:43:05 +02:00
i3c i3c: master: svc: fix probe failure when no i3c device exist 2023-09-13 09:43:01 +02:00
idle
iio iio: accel: adxl313: Fix adxl313_i2c_id[] table 2023-09-13 09:42:52 +02:00
infiniband RDMA/efa: Fix wrong resources deallocation order 2023-09-13 09:42:57 +02:00
input Input: tca6416-keypad - fix interrupt enable disbalance 2023-09-19 12:27:59 +02:00
interconnect interconnect: Fix locking for runpm vs reclaim 2023-09-23 11:11:07 +02:00
iommu iommu/vt-d: Fix to flush cache of PASID directory table 2023-09-13 09:42:54 +02:00
ipack
irqchip irqchip/loongson-eiointc: Fix return value checking of eiointc_index 2023-09-13 09:42:29 +02:00
isdn mISDN: Update parameter type of dsp_cmx_send() 2023-08-16 18:27:26 +02:00
leds leds: trigger: tty: Do not use LED_ON/OFF constants, use led_blink_set_oneshot instead 2023-09-13 09:42:58 +02:00
macintosh
mailbox mailbox: qcom-ipcc: fix incorrect num_chans counting 2023-09-19 12:27:58 +02:00
mcb
md md: raid1: fix potential OOB in raid1_remove_disk() 2023-09-23 11:11:05 +02:00
media media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning 2023-09-23 11:11:07 +02:00
memory memory: brcmstb_dpfe: fix testing array offset after use 2023-07-19 16:21:24 +02:00
memstick memstick r592: make memstick_debug_get_tpc_name() static 2023-07-19 16:21:08 +02:00
message
mfd mfd: pm8008: Fix module autoloading 2023-07-23 13:49:37 +02:00
misc misc: fastrpc: Fix incorrect DMA mapping unmap request 2023-09-23 11:11:08 +02:00
mmc mmc: sdhci-esdhc-imx: improve ESDHC_FLAG_ERR010450 2023-09-23 11:11:02 +02:00
most
mtd mtd: rawnand: brcmnand: Fix ECC level field setting for v7.2 controller 2023-09-19 12:28:06 +02:00
mux
net wifi: mac80211_hwsim: drop short frames 2023-09-23 11:11:03 +02:00
nfc
ntb ntb: Fix calculation ntb_transport_tx_free_entry() 2023-09-13 09:43:02 +02:00
nubus nubus: Partially revert proc_create_single_data() conversion 2023-07-05 18:27:37 +01:00
nvdimm nvdimm: Fix dereference after free in register_nvdimm_pmu() 2023-09-13 09:42:47 +02:00
nvme nvmet-tcp: pass iov_len instead of sg->length to bvec_set_page() 2023-09-23 11:11:08 +02:00
nvmem nvmem: rmem: Use NVMEM_DEVID_AUTO 2023-07-19 16:21:57 +02:00
of treewide: Fix probing of devices in DT overlays 2023-09-13 09:43:05 +02:00
opp OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd() 2023-09-13 09:42:28 +02:00
parisc parisc: led: Reduce CPU overhead for disk & lan LED computation 2023-09-19 12:27:57 +02:00
parport
pci PCI: fu740: Set the number of MSI vectors 2023-09-23 11:11:05 +02:00
pcmcia pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() 2023-08-23 17:52:24 +02:00
peci
perf perf/imx_ddr: speed up overflow frequency of cycle 2023-09-23 11:11:00 +02:00
phy phy/rockchip: inno-hdmi: do not power on rk3328 post pll on reg write 2023-09-13 09:42:58 +02:00
pinctrl pinctrl: cherryview: fix address_space_handler() argument 2023-09-19 12:27:57 +02:00
platform platform/mellanox: NVSW_SN2201 should depend on ACPI 2023-09-19 12:28:09 +02:00
pnp
power
powercap powercap: RAPL: Fix CONFIG_IOSF_MBI dependency 2023-07-19 16:21:00 +02:00
pps
ps3
ptp
pwm pwm: lpc32xx: Remove handling of PWM channels 2023-09-19 12:28:00 +02:00
rapidio
ras
regulator regulator: tps65219: Fix matching interrupts for their regulators 2023-07-19 16:22:14 +02:00
remoteproc
reset
rpmsg rpmsg: glink: Add check for kstrdup 2023-09-13 09:42:58 +02:00
rtc rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff 2023-09-06 21:27:00 +01:00
s390 s390/zcrypt: don't leak memory if dev_set_name() fails 2023-09-19 12:28:03 +02:00
sbus
scsi scsi: qla2xxx: Fix NULL vs IS_ERR() bug for debugfs_create_dir() 2023-09-23 11:11:09 +02:00
sh
siox
slimbus
soc soc: qcom: qmi_encdec: Restrict string length in decode 2023-09-19 12:27:57 +02:00
soundwire soundwire: fix enumeration completion 2023-08-03 10:24:15 +02:00
spi treewide: Fix probing of devices in DT overlays 2023-09-13 09:43:05 +02:00
spmi
ssb
staging media: rkvdec: increase max supported height for H.264 2023-09-13 09:42:50 +02:00
target scsi: target: core: Fix target_cmd_counter leak 2023-09-23 11:11:09 +02:00
tc
tee
thermal thermal/of: Fix potential uninitialized value access 2023-09-13 09:42:29 +02:00
thunderbolt thunderbolt: Fix a backport error for display flickering issue 2023-09-02 09:16:20 +02:00
tty serial: cpm_uart: Avoid suspicious locking 2023-09-23 11:11:07 +02:00
ufs scsi: ufs: Try harder to change the power mode 2023-09-13 09:42:20 +02:00
uio
usb usb: chipidea: add workaround for chipidea PEC bug 2023-09-23 11:11:07 +02:00
vdpa vdpa: Enable strict validation for netlinks ops 2023-08-23 17:52:31 +02:00
vfio vfio/type1: fix cap_migration information leak 2023-09-13 09:42:47 +02:00
vhost vhost_net: revert upend_idx only on retriable error 2023-06-28 11:12:40 +02:00
video backlight: gpio_backlight: Drop output GPIO direction check for initial power state 2023-09-19 12:27:59 +02:00
virt virt: sevguest: Add CONFIG_CRYPTO dependency 2023-07-19 16:20:55 +02:00
virtio virtio_ring: fix avail_wrap_counter in virtqueue_add_packed 2023-09-13 09:42:59 +02:00
vlynq
w1 w1: fix loop in w1_fini() 2023-07-19 16:21:48 +02:00
watchdog watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load 2023-09-19 12:28:00 +02:00
xen xen: speed up grant-table reclaim 2023-08-03 10:24:14 +02:00
zorro
Kconfig
Makefile