diff options
| author | Avi Kivity <avi@redhat.com> | 2010-06-20 08:47:34 -0400 |
|---|---|---|
| committer | Avi Kivity <avi@redhat.com> | 2010-08-01 03:46:56 -0400 |
| commit | a1a005f36e0defea7c5490772c318c6af2261d31 (patch) | |
| tree | 1baf6a17e173b26948d03008249c0b1ce001c7d4 | |
| parent | 7d5993d63f2bac75b89e171a7098044ec4bc701f (diff) | |
KVM: Fix xsave and xcr save/restore memory leak
We allocate temporary kernel buffers for these structures, but never free them.
Signed-off-by: Avi Kivity <avi@redhat.com>
| -rw-r--r-- | arch/x86/kvm/x86.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 0c8dc9614e7d..d918cb15e5b5 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c | |||
| @@ -2437,6 +2437,8 @@ long kvm_arch_vcpu_ioctl(struct file *filp, | |||
| 2437 | void __user *argp = (void __user *)arg; | 2437 | void __user *argp = (void __user *)arg; |
| 2438 | int r; | 2438 | int r; |
| 2439 | struct kvm_lapic_state *lapic = NULL; | 2439 | struct kvm_lapic_state *lapic = NULL; |
| 2440 | struct kvm_xsave *xsave = NULL; | ||
| 2441 | struct kvm_xcrs *xcrs = NULL; | ||
| 2440 | 2442 | ||
| 2441 | switch (ioctl) { | 2443 | switch (ioctl) { |
| 2442 | case KVM_GET_LAPIC: { | 2444 | case KVM_GET_LAPIC: { |
| @@ -2632,8 +2634,6 @@ long kvm_arch_vcpu_ioctl(struct file *filp, | |||
| 2632 | break; | 2634 | break; |
| 2633 | } | 2635 | } |
| 2634 | case KVM_GET_XSAVE: { | 2636 | case KVM_GET_XSAVE: { |
| 2635 | struct kvm_xsave *xsave; | ||
| 2636 | |||
| 2637 | xsave = kzalloc(sizeof(struct kvm_xsave), GFP_KERNEL); | 2637 | xsave = kzalloc(sizeof(struct kvm_xsave), GFP_KERNEL); |
| 2638 | r = -ENOMEM; | 2638 | r = -ENOMEM; |
| 2639 | if (!xsave) | 2639 | if (!xsave) |
| @@ -2648,8 +2648,6 @@ long kvm_arch_vcpu_ioctl(struct file *filp, | |||
| 2648 | break; | 2648 | break; |
| 2649 | } | 2649 | } |
| 2650 | case KVM_SET_XSAVE: { | 2650 | case KVM_SET_XSAVE: { |
| 2651 | struct kvm_xsave *xsave; | ||
| 2652 | |||
| 2653 | xsave = kzalloc(sizeof(struct kvm_xsave), GFP_KERNEL); | 2651 | xsave = kzalloc(sizeof(struct kvm_xsave), GFP_KERNEL); |
| 2654 | r = -ENOMEM; | 2652 | r = -ENOMEM; |
| 2655 | if (!xsave) | 2653 | if (!xsave) |
| @@ -2663,8 +2661,6 @@ long kvm_arch_vcpu_ioctl(struct file *filp, | |||
| 2663 | break; | 2661 | break; |
| 2664 | } | 2662 | } |
| 2665 | case KVM_GET_XCRS: { | 2663 | case KVM_GET_XCRS: { |
| 2666 | struct kvm_xcrs *xcrs; | ||
| 2667 | |||
| 2668 | xcrs = kzalloc(sizeof(struct kvm_xcrs), GFP_KERNEL); | 2664 | xcrs = kzalloc(sizeof(struct kvm_xcrs), GFP_KERNEL); |
| 2669 | r = -ENOMEM; | 2665 | r = -ENOMEM; |
| 2670 | if (!xcrs) | 2666 | if (!xcrs) |
| @@ -2680,8 +2676,6 @@ long kvm_arch_vcpu_ioctl(struct file *filp, | |||
| 2680 | break; | 2676 | break; |
| 2681 | } | 2677 | } |
| 2682 | case KVM_SET_XCRS: { | 2678 | case KVM_SET_XCRS: { |
| 2683 | struct kvm_xcrs *xcrs; | ||
| 2684 | |||
| 2685 | xcrs = kzalloc(sizeof(struct kvm_xcrs), GFP_KERNEL); | 2679 | xcrs = kzalloc(sizeof(struct kvm_xcrs), GFP_KERNEL); |
| 2686 | r = -ENOMEM; | 2680 | r = -ENOMEM; |
| 2687 | if (!xcrs) | 2681 | if (!xcrs) |
| @@ -2700,6 +2694,8 @@ long kvm_arch_vcpu_ioctl(struct file *filp, | |||
| 2700 | } | 2694 | } |
| 2701 | out: | 2695 | out: |
| 2702 | kfree(lapic); | 2696 | kfree(lapic); |
| 2697 | kfree(xsave); | ||
| 2698 | kfree(xcrs); | ||
| 2703 | return r; | 2699 | return r; |
| 2704 | } | 2700 | } |
| 2705 | 2701 | ||