summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2013-04-28 17:01:56 +0000
committerHauke Mehrtens <hauke@hauke-m.de>2013-04-28 17:01:56 +0000
commite7e4afbb645005b32ec506671a91c10059491e55 (patch)
tree15eb81f1b6a177602461f27acd76e0e056ce56db
parentc807a7737f1b034d4776312bd1dee12ce7860595 (diff)
downloadmtk-20170518-e7e4afbb645005b32ec506671a91c10059491e55.zip
mtk-20170518-e7e4afbb645005b32ec506671a91c10059491e55.tar.gz
mtk-20170518-e7e4afbb645005b32ec506671a91c10059491e55.tar.bz2
kernel: fix a memory leak in split_rootfs_data()
allocate_partition() copies all the content of dpart into a new struct. SVN-Revision: 36475
-rw-r--r--target/linux/generic/patches-3.8/400-rootfs_split.patch31
-rw-r--r--target/linux/generic/patches-3.9/400-rootfs_split.patch31
2 files changed, 20 insertions, 42 deletions
diff --git a/target/linux/generic/patches-3.8/400-rootfs_split.patch b/target/linux/generic/patches-3.8/400-rootfs_split.patch
index b43ac9c..88929fd 100644
--- a/target/linux/generic/patches-3.8/400-rootfs_split.patch
+++ b/target/linux/generic/patches-3.8/400-rootfs_split.patch
@@ -35,7 +35,7 @@
/*
* MTD methods which simply translate the effective address and pass through
-@@ -613,6 +615,155 @@ int mtd_del_partition(struct mtd_info *m
+@@ -613,6 +615,144 @@ int mtd_del_partition(struct mtd_info *m
}
EXPORT_SYMBOL_GPL(mtd_del_partition);
@@ -88,7 +88,7 @@
+
+static int split_rootfs_data(struct mtd_info *master, struct mtd_info *rpart, const struct mtd_partition *part)
+{
-+ struct mtd_partition *dpart;
++ struct mtd_partition dpart;
+ struct mtd_part *slave = NULL;
+ struct mtd_part *spart;
+ int ret, split_offset = 0;
@@ -101,27 +101,16 @@
+ if (split_offset <= 0)
+ return 0;
+
-+ dpart = kmalloc(sizeof(*part)+sizeof(ROOTFS_SPLIT_NAME)+1, GFP_KERNEL);
-+ if (dpart == NULL) {
-+ printk(KERN_INFO "split_squashfs: no memory for partition \"%s\"\n",
-+ ROOTFS_SPLIT_NAME);
-+ return -ENOMEM;
-+ }
-+
-+ memcpy(dpart, part, sizeof(*part));
-+ dpart->name = (unsigned char *)&dpart[1];
-+ strcpy(dpart->name, ROOTFS_SPLIT_NAME);
-+
-+ dpart->size = rpart->size - (split_offset - spart->offset);
-+ dpart->offset = split_offset;
++ memcpy(&dpart, part, sizeof(dpart));
++ dpart.name = ROOTFS_SPLIT_NAME;
+
-+ if (dpart == NULL)
-+ return 1;
++ dpart.size = rpart->size - (split_offset - spart->offset);
++ dpart.offset = split_offset;
+
+ printk(KERN_INFO "mtd: partition \"%s\" created automatically, ofs=%llX, len=%llX \n",
-+ ROOTFS_SPLIT_NAME, dpart->offset, dpart->size);
++ ROOTFS_SPLIT_NAME, dpart.offset, dpart.size);
+
-+ slave = allocate_partition(master, dpart, 0, split_offset);
++ slave = allocate_partition(master, &dpart, 0, split_offset);
+ if (IS_ERR(slave))
+ return PTR_ERR(slave);
+ mutex_lock(&mtd_partitions_mutex);
@@ -191,7 +180,7 @@
/*
* This function, given a master MTD object and a partition table, creates
* and registers slave MTD objects which are bound to the master according to
-@@ -629,6 +780,9 @@ int add_mtd_partitions(struct mtd_info *
+@@ -629,6 +769,9 @@ int add_mtd_partitions(struct mtd_info *
struct mtd_part *slave;
uint64_t cur_offset = 0;
int i;
@@ -201,7 +190,7 @@
printk(KERN_NOTICE "Creating %d MTD partitions on \"%s\":\n", nbparts, master->name);
-@@ -643,12 +797,53 @@ int add_mtd_partitions(struct mtd_info *
+@@ -643,12 +786,53 @@ int add_mtd_partitions(struct mtd_info *
add_mtd_device(&slave->mtd);
diff --git a/target/linux/generic/patches-3.9/400-rootfs_split.patch b/target/linux/generic/patches-3.9/400-rootfs_split.patch
index b43ac9c..88929fd 100644
--- a/target/linux/generic/patches-3.9/400-rootfs_split.patch
+++ b/target/linux/generic/patches-3.9/400-rootfs_split.patch
@@ -35,7 +35,7 @@
/*
* MTD methods which simply translate the effective address and pass through
-@@ -613,6 +615,155 @@ int mtd_del_partition(struct mtd_info *m
+@@ -613,6 +615,144 @@ int mtd_del_partition(struct mtd_info *m
}
EXPORT_SYMBOL_GPL(mtd_del_partition);
@@ -88,7 +88,7 @@
+
+static int split_rootfs_data(struct mtd_info *master, struct mtd_info *rpart, const struct mtd_partition *part)
+{
-+ struct mtd_partition *dpart;
++ struct mtd_partition dpart;
+ struct mtd_part *slave = NULL;
+ struct mtd_part *spart;
+ int ret, split_offset = 0;
@@ -101,27 +101,16 @@
+ if (split_offset <= 0)
+ return 0;
+
-+ dpart = kmalloc(sizeof(*part)+sizeof(ROOTFS_SPLIT_NAME)+1, GFP_KERNEL);
-+ if (dpart == NULL) {
-+ printk(KERN_INFO "split_squashfs: no memory for partition \"%s\"\n",
-+ ROOTFS_SPLIT_NAME);
-+ return -ENOMEM;
-+ }
-+
-+ memcpy(dpart, part, sizeof(*part));
-+ dpart->name = (unsigned char *)&dpart[1];
-+ strcpy(dpart->name, ROOTFS_SPLIT_NAME);
-+
-+ dpart->size = rpart->size - (split_offset - spart->offset);
-+ dpart->offset = split_offset;
++ memcpy(&dpart, part, sizeof(dpart));
++ dpart.name = ROOTFS_SPLIT_NAME;
+
-+ if (dpart == NULL)
-+ return 1;
++ dpart.size = rpart->size - (split_offset - spart->offset);
++ dpart.offset = split_offset;
+
+ printk(KERN_INFO "mtd: partition \"%s\" created automatically, ofs=%llX, len=%llX \n",
-+ ROOTFS_SPLIT_NAME, dpart->offset, dpart->size);
++ ROOTFS_SPLIT_NAME, dpart.offset, dpart.size);
+
-+ slave = allocate_partition(master, dpart, 0, split_offset);
++ slave = allocate_partition(master, &dpart, 0, split_offset);
+ if (IS_ERR(slave))
+ return PTR_ERR(slave);
+ mutex_lock(&mtd_partitions_mutex);
@@ -191,7 +180,7 @@
/*
* This function, given a master MTD object and a partition table, creates
* and registers slave MTD objects which are bound to the master according to
-@@ -629,6 +780,9 @@ int add_mtd_partitions(struct mtd_info *
+@@ -629,6 +769,9 @@ int add_mtd_partitions(struct mtd_info *
struct mtd_part *slave;
uint64_t cur_offset = 0;
int i;
@@ -201,7 +190,7 @@
printk(KERN_NOTICE "Creating %d MTD partitions on \"%s\":\n", nbparts, master->name);
-@@ -643,12 +797,53 @@ int add_mtd_partitions(struct mtd_info *
+@@ -643,12 +786,53 @@ int add_mtd_partitions(struct mtd_info *
add_mtd_device(&slave->mtd);