diff options
author | Avi Kivity <avi@redhat.com> | 2010-06-20 15:47:34 +0300 |
---|---|---|
committer | Avi Kivity <avi@redhat.com> | 2010-08-01 10:46:56 +0300 |
commit | a1a005f36e0defea7c5490772c318c6af2261d31 (patch) | |
tree | 1baf6a17e173b26948d03008249c0b1ce001c7d4 | |
parent | 7d5993d63f2bac75b89e171a7098044ec4bc701f (diff) | |
download | lwn-a1a005f36e0defea7c5490772c318c6af2261d31.tar.gz lwn-a1a005f36e0defea7c5490772c318c6af2261d31.zip |
KVM: Fix xsave and xcr save/restore memory leak
We allocate temporary kernel buffers for these structures, but never free them.
Signed-off-by: Avi Kivity <avi@redhat.com>
-rw-r--r-- | arch/x86/kvm/x86.c | 12 |
1 files changed, 4 insertions, 8 deletions
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 0c8dc9614e7d..d918cb15e5b5 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -2437,6 +2437,8 @@ long kvm_arch_vcpu_ioctl(struct file *filp, void __user *argp = (void __user *)arg; int r; struct kvm_lapic_state *lapic = NULL; + struct kvm_xsave *xsave = NULL; + struct kvm_xcrs *xcrs = NULL; switch (ioctl) { case KVM_GET_LAPIC: { @@ -2632,8 +2634,6 @@ long kvm_arch_vcpu_ioctl(struct file *filp, break; } case KVM_GET_XSAVE: { - struct kvm_xsave *xsave; - xsave = kzalloc(sizeof(struct kvm_xsave), GFP_KERNEL); r = -ENOMEM; if (!xsave) @@ -2648,8 +2648,6 @@ long kvm_arch_vcpu_ioctl(struct file *filp, break; } case KVM_SET_XSAVE: { - struct kvm_xsave *xsave; - xsave = kzalloc(sizeof(struct kvm_xsave), GFP_KERNEL); r = -ENOMEM; if (!xsave) @@ -2663,8 +2661,6 @@ long kvm_arch_vcpu_ioctl(struct file *filp, break; } case KVM_GET_XCRS: { - struct kvm_xcrs *xcrs; - xcrs = kzalloc(sizeof(struct kvm_xcrs), GFP_KERNEL); r = -ENOMEM; if (!xcrs) @@ -2680,8 +2676,6 @@ long kvm_arch_vcpu_ioctl(struct file *filp, break; } case KVM_SET_XCRS: { - struct kvm_xcrs *xcrs; - xcrs = kzalloc(sizeof(struct kvm_xcrs), GFP_KERNEL); r = -ENOMEM; if (!xcrs) @@ -2700,6 +2694,8 @@ long kvm_arch_vcpu_ioctl(struct file *filp, } out: kfree(lapic); + kfree(xsave); + kfree(xcrs); return r; } |