diff options
| author | Ian Abbott | 2013-10-07 16:51:58 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman | 2013-10-08 04:02:52 +0200 |
| commit | 67aa4acbc97f6a55b328e4e2305ef19cbe949d85 (patch) | |
| tree | 6ebcae99d3f18ab659d900608880d2d531925286 /drivers/staging/comedi/comedi_fops.c | |
| parent | staging: vt6656: rxtx.c cleanup s_vGenerateTxParameter (diff) | |
| download | kernel-qcow2-linux-67aa4acbc97f6a55b328e4e2305ef19cbe949d85.tar.gz kernel-qcow2-linux-67aa4acbc97f6a55b328e4e2305ef19cbe949d85.tar.xz kernel-qcow2-linux-67aa4acbc97f6a55b328e4e2305ef19cbe949d85.zip | |
staging: comedi: avoid memleak for subdevice private
`comedi_alloc_spriv()` allocates private storage for a comedi subdevice
and sets the `SRF_FREE_SPRIV` flag in the `runflags` member of the
subdevice to allow the private storage to be automatically freed when
the comedi device is being cleaned up. Unfortunately, the flag gets
clobbered by `do_cmd_ioctl()` which calls
`comedi_set_subdevice_runflags()` with a mask value `~0` and only the
`SRF_USER` and `SRF_RUNNING` flags set, all the other SRF flags being
cleared.
Change the calls to `comedi_set_subdevice_runflags()` that currently use
a mask value of `~0` to use a more relevant mask value. For
`do_cmd_ioctl()`, the relevant SRF flags are `SRF_USER`, `SRF_ERROR` and
`SRF_RUNNING`. (At one time, `SRF_RT` would be included in that set of
flags, but it is no longer used.) For `comedi_alloc_spriv()` replace
the call to `comedi_set_subdevice_runflags()` with a simple
OR-assignment to avoid unnecessary use of a spin-lock.
Signed-off-by: Ian Abbott <abbotti@mev.co.uk>
Cc: <stable@vger.kernel.org> # 3.11.y
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'drivers/staging/comedi/comedi_fops.c')
| -rw-r--r-- | drivers/staging/comedi/comedi_fops.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/drivers/staging/comedi/comedi_fops.c b/drivers/staging/comedi/comedi_fops.c index 3594bd49bf0d..721df313f8df 100644 --- a/drivers/staging/comedi/comedi_fops.c +++ b/drivers/staging/comedi/comedi_fops.c @@ -543,7 +543,7 @@ void *comedi_alloc_spriv(struct comedi_subdevice *s, size_t size) { s->private = kzalloc(size, GFP_KERNEL); if (s->private) - comedi_set_subdevice_runflags(s, ~0, SRF_FREE_SPRIV); + s->runflags |= SRF_FREE_SPRIV; return s->private; } EXPORT_SYMBOL_GPL(comedi_alloc_spriv); @@ -1475,7 +1475,8 @@ static int do_cmd_ioctl(struct comedi_device *dev, if (async->cmd.flags & TRIG_WAKE_EOS) async->cb_mask |= COMEDI_CB_EOS; - comedi_set_subdevice_runflags(s, ~0, SRF_USER | SRF_RUNNING); + comedi_set_subdevice_runflags(s, SRF_USER | SRF_ERROR | SRF_RUNNING, + SRF_USER | SRF_RUNNING); /* set s->busy _after_ setting SRF_RUNNING flag to avoid race with * comedi_read() or comedi_write() */ |