d926da
centosplus patch [RHBZ#1780470]
d926da
centos-linux-4.18-xfrm_fix_memleak.patch
d926da
d926da
From d32c9130a47f5aa187e3167def2477e13569940d Mon Sep 17 00:00:00 2001
d926da
From: Steffen Klassert <steffen.klassert@secunet.com>
d926da
Date: Wed, 11 Dec 2019 15:15:06 -0800
d926da
Subject: [PATCH] xfrm: Fix memleak on xfrm state destroy
d926da
d926da
commit 86c6739eda7d2a03f2db30cbee67a5fb81afa8ba upstream.
d926da
d926da
We leak the page that we use to create skb page fragments
d926da
when destroying the xfrm_state. Fix this by dropping a
d926da
page reference if a page was assigned to the xfrm_state.
d926da
d926da
Fixes: cac2661c53f3 ("esp4: Avoid skb_cow_data whenever possible")
d926da
Reported-by: JD <jdtxs00@gmail.com>
d926da
Reported-by: Paul Wouters <paul@nohats.ca>
d926da
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
d926da
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
d926da
d926da
Applied-by: Akemi Yagi <toracat@centos.org>
d926da
---
d926da
 net/xfrm/xfrm_state.c | 2 ++
d926da
 1 file changed, 2 insertions(+)
d926da
d926da
--- a/net/xfrm/xfrm_state.c
d926da
+++ b/net/xfrm/xfrm_state.c
d926da
@@ -456,6 +456,8 @@ static void ___xfrm_state_destroy(struct xfrm_state *x)
d926da
 		x->type->destructor(x);
d926da
 		xfrm_put_type(x->type);
d926da
 	}
d926da
+	if (x->xfrag.page)
d926da
+		put_page(x->xfrag.page);
d926da
 	xfrm_dev_state_free(x);
d926da
 	security_xfrm_state_free(x);
d926da
 	xfrm_state_free(x);
d926da
-- 
d926da
2.20.1
d926da