From aba3b9735dba40ec916d6cbf16b8df4bbef95a62 Mon Sep 17 00:00:00 2001 From: Ashish Kumar Dhanotiya Date: Tue, 23 Jul 2019 15:50:10 +0530 Subject: [PATCH] qcacld-3.0: Fix memory leak in driver dump Currently when driver gets a command to dump the driver info, it allocates the memory and retrieves the information in that allocated memory. Maximum data that can be copied to user space buffer is equal to one PAGE_SIZE. In the command driver gets the size of the data which user space wants to read, minimum of the user space requested size or one PAGE_SIZE of the data is copied to user space buffer and current position of the driver buffer till which the data is copied is updated to user space is also updated. Driver copies the retrieved information to the user space buffer as explained above and updates the position pointer to the user space. In the next request driver expects from user space to request the remaining data from the updated position in last request, once all the data is copied to user space, driver frees internally allocated memory. In case if driver does not get the request to read remaining data after first request, it does not free the memory. Current handling of this memory is done in init domain after stop modules, but since this memory is allocated in active domain, driver should free the memory in active domain. Since with current implementation memory allocated in active domain is not freed in active domain, memleak is getting detected. To resolve above issue, move mem cleanup logic for driver dump info command from init domain to active domain in stop modules. Change-Id: Idb4f35f0a599ad55eebe13348b68562fa401fd7e CRs-Fixed: 2489877 --- core/hdd/inc/wlan_hdd_main.h | 15 +++++++++++++++ core/hdd/src/wlan_hdd_main.c | 1 + core/hdd/src/wlan_hdd_memdump.c | 12 +----------- 3 files changed, 17 insertions(+), 11 deletions(-) diff --git a/core/hdd/inc/wlan_hdd_main.h b/core/hdd/inc/wlan_hdd_main.h index 8b9403b95769da..24c452a3a08fdd 100644 --- a/core/hdd/inc/wlan_hdd_main.h +++ b/core/hdd/inc/wlan_hdd_main.h @@ -3436,6 +3436,17 @@ void hdd_component_psoc_disable(struct wlan_objmgr_psoc *psoc); #ifdef WLAN_FEATURE_MEMDUMP_ENABLE int hdd_driver_memdump_init(void); void hdd_driver_memdump_deinit(void); + +/** + * hdd_driver_mem_cleanup() - Frees memory allocated for + * driver dump + * + * This function frees driver dump memory. + * + * Return: None + */ +void hdd_driver_mem_cleanup(void); + #else /* WLAN_FEATURE_MEMDUMP_ENABLE */ static inline int hdd_driver_memdump_init(void) { @@ -3444,6 +3455,10 @@ static inline int hdd_driver_memdump_init(void) static inline void hdd_driver_memdump_deinit(void) { } + +static inline void hdd_driver_mem_cleanup(void) +{ +} #endif /* WLAN_FEATURE_MEMDUMP_ENABLE */ /** * hdd_set_disconnect_status() - set adapter disconnection status diff --git a/core/hdd/src/wlan_hdd_main.c b/core/hdd/src/wlan_hdd_main.c index 1293a4a5bbb39f..383060b1873b10 100644 --- a/core/hdd/src/wlan_hdd_main.c +++ b/core/hdd/src/wlan_hdd_main.c @@ -11781,6 +11781,7 @@ int hdd_wlan_stop_modules(struct hdd_context *hdd_ctx, bool ftm_mode) /* Free the cache channels of the command SET_DISABLE_CHANNEL_LIST */ wlan_hdd_free_cache_channels(hdd_ctx); + hdd_driver_mem_cleanup(); /* Free the resources allocated while storing SAR config. These needs * to be freed only in the case when it is not SSR. As in the case of diff --git a/core/hdd/src/wlan_hdd_memdump.c b/core/hdd/src/wlan_hdd_memdump.c index ea01caa6a7125d..9156d2b3de98a5 100644 --- a/core/hdd/src/wlan_hdd_memdump.c +++ b/core/hdd/src/wlan_hdd_memdump.c @@ -59,15 +59,7 @@ static void *memdump_get_file_data(struct file *file) return hdd_ctx; } -/** - * hdd_driver_mem_cleanup() - Frees memory allocated for - * driver dump - * - * This function unallocates driver dump memory. - * - * Return: None - */ -static void hdd_driver_mem_cleanup(void) +void hdd_driver_mem_cleanup(void) { struct hdd_context *hdd_ctx; @@ -305,6 +297,4 @@ int hdd_driver_memdump_init(void) void hdd_driver_memdump_deinit(void) { hdd_driver_memdump_procfs_remove(); - - hdd_driver_mem_cleanup(); }