[PATCH] IB: fix potential ib_umad leak

Free all unclaimed MAD receive buffers when userspace closes our file so we
don't leak memory.

Signed-off-by: Roland Dreier <roland@topspin.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/drivers/infiniband/core/user_mad.c b/drivers/infiniband/core/user_mad.c
index 56b9c2fa2ecccbf99399a6015a1e6f1ee3f7e650..9d912d6877ffc01ed55943b15a55ae7230f23a6a 100644 (file)
--- a/drivers/infiniband/core/user_mad.c
+++ b/drivers/infiniband/core/user_mad.c
@@ -499,6 +499,7 @@ static int ib_umad_open(struct inode *inode, struct file *filp)
 static int ib_umad_close(struct inode *inode, struct file *filp)
 {
        struct ib_umad_file *file = filp->private_data;
+       struct ib_umad_packet *packet, *tmp;
        int i;
 
        for (i = 0; i < IB_UMAD_MAX_AGENTS; ++i)
@@ -507,6 +508,9 @@ static int ib_umad_close(struct inode *inode, struct file *filp)
                        ib_unregister_mad_agent(file->agent[i]);
                }
 
+       list_for_each_entry_safe(packet, tmp, &file->recv_list, list)
+               kfree(packet);
+
        kfree(file);
 
        return 0;