From d926da35d01ac9294ab043dc5bc796be0d97925c Mon Sep 17 00:00:00 2001 From: Akemi Yagi Date: Dec 14 2019 08:53:02 +0000 Subject: c8 plus kernel: new patch Signed-off-by: Akemi Yagi --- diff --git a/SOURCES/centos-linux-4.18-xfrm_fix_memleak.patch b/SOURCES/centos-linux-4.18-xfrm_fix_memleak.patch new file mode 100644 index 0000000..d8b6991 --- /dev/null +++ b/SOURCES/centos-linux-4.18-xfrm_fix_memleak.patch @@ -0,0 +1,39 @@ +centosplus patch [RHBZ#1780470] +centos-linux-4.18-xfrm_fix_memleak.patch + +From d32c9130a47f5aa187e3167def2477e13569940d Mon Sep 17 00:00:00 2001 +From: Steffen Klassert +Date: Wed, 11 Dec 2019 15:15:06 -0800 +Subject: [PATCH] xfrm: Fix memleak on xfrm state destroy + +commit 86c6739eda7d2a03f2db30cbee67a5fb81afa8ba upstream. + +We leak the page that we use to create skb page fragments +when destroying the xfrm_state. Fix this by dropping a +page reference if a page was assigned to the xfrm_state. + +Fixes: cac2661c53f3 ("esp4: Avoid skb_cow_data whenever possible") +Reported-by: JD +Reported-by: Paul Wouters +Signed-off-by: Steffen Klassert +Signed-off-by: Greg Kroah-Hartman + +Applied-by: Akemi Yagi +--- + net/xfrm/xfrm_state.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/net/xfrm/xfrm_state.c ++++ b/net/xfrm/xfrm_state.c +@@ -456,6 +456,8 @@ static void ___xfrm_state_destroy(struct xfrm_state *x) + x->type->destructor(x); + xfrm_put_type(x->type); + } ++ if (x->xfrag.page) ++ put_page(x->xfrag.page); + xfrm_dev_state_free(x); + security_xfrm_state_free(x); + xfrm_state_free(x); +-- +2.20.1 + diff --git a/SPECS/kernel-plus.spec b/SPECS/kernel-plus.spec index 7344069..f7f02e3 100644 --- a/SPECS/kernel-plus.spec +++ b/SPECS/kernel-plus.spec @@ -487,6 +487,7 @@ Patch10007: centos-linux-4.18-drivers-drivers-net-e1000.patch-bug16284.patch #Patch10008: centos-linux-4.18-drivers-net-e1000e-bug16284.patch Patch10009: centos-linux-4.18-megaraid_sas-add-removed-IDs.patch Patch10010: centos-linux-4.18-mpt3sas-add-removed-IDs.patch +Patch10011: centos-linux-4.18-xfrm_fix_memleak.patch # end of plus mod Source9000: centos.pem @@ -1075,6 +1076,7 @@ ApplyOptionalPatch centos-linux-4.18-drivers-drivers-net-e1000.patch-bug16284.pa #ApplyOptionalPatch centos-linux-4.18-drivers-net-e1000e-bug16284.patch ApplyOptionalPatch centos-linux-4.18-megaraid_sas-add-removed-IDs.patch ApplyOptionalPatch centos-linux-4.18-mpt3sas-add-removed-IDs.patch +ApplyOptionalPatch centos-linux-4.18-xfrm_fix_memleak.patch # end of plus mod # End of CentOS Modification @@ -2429,6 +2431,7 @@ fi - Apply driver patches imported from ELRepo - Add device IDs that have been removed from RHEL 8 kernels (megaraid_sas and mpt3sas) - Apply patches for e1000 from kernel.org [bug#16284] +- Apply patch to fix xfrm memleak [RHBZ#1780470] * Mon Nov 11 2019 Frantisek Hrbata [4.18.0-147.0.3.el8_1] - [drm] drm/i915/cmdparser: Fix jump whitelist clearing (Dave Airlie) [1756871 1756873] {CVE-2019-0155}