net: flow_offload: Fix memory leak for indirect flow block

The offending commit introduces a cleanup callback that is invoked
when the driver module is removed to clean up the tunnel device
flow block. But it returns on the first iteration of the for loop.
The remaining indirect flow blocks will never be freed.

Fixes: 1fac52da5942 ("net: flow_offload: consolidate indirect flow_block infrastructure")
CC: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Chris Mi <cmi@nvidia.com>
Reviewed-by: Roi Dayan <roid@nvidia.com>

diff --git a/net/core/flow_offload.c b/net/core/flow_offload.c
index d4474c812b64209bf3adfd1a77536a9b279f5fba..715b67f6c62f31ac4e53ab6290235e8077e23ea5 100644 (file)
--- a/net/core/flow_offload.c
+++ b/net/core/flow_offload.c
@@ -381,10 +381,8 @@ static void __flow_block_indr_cleanup(void (*release)(void *cb_priv),
 
        list_for_each_entry_safe(this, next, &flow_block_indr_list, indr.list) {
                if (this->release == release &&
-                   this->indr.cb_priv == cb_priv) {
+                   this->indr.cb_priv == cb_priv)
                        list_move(&this->indr.list, cleanup_list);
-                       return;
-               }
        }
 }