[PATCH] IB: fix potential ib_umad leak

Free all unclaimed MAD receive buffers when userspace closes our file so we
don't leak memory.

Signed-off-by: Roland Dreier <roland@topspin.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

drivers/infiniband/core/user_mad.c

@@ -499,6 +499,7 @@ static int ib_umad_open(struct inode *inode, struct file *filp)
 static int ib_umad_close(struct inode *inode, struct file *filp)
 {
 	struct ib_umad_file *file = filp->private_data;
+	struct ib_umad_packet *packet, *tmp;
 	int i;
 
 	for (i = 0; i < IB_UMAD_MAX_AGENTS; ++i)
@@ -507,6 +508,9 @@ static int ib_umad_close(struct inode *inode, struct file *filp)
 			ib_unregister_mad_agent(file->agent[i]);
 		}
 
+	list_for_each_entry_safe(packet, tmp, &file->recv_list, list)
+		kfree(packet);
+
 	kfree(file);
 
 	return 0;