6.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: David Wang 00107082@163.com
commit 221fcbf77578826fad8f4bfa0530b5b55bf9676a upstream.
When module load fails after memory for codetag section is ready, codetag section memory will not be properly released. This causes memory leak, and if next module load happens to get the same module address, codetag may pick the uninitialized section when manipulating tags during module unload, and leads to "unable to handle page fault" BUG.
Link: https://lkml.kernel.org/r/20250519163823.7540-1-00107082@163.com Fixes: 0db6f8d7820a ("alloc_tag: load module tags into separate contiguous memory") Closes: https://lore.kernel.org/all/20250516131246.6244-1-00107082@163.com/ Signed-off-by: David Wang 00107082@163.com Acked-by: Suren Baghdasaryan surenb@google.com Cc: Petr Pavlu petr.pavlu@suse.com Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- kernel/module/main.c | 1 + 1 file changed, 1 insertion(+)
--- a/kernel/module/main.c +++ b/kernel/module/main.c @@ -2852,6 +2852,7 @@ static void module_deallocate(struct mod { percpu_modfree(mod); module_arch_freeing_init(mod); + codetag_free_module_sections(mod);
free_mod_mem(mod); }