Hello.
On 25.11.2020 08:53, Ard Biesheuvel wrote:
The memory leak addressed by commit fe5186cf12e3 is a false positive: all allocations are recorded in a linked list, and freed when the filesystem is unmounted. This leads to double frees, and as reported by David, leads to crashes if SLUB is configured to self destruct when double frees occur.
So drop the redundant kfree() again, and instead, mark the offending pointer variable so the allocation is ignored by kmemleak.
Cc: Vamshi K Sthambamkadi vamshi.k.sthambamkadi@gmail.com
Should also have:
Cc: stable@vger.kernel.org # v5.9
Fixes: fe5186cf12e3 ("efivarfs: fix memory leak in efivarfs_create()") Reported-by: David Laight David.Laight@aculab.com Signed-off-by: Ard Biesheuvel ardb@kernel.org
fs/efivarfs/inode.c | 1 + fs/efivarfs/super.c | 1 - 2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/efivarfs/inode.c b/fs/efivarfs/inode.c index 96c0c86f3fff..38324427a2b3 100644 --- a/fs/efivarfs/inode.c +++ b/fs/efivarfs/inode.c @@ -103,6 +103,7 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry, var->var.VariableName[i] = '\0';
inode->i_private = var;
kmemleak_ignore(var);
err = efivar_entry_add(var, &efivarfs_list); if (err)
diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c index f943fd0b0699..15880a68faad 100644 --- a/fs/efivarfs/super.c +++ b/fs/efivarfs/super.c @@ -21,7 +21,6 @@ LIST_HEAD(efivarfs_list); static void efivarfs_evict_inode(struct inode *inode) { clear_inode(inode);
- kfree(inode->i_private);
}
static const struct super_operations efivarfs_ops = {
On Wed, 25 Nov 2020 at 09:05, Oleksandr Natalenko oleksandr@natalenko.name wrote:
Hello.
On 25.11.2020 08:53, Ard Biesheuvel wrote:
The memory leak addressed by commit fe5186cf12e3 is a false positive: all allocations are recorded in a linked list, and freed when the filesystem is unmounted. This leads to double frees, and as reported by David, leads to crashes if SLUB is configured to self destruct when double frees occur.
So drop the redundant kfree() again, and instead, mark the offending pointer variable so the allocation is ignored by kmemleak.
Cc: Vamshi K Sthambamkadi vamshi.k.sthambamkadi@gmail.com
Should also have:
Cc: stable@vger.kernel.org # v5.9
No it should not. The fixes tag should be sufficient.
Fixes: fe5186cf12e3 ("efivarfs: fix memory leak in efivarfs_create()") Reported-by: David Laight David.Laight@aculab.com Signed-off-by: Ard Biesheuvel ardb@kernel.org
fs/efivarfs/inode.c | 1 + fs/efivarfs/super.c | 1 - 2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/efivarfs/inode.c b/fs/efivarfs/inode.c index 96c0c86f3fff..38324427a2b3 100644 --- a/fs/efivarfs/inode.c +++ b/fs/efivarfs/inode.c @@ -103,6 +103,7 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry, var->var.VariableName[i] = '\0';
inode->i_private = var;
kmemleak_ignore(var); err = efivar_entry_add(var, &efivarfs_list); if (err)diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c index f943fd0b0699..15880a68faad 100644 --- a/fs/efivarfs/super.c +++ b/fs/efivarfs/super.c @@ -21,7 +21,6 @@ LIST_HEAD(efivarfs_list); static void efivarfs_evict_inode(struct inode *inode) { clear_inode(inode);
kfree(inode->i_private);}
static const struct super_operations efivarfs_ops = {
-- Oleksandr Natalenko (post-factum)
On Wed, Nov 25, 2020 at 09:05:42AM +0100, Ard Biesheuvel wrote:
On Wed, 25 Nov 2020 at 09:05, Oleksandr Natalenko oleksandr@natalenko.name wrote:
Hello.
On 25.11.2020 08:53, Ard Biesheuvel wrote:
The memory leak addressed by commit fe5186cf12e3 is a false positive: all allocations are recorded in a linked list, and freed when the filesystem is unmounted. This leads to double frees, and as reported by David, leads to crashes if SLUB is configured to self destruct when double frees occur.
So drop the redundant kfree() again, and instead, mark the offending pointer variable so the allocation is ignored by kmemleak.
Cc: Vamshi K Sthambamkadi vamshi.k.sthambamkadi@gmail.com
Should also have:
Cc: stable@vger.kernel.org # v5.9
No it should not. The fixes tag should be sufficient.
No, "Fixes:" does not ever mean "I want this patch to go to a stable tree". It might happen, it might not, if you REALLY know this should go to a stable tree, please follow the directions for what we have been doing for 15+ years now, as documented in: https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
Hint, use "cc: stable@vger.kernel.org" if you know you want it applied, otherwise it's just a best-guess-effort on our part.
thanks,
greg k-h
linux-stable-mirror@lists.linaro.org
-
Ard Biesheuvel -
Greg Kroah-Hartman -
Oleksandr Natalenko