lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20180601071215.GD17783@nazgul.tnic>
Date:   Fri, 1 Jun 2018 09:12:15 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     Zhenzhong Duan <zhenzhong.duan@...cle.com>
Cc:     linux-kernel@...r.kernel.org, mingo@...hat.com, tglx@...utronix.de,
        Srinivas REDDY Eeda <srinivas.eeda@...cle.com>, hpa@...or.com
Subject: Re: [PATCH] x86/microcode/intel: Fix memleak in save_microcode_patch

On Thu, May 31, 2018 at 09:51:05PM -0700, Zhenzhong Duan wrote:
> Free useless ucode_patch entry when it's replaced.
> 
> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@...cle.com>
> ---
>  arch/x86/kernel/cpu/microcode/intel.c |   10 +++++++++-
>  1 files changed, 9 insertions(+), 1 deletions(-)
> 
> diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
> index 1c2cfa0..461e315 100644
> --- a/arch/x86/kernel/cpu/microcode/intel.c
> +++ b/arch/x86/kernel/cpu/microcode/intel.c
> @@ -150,6 +150,12 @@ static bool microcode_matches(struct microcode_header_intel *mc_header,
>  	return false;
>  }
>  
> +static void memfree_patch(struct ucode_patch *p)
> +{
> +	kfree(p->data);
> +	kfree(p);
> +}
> +
>  static struct ucode_patch *memdup_patch(void *data, unsigned int size)
>  {
>  	struct ucode_patch *p;
> @@ -190,8 +196,10 @@ static void save_microcode_patch(void *data, unsigned int size)
>  			p = memdup_patch(data, size);
>  			if (!p)
>  				pr_err("Error allocating buffer %p\n", data);
> -			else
> +			else {
>  				list_replace(&iter->plist, &p->plist);
> +				memfree_patch(iter);

Looks correct. I've dropped the memfree_patch() two-liner though and
made it do kfree() directly.

Thx.

-- 
Regards/Gruss,
    Boris.

ECO tip #101: Trim your mails when you reply.
--

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ