| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <d9e36dee512e63670287ed9eff884a5d8d6d27f2.1631672311.git.kaige.fu@linux.alibaba.com>
Date: Wed, 15 Sep 2021 10:20:55 +0800
From: Kaige Fu <kaige.fu@...ux.alibaba.com>
To: linux-kernel@...r.kernel.org
Cc: tglx@...utronix.de, maz@...nel.org, shannon.zhao@...ux.alibaba.com,
Kaige Fu <kaige.fu@...ux.alibaba.com>
Subject: [PATCH] irqchip/gic-v3-its: Fix potential vpe leak
In its_vpe_irq_domain_alloc, when there is error calling its_vpe_init
with vm->vpes[i], it says that the number of vpes which has been
initialized are 'i'. So, the correct value passed to
its_vpe_irq_domain_free should be 'i' instead of 'i - 1' because
its_vpe_irq_domain_free takes nr_irqs as its third parameter.
If we pass the 'i - 1' to its_vpe_irq_domain_free, the vpe[i - 1] will
be leaked. This patch fixes it.
Fixes: 7d75bbb4bc1a ("irqchip/gic-v3-its: Add VPE irq domain allocation/teardown")
Signed-off-by: Kaige Fu <kaige.fu@...ux.alibaba.com>
---
drivers/irqchip/irq-gic-v3-its.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/irqchip/irq-gic-v3-its.c b/drivers/irqchip/irq-gic-v3-its.c
index 7f40dca8cda5..eb0882d15366 100644
--- a/drivers/irqchip/irq-gic-v3-its.c
+++ b/drivers/irqchip/irq-gic-v3-its.c
@@ -4501,7 +4501,7 @@ static int its_vpe_irq_domain_alloc(struct irq_domain *domain, unsigned int virq
if (err) {
if (i > 0)
- its_vpe_irq_domain_free(domain, virq, i - 1);
+ its_vpe_irq_domain_free(domain, virq, i);
its_lpi_free(bitmap, base, nr_ids);
its_free_prop_table(vprop_page);
--
1.8.3.1
Powered by blists - more mailing lists