| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Jan 2024 20:07:53 +0530
From: Shyam Sundar S K <Shyam-sundar.S-k@....com>
To: Cong Liu <liucong2@...inos.cn>, Hans de Goede <hdegoede@...hat.com>,
Ilpo Järvinen <ilpo.jarvinen@...ux.intel.com>
Cc: platform-driver-x86@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] platform/x86/amd/pmf: Fix memory leak in
amd_pmf_get_pb_data()
Hi,
On 1/23/2024 06:41, Cong Liu wrote:
> amd_pmf_get_pb_data() will allocate memory for the policy buffer,
> but does not free it if copy_from_user() fails. This leads to a memory
> leak.
Thank you for the fix and looks good to me (just a valid Fixes tag is
missing.)
Fixes: 10817f28e533 ("platform/x86/amd/pmf: Add capability to sideload
of policy binary")
Reviewed-by: Shyam Sundar S K <Shyam-sundar.S-k@....com>
Thanks,
Shyam
>
> Signed-off-by: Cong Liu <liucong2@...inos.cn>
> ---
> drivers/platform/x86/amd/pmf/tee-if.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/platform/x86/amd/pmf/tee-if.c b/drivers/platform/x86/amd/pmf/tee-if.c
> index 502ce93d5cdd..f8c0177afb0d 100644
> --- a/drivers/platform/x86/amd/pmf/tee-if.c
> +++ b/drivers/platform/x86/amd/pmf/tee-if.c
> @@ -298,8 +298,10 @@ static ssize_t amd_pmf_get_pb_data(struct file *filp, const char __user *buf,
> if (!new_policy_buf)
> return -ENOMEM;
>
> - if (copy_from_user(new_policy_buf, buf, length))
> + if (copy_from_user(new_policy_buf, buf, length)) {
> + kfree(new_policy_buf);
> return -EFAULT;
> + }
>
> kfree(dev->policy_buf);
> dev->policy_buf = new_policy_buf;
Powered by blists - more mailing lists