[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240301095514.3598280-1-haowenchao2@huawei.com>
Date: Fri, 1 Mar 2024 17:55:15 +0800
From: Wenchao Hao <haowenchao2@...wei.com>
To: Jason Gunthorpe <jgg@...pe.ca>, Leon Romanovsky <leon@...nel.org>, Wenchao
Hao <haowenchao2@...wei.com>, <linux-rdma@...r.kernel.org>,
<linux-kernel@...r.kernel.org>
Subject: [PATCH] RDMA/restrack: Fix potential invalid address access
struct rdma_restrack_entry's kern_name was set to KBUILD_MODNAME
in ib_create_cq(), while if the module exited but forgot del this
rdma_restrack_entry, it would cause a invalid address access in
rdma_restrack_clean() when print the owner of this rdma_restrack_entry.
Fix this issue by using kstrdup() to set rdma_restrack_entry's
kern_name.
Signed-off-by: Wenchao Hao <haowenchao2@...wei.com>
---
drivers/infiniband/core/restrack.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/infiniband/core/restrack.c b/drivers/infiniband/core/restrack.c
index 01a499a8b88d..6605011c4edc 100644
--- a/drivers/infiniband/core/restrack.c
+++ b/drivers/infiniband/core/restrack.c
@@ -177,7 +177,8 @@ static void rdma_restrack_attach_task(struct rdma_restrack_entry *res,
void rdma_restrack_set_name(struct rdma_restrack_entry *res, const char *caller)
{
if (caller) {
- res->kern_name = caller;
+ kfree(res->kern_name);
+ res->kern_name = kstrdup(caller, GFP_KERNEL);
return;
}
@@ -195,7 +196,7 @@ void rdma_restrack_parent_name(struct rdma_restrack_entry *dst,
const struct rdma_restrack_entry *parent)
{
if (rdma_is_kernel_res(parent))
- dst->kern_name = parent->kern_name;
+ dst->kern_name = kstrdup(parent->kern_name, GFP_KERNEL);
else
rdma_restrack_attach_task(dst, parent->task);
}
@@ -306,6 +307,7 @@ static void restrack_release(struct kref *kref)
put_task_struct(res->task);
res->task = NULL;
}
+ kfree(res->kern_name);
complete(&res->comp);
}
--
2.32.0
Powered by blists - more mailing lists