| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c26cbfe04f9c50f5b721a9e954c1213b8c5b0508.camel@iscas.ac.cn> Date: Wed, 20 Nov 2024 22:23:26 +0800 From: laokz <zhangkai@...as.ac.cn> To: Clément Léger <cleger@...osinc.com>, Walmsley <paul.walmsley@...ive.com>, Dabbelt <palmer@...belt.com>, Ou <aou@...s.berkeley.edu>, linux-riscv@...ts.infradead.org Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH] riscv: fix memory leakage in process_accumulated_relocations On Tue, 2024-11-19 at 17:57 +0100, Clément Léger wrote: > > > On 16/11/2024 11:42, zhangkai@...as.ac.cn wrote: > > When module relocation is done, process_accumulated_relocations() > > frees all dynamic allocated memory. rel_head_iter->rel_entry is > > missed to free that kmemleak might report: > > > > unreferenced object 0xffffffd880c5fc40 (size 16): > > comm "insmod", pid 1101, jiffies 4295045138 > > hex dump (first 16 bytes): > > e0 c0 f5 87 d8 ff ff ff 60 c5 f5 87 d8 ff ff ff > > ........`....... > > backtrace (crc d2ecb20c): > > [<00000000b01655f6>] kmalloc_trace_noprof+0x268/0x2f6 > > [<000000006dc0067a>] > > add_relocation_to_accumulate.constprop.0+0xf2/0x1aa > > [<00000000e1b29a36>] apply_relocate_add+0x13c/0x36e > > [<000000007543f1fb>] load_module+0x5c6/0x83e > > [<00000000abce12e8>] init_module_from_file+0x74/0xaa > > [<0000000049413e3d>] idempotent_init_module+0x116/0x22e > > [<00000000f9b98b85>] __riscv_sys_finit_module+0x62/0xae > > > > Signed-off-by: Kai Zhang <zhangkai@...as.ac.cn> > > --- > > arch/riscv/kernel/module.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/arch/riscv/kernel/module.c > > b/arch/riscv/kernel/module.c > > index 1cd461f3d87..f8c3c4b47dc 100644 > > --- a/arch/riscv/kernel/module.c > > +++ b/arch/riscv/kernel/module.c > > @@ -643,6 +643,7 @@ process_accumulated_relocations(struct module > > *me, > > } > > > > reloc_handlers[curr_type].accumulate_handler( > > me, location, buffer); > > + kfree(rel_head_iter->rel_entry); > > Hey Kai, > > Your patch output is messed up probably due to some encoding issue. Sorry, I've already resent one. > But looknig at it and the module code, it seems like rel_entry does > not > need to be a pointer. It can be a plain "struct list_head rel_entry" > and I didn't find the plain(none pointer) usage. Where please? > then simply pass the list_head pointer rather than allocating/freeing > it. That remove an allocation as well as some memory leak. > > BTW, for fixes, you should add a Fixes: tag with the original commit > sha1 that introduced the bug. Thank you. I'll try. laokz > Thanks, > > Clément > > > kfree(rel_head_iter); > > } > > kfree(bucket_iter);
Powered by blists - more mailing lists