diff options
author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2020-11-27 20:29:05 -0800 |
---|---|---|
committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2020-11-27 20:29:05 -0800 |
commit | f215cb6d14156fa2aedacfff94dcb244b29742e4 (patch) | |
tree | 2cad80754eb7fc00262275de9e0735870fc9e8b8 /0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch | |
parent | Updated to 5.9.11 (diff) | |
download | linux-ck-f215cb6d14156fa2aedacfff94dcb244b29742e4.tar.xz |
Rebuild with bluetooth and efivar hotfixes
Diffstat (limited to '0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch')
-rw-r--r-- | 0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch b/0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch new file mode 100644 index 0000000..6589b85 --- /dev/null +++ b/0004-efivarfs-revert-fix-memory-leak-in-efivarfs_create.patch @@ -0,0 +1,58 @@ +From a163474e9b86c2c25f20733385d8b1d6de492a7f Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel <ardb@kernel.org> +Date: Wed, 25 Nov 2020 08:45:55 +0100 +Subject: efivarfs: revert "fix memory leak in efivarfs_create()" + +The memory leak addressed by commit fe5186cf12e3 is a false positive: +all allocations are recorded in a linked list, and freed when the +filesystem is unmounted. This leads to double frees, and as reported +by David, leads to crashes if SLUB is configured to self destruct when +double frees occur. + +So drop the redundant kfree() again, and instead, mark the offending +pointer variable so the allocation is ignored by kmemleak. + +Cc: Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@gmail.com> +Fixes: fe5186cf12e3 ("efivarfs: fix memory leak in efivarfs_create()") +Reported-by: David Laight <David.Laight@aculab.com> +Signed-off-by: Ard Biesheuvel <ardb@kernel.org> +--- + fs/efivarfs/inode.c | 2 ++ + fs/efivarfs/super.c | 1 - + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/fs/efivarfs/inode.c b/fs/efivarfs/inode.c +index 96c0c86f3fff..0297ad95eb5c 100644 +--- a/fs/efivarfs/inode.c ++++ b/fs/efivarfs/inode.c +@@ -7,6 +7,7 @@ + #include <linux/efi.h> + #include <linux/fs.h> + #include <linux/ctype.h> ++#include <linux/kmemleak.h> + #include <linux/slab.h> + #include <linux/uuid.h> + +@@ -103,6 +104,7 @@ static int efivarfs_create(struct inode *dir, struct dentry *dentry, + var->var.VariableName[i] = '\0'; + + inode->i_private = var; ++ kmemleak_ignore(var); + + err = efivar_entry_add(var, &efivarfs_list); + if (err) +diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c +index f943fd0b0699..15880a68faad 100644 +--- a/fs/efivarfs/super.c ++++ b/fs/efivarfs/super.c +@@ -21,7 +21,6 @@ LIST_HEAD(efivarfs_list); + static void efivarfs_evict_inode(struct inode *inode) + { + clear_inode(inode); +- kfree(inode->i_private); + } + + static const struct super_operations efivarfs_ops = { +-- +cgit v1.2.3-1-gf6bb5 + |