Re: [PATCH] x86/microcode/AMD: fix memleak in update_cache()

2017-07-18 Thread Borislav Petkov 
On Wed, Jul 19, 2017 at 12:21:23PM +0800, shuw...@redhat.com wrote:
> From: Shu Wang 
> 
> Found this issue by kmemleak. The mem is allocated in
> verify_and_add_patch(), passed to update_cache(patch),
> and just dropped the reference without free
> if (p->patch_id >= new_patch->patch_id)
> return;
> 
> unreferenced object 0x88010e780b40 (size 32):
>   comm "bash", pid 860, jiffies 4294690939 (age 29.297s)
>   backtrace:
> [] kmemleak_alloc+0x4a/0xa0
> [] kmem_cache_alloc_trace+0xca/0x1d0
> [] load_microcode_amd.isra.0+0x1d0/0x400
> [] request_microcode_amd+0xc3/0x160
> [] reload_store+0xe1/0x170
> [] dev_attr_store+0x18/0x30
> [] sysfs_kf_write+0x3a/0x50
> [] kernfs_fop_write+0xff/0x180
> [] __vfs_write+0x37/0x170
> [] vfs_write+0xb2/0x1b0
> [] SyS_write+0x55/0xc0
> [] do_syscall_64+0x67/0x150
> [] return_from_SYSCALL_64+0x0/0x6a
> [] 0x
> 
> (gdb) list *0x81050d60
> 0x81050d60 is in load_microcode_amd
>   (arch/x86/kernel/cpu/microcode/amd.c:616).
> 
> Signed-off-by: Shu Wang 
> ---
>  arch/x86/kernel/cpu/microcode/amd.c | 5 -
>  1 file changed, 4 insertions(+), 1 deletion(-)

Applied, thanks.

-- 
Regards/Gruss,
Boris.

ECO tip #101: Trim your mails when you reply.
--

Re: [PATCH] x86/microcode/AMD: fix memleak in update_cache()

2017-07-18 Thread Borislav Petkov 
On Wed, Jul 19, 2017 at 12:21:23PM +0800, shuw...@redhat.com wrote:
> From: Shu Wang 
> 
> Found this issue by kmemleak. The mem is allocated in
> verify_and_add_patch(), passed to update_cache(patch),
> and just dropped the reference without free
> if (p->patch_id >= new_patch->patch_id)
> return;
> 
> unreferenced object 0x88010e780b40 (size 32):
>   comm "bash", pid 860, jiffies 4294690939 (age 29.297s)
>   backtrace:
> [] kmemleak_alloc+0x4a/0xa0
> [] kmem_cache_alloc_trace+0xca/0x1d0
> [] load_microcode_amd.isra.0+0x1d0/0x400
> [] request_microcode_amd+0xc3/0x160
> [] reload_store+0xe1/0x170
> [] dev_attr_store+0x18/0x30
> [] sysfs_kf_write+0x3a/0x50
> [] kernfs_fop_write+0xff/0x180
> [] __vfs_write+0x37/0x170
> [] vfs_write+0xb2/0x1b0
> [] SyS_write+0x55/0xc0
> [] do_syscall_64+0x67/0x150
> [] return_from_SYSCALL_64+0x0/0x6a
> [] 0x
> 
> (gdb) list *0x81050d60
> 0x81050d60 is in load_microcode_amd
>   (arch/x86/kernel/cpu/microcode/amd.c:616).
> 
> Signed-off-by: Shu Wang 
> ---
>  arch/x86/kernel/cpu/microcode/amd.c | 5 -
>  1 file changed, 4 insertions(+), 1 deletion(-)

Applied, thanks.

-- 
Regards/Gruss,
Boris.

ECO tip #101: Trim your mails when you reply.
--

[PATCH] x86/microcode/AMD: fix memleak in update_cache()

2017-07-18 Thread shuwang 
From: Shu Wang 

Found this issue by kmemleak. The mem is allocated in
verify_and_add_patch(), passed to update_cache(patch),
and just dropped the reference without free
if (p->patch_id >= new_patch->patch_id)
return;

unreferenced object 0x88010e780b40 (size 32):
  comm "bash", pid 860, jiffies 4294690939 (age 29.297s)
  backtrace:
[] kmemleak_alloc+0x4a/0xa0
[] kmem_cache_alloc_trace+0xca/0x1d0
[] load_microcode_amd.isra.0+0x1d0/0x400
[] request_microcode_amd+0xc3/0x160
[] reload_store+0xe1/0x170
[] dev_attr_store+0x18/0x30
[] sysfs_kf_write+0x3a/0x50
[] kernfs_fop_write+0xff/0x180
[] __vfs_write+0x37/0x170
[] vfs_write+0xb2/0x1b0
[] SyS_write+0x55/0xc0
[] do_syscall_64+0x67/0x150
[] return_from_SYSCALL_64+0x0/0x6a
[] 0x

(gdb) list *0x81050d60
0x81050d60 is in load_microcode_amd
  (arch/x86/kernel/cpu/microcode/amd.c:616).

Signed-off-by: Shu Wang 
---
 arch/x86/kernel/cpu/microcode/amd.c | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/cpu/microcode/amd.c 
b/arch/x86/kernel/cpu/microcode/amd.c
index 21b1857..c6daec4 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -400,9 +400,12 @@ static void update_cache(struct ucode_patch *new_patch)
 
list_for_each_entry(p, _cache, plist) {
if (p->equiv_cpu == new_patch->equiv_cpu) {
-   if (p->patch_id >= new_patch->patch_id)
+   if (p->patch_id >= new_patch->patch_id) {
/* we already have the latest patch */
+   kfree(new_patch->data);
+   kfree(new_patch);
return;
+   }
 
list_replace(>plist, _patch->plist);
kfree(p->data);
-- 
2.5.0

[PATCH] x86/microcode/AMD: fix memleak in update_cache()

2017-07-18 Thread shuwang 
From: Shu Wang 

Found this issue by kmemleak. The mem is allocated in
verify_and_add_patch(), passed to update_cache(patch),
and just dropped the reference without free
if (p->patch_id >= new_patch->patch_id)
return;

unreferenced object 0x88010e780b40 (size 32):
  comm "bash", pid 860, jiffies 4294690939 (age 29.297s)
  backtrace:
[] kmemleak_alloc+0x4a/0xa0
[] kmem_cache_alloc_trace+0xca/0x1d0
[] load_microcode_amd.isra.0+0x1d0/0x400
[] request_microcode_amd+0xc3/0x160
[] reload_store+0xe1/0x170
[] dev_attr_store+0x18/0x30
[] sysfs_kf_write+0x3a/0x50
[] kernfs_fop_write+0xff/0x180
[] __vfs_write+0x37/0x170
[] vfs_write+0xb2/0x1b0
[] SyS_write+0x55/0xc0
[] do_syscall_64+0x67/0x150
[] return_from_SYSCALL_64+0x0/0x6a
[] 0x

(gdb) list *0x81050d60
0x81050d60 is in load_microcode_amd
  (arch/x86/kernel/cpu/microcode/amd.c:616).

Signed-off-by: Shu Wang 
---
 arch/x86/kernel/cpu/microcode/amd.c | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/cpu/microcode/amd.c 
b/arch/x86/kernel/cpu/microcode/amd.c
index 21b1857..c6daec4 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -400,9 +400,12 @@ static void update_cache(struct ucode_patch *new_patch)
 
list_for_each_entry(p, _cache, plist) {
if (p->equiv_cpu == new_patch->equiv_cpu) {
-   if (p->patch_id >= new_patch->patch_id)
+   if (p->patch_id >= new_patch->patch_id) {
/* we already have the latest patch */
+   kfree(new_patch->data);
+   kfree(new_patch);
return;
+   }
 
list_replace(>plist, _patch->plist);
kfree(p->data);
-- 
2.5.0