Re: [PATCH] x86/microcode/AMD: fix memleak in update_cache()
On Wed, Jul 19, 2017 at 12:21:23PM +0800, shuw...@redhat.com wrote: > From: Shu Wang> > Found this issue by kmemleak. The mem is allocated in > verify_and_add_patch(), passed to update_cache(patch), > and just dropped the reference without free > if (p->patch_id >= new_patch->patch_id) > return; > > unreferenced object 0x88010e780b40 (size 32): > comm "bash", pid 860, jiffies 4294690939 (age 29.297s) > backtrace: > [] kmemleak_alloc+0x4a/0xa0 > [] kmem_cache_alloc_trace+0xca/0x1d0 > [] load_microcode_amd.isra.0+0x1d0/0x400 > [] request_microcode_amd+0xc3/0x160 > [] reload_store+0xe1/0x170 > [] dev_attr_store+0x18/0x30 > [] sysfs_kf_write+0x3a/0x50 > [] kernfs_fop_write+0xff/0x180 > [] __vfs_write+0x37/0x170 > [] vfs_write+0xb2/0x1b0 > [] SyS_write+0x55/0xc0 > [] do_syscall_64+0x67/0x150 > [] return_from_SYSCALL_64+0x0/0x6a > [] 0x > > (gdb) list *0x81050d60 > 0x81050d60 is in load_microcode_amd > (arch/x86/kernel/cpu/microcode/amd.c:616). > > Signed-off-by: Shu Wang > --- > arch/x86/kernel/cpu/microcode/amd.c | 5 - > 1 file changed, 4 insertions(+), 1 deletion(-) Applied, thanks. -- Regards/Gruss, Boris. ECO tip #101: Trim your mails when you reply. --
Re: [PATCH] x86/microcode/AMD: fix memleak in update_cache()
On Wed, Jul 19, 2017 at 12:21:23PM +0800, shuw...@redhat.com wrote: > From: Shu Wang > > Found this issue by kmemleak. The mem is allocated in > verify_and_add_patch(), passed to update_cache(patch), > and just dropped the reference without free > if (p->patch_id >= new_patch->patch_id) > return; > > unreferenced object 0x88010e780b40 (size 32): > comm "bash", pid 860, jiffies 4294690939 (age 29.297s) > backtrace: > [] kmemleak_alloc+0x4a/0xa0 > [] kmem_cache_alloc_trace+0xca/0x1d0 > [] load_microcode_amd.isra.0+0x1d0/0x400 > [] request_microcode_amd+0xc3/0x160 > [] reload_store+0xe1/0x170 > [] dev_attr_store+0x18/0x30 > [] sysfs_kf_write+0x3a/0x50 > [] kernfs_fop_write+0xff/0x180 > [] __vfs_write+0x37/0x170 > [] vfs_write+0xb2/0x1b0 > [] SyS_write+0x55/0xc0 > [] do_syscall_64+0x67/0x150 > [] return_from_SYSCALL_64+0x0/0x6a > [] 0x > > (gdb) list *0x81050d60 > 0x81050d60 is in load_microcode_amd > (arch/x86/kernel/cpu/microcode/amd.c:616). > > Signed-off-by: Shu Wang > --- > arch/x86/kernel/cpu/microcode/amd.c | 5 - > 1 file changed, 4 insertions(+), 1 deletion(-) Applied, thanks. -- Regards/Gruss, Boris. ECO tip #101: Trim your mails when you reply. --
[PATCH] x86/microcode/AMD: fix memleak in update_cache()
From: Shu WangFound this issue by kmemleak. The mem is allocated in verify_and_add_patch(), passed to update_cache(patch), and just dropped the reference without free if (p->patch_id >= new_patch->patch_id) return; unreferenced object 0x88010e780b40 (size 32): comm "bash", pid 860, jiffies 4294690939 (age 29.297s) backtrace: [] kmemleak_alloc+0x4a/0xa0 [] kmem_cache_alloc_trace+0xca/0x1d0 [] load_microcode_amd.isra.0+0x1d0/0x400 [] request_microcode_amd+0xc3/0x160 [] reload_store+0xe1/0x170 [] dev_attr_store+0x18/0x30 [] sysfs_kf_write+0x3a/0x50 [] kernfs_fop_write+0xff/0x180 [] __vfs_write+0x37/0x170 [] vfs_write+0xb2/0x1b0 [] SyS_write+0x55/0xc0 [] do_syscall_64+0x67/0x150 [] return_from_SYSCALL_64+0x0/0x6a [] 0x (gdb) list *0x81050d60 0x81050d60 is in load_microcode_amd (arch/x86/kernel/cpu/microcode/amd.c:616). Signed-off-by: Shu Wang --- arch/x86/kernel/cpu/microcode/amd.c | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c index 21b1857..c6daec4 100644 --- a/arch/x86/kernel/cpu/microcode/amd.c +++ b/arch/x86/kernel/cpu/microcode/amd.c @@ -400,9 +400,12 @@ static void update_cache(struct ucode_patch *new_patch) list_for_each_entry(p, _cache, plist) { if (p->equiv_cpu == new_patch->equiv_cpu) { - if (p->patch_id >= new_patch->patch_id) + if (p->patch_id >= new_patch->patch_id) { /* we already have the latest patch */ + kfree(new_patch->data); + kfree(new_patch); return; + } list_replace(>plist, _patch->plist); kfree(p->data); -- 2.5.0
[PATCH] x86/microcode/AMD: fix memleak in update_cache()
From: Shu Wang Found this issue by kmemleak. The mem is allocated in verify_and_add_patch(), passed to update_cache(patch), and just dropped the reference without free if (p->patch_id >= new_patch->patch_id) return; unreferenced object 0x88010e780b40 (size 32): comm "bash", pid 860, jiffies 4294690939 (age 29.297s) backtrace: [] kmemleak_alloc+0x4a/0xa0 [] kmem_cache_alloc_trace+0xca/0x1d0 [] load_microcode_amd.isra.0+0x1d0/0x400 [] request_microcode_amd+0xc3/0x160 [] reload_store+0xe1/0x170 [] dev_attr_store+0x18/0x30 [] sysfs_kf_write+0x3a/0x50 [] kernfs_fop_write+0xff/0x180 [] __vfs_write+0x37/0x170 [] vfs_write+0xb2/0x1b0 [] SyS_write+0x55/0xc0 [] do_syscall_64+0x67/0x150 [] return_from_SYSCALL_64+0x0/0x6a [] 0x (gdb) list *0x81050d60 0x81050d60 is in load_microcode_amd (arch/x86/kernel/cpu/microcode/amd.c:616). Signed-off-by: Shu Wang --- arch/x86/kernel/cpu/microcode/amd.c | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c index 21b1857..c6daec4 100644 --- a/arch/x86/kernel/cpu/microcode/amd.c +++ b/arch/x86/kernel/cpu/microcode/amd.c @@ -400,9 +400,12 @@ static void update_cache(struct ucode_patch *new_patch) list_for_each_entry(p, _cache, plist) { if (p->equiv_cpu == new_patch->equiv_cpu) { - if (p->patch_id >= new_patch->patch_id) + if (p->patch_id >= new_patch->patch_id) { /* we already have the latest patch */ + kfree(new_patch->data); + kfree(new_patch); return; + } list_replace(>plist, _patch->plist); kfree(p->data); -- 2.5.0