Add cleanup function as the name variable for the partition name was
allocaed but never freed after the use as the add mtd function
duplicate the name and free the pparts struct as the partition name is
assumed to be static.
The leak was found using kmemleak.
Fixes: 803eb124e1a6 ("mtd: parsers: Add Qcom SMEM parser")
Signed-off-by: Ansuel Smith <[email protected]>
---
drivers/mtd/parsers/qcomsmempart.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/drivers/mtd/parsers/qcomsmempart.c b/drivers/mtd/parsers/qcomsmempart.c
index d9083308f6ba..06a818cd2433 100644
--- a/drivers/mtd/parsers/qcomsmempart.c
+++ b/drivers/mtd/parsers/qcomsmempart.c
@@ -159,6 +159,15 @@ static int parse_qcomsmem_part(struct mtd_info *mtd,
return ret;
}
+static void parse_qcomsmem_cleanup(const struct mtd_partition *pparts,
+ int nr_parts)
+{
+ int i;
+
+ for (i = 0; i < nr_parts; i++)
+ kfree(pparts[i].name);
+}
+
static const struct of_device_id qcomsmem_of_match_table[] = {
{ .compatible = "qcom,smem-part" },
{},
@@ -167,6 +176,7 @@ MODULE_DEVICE_TABLE(of, qcomsmem_of_match_table);
static struct mtd_part_parser mtd_parser_qcomsmem = {
.parse_fn = parse_qcomsmem_part,
+ .cleanup = parse_qcomsmem_cleanup,
.name = "qcomsmem",
.of_match_table = qcomsmem_of_match_table,
};
--
2.31.1
On Tue 25 May 18:09 CDT 2021, Ansuel Smith wrote:
> Add cleanup function as the name variable for the partition name was
> allocaed but never freed after the use as the add mtd function
> duplicate the name and free the pparts struct as the partition name is
> assumed to be static.
> The leak was found using kmemleak.
>
Reviewed-by: Bjorn Andersson <[email protected]>
Regards,
Bjorn
> Fixes: 803eb124e1a6 ("mtd: parsers: Add Qcom SMEM parser")
> Signed-off-by: Ansuel Smith <[email protected]>
> ---
> drivers/mtd/parsers/qcomsmempart.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/drivers/mtd/parsers/qcomsmempart.c b/drivers/mtd/parsers/qcomsmempart.c
> index d9083308f6ba..06a818cd2433 100644
> --- a/drivers/mtd/parsers/qcomsmempart.c
> +++ b/drivers/mtd/parsers/qcomsmempart.c
> @@ -159,6 +159,15 @@ static int parse_qcomsmem_part(struct mtd_info *mtd,
> return ret;
> }
>
> +static void parse_qcomsmem_cleanup(const struct mtd_partition *pparts,
> + int nr_parts)
> +{
> + int i;
> +
> + for (i = 0; i < nr_parts; i++)
> + kfree(pparts[i].name);
> +}
> +
> static const struct of_device_id qcomsmem_of_match_table[] = {
> { .compatible = "qcom,smem-part" },
> {},
> @@ -167,6 +176,7 @@ MODULE_DEVICE_TABLE(of, qcomsmem_of_match_table);
>
> static struct mtd_part_parser mtd_parser_qcomsmem = {
> .parse_fn = parse_qcomsmem_part,
> + .cleanup = parse_qcomsmem_cleanup,
> .name = "qcomsmem",
> .of_match_table = qcomsmem_of_match_table,
> };
> --
> 2.31.1
>
On Wed, May 26, 2021 at 01:09:31AM +0200, Ansuel Smith wrote:
> Add cleanup function as the name variable for the partition name was
> allocaed but never freed after the use as the add mtd function
> duplicate the name and free the pparts struct as the partition name is
> assumed to be static.
> The leak was found using kmemleak.
>
> Fixes: 803eb124e1a6 ("mtd: parsers: Add Qcom SMEM parser")
> Signed-off-by: Ansuel Smith <[email protected]>
Reviewed-by: Manivannan Sadhasivam <[email protected]>
Thanks,
Mani
> ---
> drivers/mtd/parsers/qcomsmempart.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/drivers/mtd/parsers/qcomsmempart.c b/drivers/mtd/parsers/qcomsmempart.c
> index d9083308f6ba..06a818cd2433 100644
> --- a/drivers/mtd/parsers/qcomsmempart.c
> +++ b/drivers/mtd/parsers/qcomsmempart.c
> @@ -159,6 +159,15 @@ static int parse_qcomsmem_part(struct mtd_info *mtd,
> return ret;
> }
>
> +static void parse_qcomsmem_cleanup(const struct mtd_partition *pparts,
> + int nr_parts)
> +{
> + int i;
> +
> + for (i = 0; i < nr_parts; i++)
> + kfree(pparts[i].name);
> +}
> +
> static const struct of_device_id qcomsmem_of_match_table[] = {
> { .compatible = "qcom,smem-part" },
> {},
> @@ -167,6 +176,7 @@ MODULE_DEVICE_TABLE(of, qcomsmem_of_match_table);
>
> static struct mtd_part_parser mtd_parser_qcomsmem = {
> .parse_fn = parse_qcomsmem_part,
> + .cleanup = parse_qcomsmem_cleanup,
> .name = "qcomsmem",
> .of_match_table = qcomsmem_of_match_table,
> };
> --
> 2.31.1
>
On Tue, 2021-05-25 at 23:09:31 UTC, Ansuel Smith wrote:
> Add cleanup function as the name variable for the partition name was
> allocaed but never freed after the use as the add mtd function
> duplicate the name and free the pparts struct as the partition name is
> assumed to be static.
> The leak was found using kmemleak.
>
> Fixes: 803eb124e1a6 ("mtd: parsers: Add Qcom SMEM parser")
> Signed-off-by: Ansuel Smith <[email protected]>
> Reviewed-by: Bjorn Andersson <[email protected]>
> Reviewed-by: Manivannan Sadhasivam <[email protected]>
Applied to https://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux.git mtd/next, thanks.
Miquel