Received: by 2002:ac0:950c:0:0:0:0:0 with SMTP id f12csp3047215imc; Wed, 13 Mar 2019 07:39:07 -0700 (PDT) X-Google-Smtp-Source: APXvYqzAluj+tNQidcCoR8OoWBd1FVuQz9ulOqSnRoldKzHOdT5Yk0yBcuT6f+lZqHcKxytN5Dq7 X-Received: by 2002:a63:4c13:: with SMTP id z19mr14855325pga.71.1552487947085; Wed, 13 Mar 2019 07:39:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552487947; cv=none; d=google.com; s=arc-20160816; b=YZxJM4+wbll3HznnoVrgZm6XbPl9v3hCqBgvlqfRMPEJ1K9RhQ2XqaEjmDGNFKvx7l G5SYCSmlzgLnfo7c7/psvgwngQvuEDzz+1Oh9BImUgjOPCPhOfzyd6oHl3OK721VWuJ1 nlUr9mpzYwbOeDcSI8e7utwQFvYLJv3GwAL3TriTjPP9Cj7RY6c9dgoXXJN+rSICni3S sGkH1hE+ULZbGt3ip1+U47LcbhsMVf2kLSLV++DCdL/wdCEd0jqr69DKfrbTSx+XHNKF aF8aYgxP3hXXgFwuZO6EyIPz2+fI7JctFiUGrwro0z+DqtJ77FFyb2JNqLKMH4N+gGc7 rrUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=bQw2/a7UsBjgXC2lKKZvDGUdjXd3g0vi0jqOGbJrh80=; b=btvJfdKwKHc+8wAh8uFnexz9oEIWFD/8bAU/zMil+C8ltZnzK0xBbUIMpjX9CncS6j intJQuQfA16NOHTRpsZOC4JkU+iSJh378UgFVOA3lLhTCrDdqlHxTC8MDG8nTFk4nZ1B DB6Wl+jFdNp/bPkvW52r/6IkXfwXaLyTAO/5BDhe+eVAK1OwbTtyMGM4GXNT6a54yAH9 H9fL1V+hKuntAeUiSSLSZHNJbclI6tojO49L2D35OkZP7Oxnv8kmgQMZlKjRfZqmSY0S gjwDmhKrLvoqRQmzlVNMiVC+dF3d7kOopgY+nuC8jXRzmdJKV6d4QTFKIWUigEYmrWTo WqPA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Ac5Ridi2; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y6si10756352plk.126.2019.03.13.07.38.50; Wed, 13 Mar 2019 07:39:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Ac5Ridi2; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727065AbfCMOiG (ORCPT + 99 others); Wed, 13 Mar 2019 10:38:06 -0400 Received: from mail.kernel.org ([198.145.29.99]:44642 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726349AbfCMOiG (ORCPT ); Wed, 13 Mar 2019 10:38:06 -0400 Received: from localhost (unknown [12.27.65.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 661EB2147C; Wed, 13 Mar 2019 14:38:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1552487885; bh=2fYBVW0X6jqmlRwixhEnvssPawPfCnQQIkJHvIXSIMM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Ac5Ridi2un74y7KRHTe0vNLifyxUsGt9iCr1sZ0qIjQ3OVrUgD5ojNIXMHD0M3ki6 Jnm77wszzo5vV0bHq5ICuLmY1v0bzZDXw9KIOzLf8/VKlXujqjvu8ATBj58ooNurGi 8HTlLnFyidEK6eK/adbUmtmkdGqIaFcFx4WQpMEI= Date: Wed, 13 Mar 2019 07:38:05 -0700 From: "gregkh@linuxfoundation.org" To: Dmitry Kasatkin Cc: Sasha Levin , Al Viro , yuehaibing , "linux-kernel@vger.kernel.org" , "linux-fsdevel@vger.kernel.org" , "keescook@chromium.org" , "stable@vger.kernel.org" Subject: Re: [PATCH -next] exec: Fix mem leak in kernel_read_file Message-ID: <20190313143805.GB7489@kroah.com> References: <20190219021038.11340-1-yuehaibing@huawei.com> <20190219022512.GW2217@ZenIV.linux.org.uk> <20190311231627.GI158926@sasha-vm> <0bd9d01037354048a1d45be1ce96714f@huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <0bd9d01037354048a1d45be1ce96714f@huawei.com> User-Agent: Mutt/1.11.3 (2019-02-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Mar 13, 2019 at 02:12:30PM +0000, Dmitry Kasatkin wrote: > > > > > > > From: Sasha Levin > Sent: Tuesday, March 12, 2019 1:16 AM > To: Dmitry Kasatkin > Cc: Al Viro; yuehaibing; linux-kernel@vger.kernel.org; linux-fsdevel@vger.kernel.org; keescook@chromium.org; stable@vger.kernel.org; gregkh@google.com > Subject: Re: [PATCH -next] exec: Fix mem leak in kernel_read_file > ? > On Mon, Mar 11, 2019 at 04:59:14PM +0000, Dmitry Kasatkin wrote: > > > >From: Al Viro on behalf of Al Viro > >Sent: Tuesday, February 19, 2019 4:25 AM > >To: yuehaibing > >Cc: linux-kernel@vger.kernel.org; linux-fsdevel@vger.kernel.org; Dmitry Kasatkin; keescook@chromium.org > >Subject: Re: [PATCH -next] exec: Fix mem leak in kernel_read_file > >? > >On Tue, Feb 19, 2019 at 10:10:38AM +0800, YueHaibing wrote: > >> syzkaller report this: > >> BUG: memory leak > >> unreferenced object 0xffffc9000488d000 (size 9195520): > >>?? comm "syz-executor.0", pid 2752, jiffies 4294787496 (age 18.757s) > >>?? hex dump (first 32 bytes): > >>???? ff ff ff ff ff ff ff ff a8 00 00 00 01 00 00 00? ................ > >>???? 02 00 00 00 00 00 00 00 80 a1 7a c1 ff ff ff ff? ..........z..... > >>?? backtrace: > >>???? [<000000000863775c>] __vmalloc_node mm/vmalloc.c:1795 [inline] > >>???? [<000000000863775c>] __vmalloc_node_flags mm/vmalloc.c:1809 [inline] > >>???? [<000000000863775c>] vmalloc+0x8c/0xb0 mm/vmalloc.c:1831 > >>???? [<000000003f668111>] kernel_read_file+0x58f/0x7d0 fs/exec.c:924 > >>???? [<000000002385813f>] kernel_read_file_from_fd+0x49/0x80 fs/exec.c:993 > >>???? [<0000000011953ff1>] __do_sys_finit_module+0x13b/0x2a0 kernel/module.c:3895 > >>???? [<000000006f58491f>] do_syscall_64+0x147/0x600 arch/x86/entry/common.c:290 > >>???? [<00000000ee78baf4>] entry_SYSCALL_64_after_hwframe+0x49/0xbe > >>???? [<00000000241f889b>] 0xffffffffffffffff > >> > >> It should goto 'out_free' lable to free allocated buf while kernel_read > >> fails. > > > >Applied. > > > > > >This must be applied to stables as well... > > > It's already in all relevant stable trees... > > I only can see in longterm 4.19. > > What about 4.9 and 4.14? It was in the queue already for that (you can see it on git.kernel.org), and they are now part of the -rc releases that are currently out for review. thanks, greg k-h