Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp7375200ybi; Thu, 1 Aug 2019 07:16:39 -0700 (PDT) X-Google-Smtp-Source: APXvYqzZQuv8t7uKLcNMXmEO0sd5cIYNzSUtoirrBkQe5UO4L31bVdkZWSdAnwsE1gZRiJUCI036 X-Received: by 2002:a17:902:bd49:: with SMTP id b9mr32104341plx.343.1564668999706; Thu, 01 Aug 2019 07:16:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564668999; cv=none; d=google.com; s=arc-20160816; b=e208wVk48eW35Ifn2drV2Wgz4LGlmvGW+X7sCPTN+w9vZuQXtHjfLPYHXzAzKcqxpy nnJfBb9Xqh4MuctL/zirSv3u04rFkxWlENFZKejrZclQHGt2e2LfDNjWwjHFgOOHEekK CA/Os4tL2VLzyWljz1QPs/wc297S7KP7pr0mOiJqeRdq3/TzpYnz9scnOcpl9aAMB2kB j/9WxyXJ8vayDH5Qm0AFODc9J9+2t42s0OtVowynIlH1MN7/PwDHc24HjqFJ+s6bYjEH +w8hdGLK6IUzCBQGXZVheyRvsNxeE3av+y0ILVxSfXhMmMggVjkqkuTnEysHK9y4xpOK JZWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=KYYwECup+fF9qp+rfwpWlPQqwe1co2+YMnT+E8jGyP0=; b=Nek2Kb2kcq2+aUkXQwu9563ItKPD7kyTHW2Jx52fcpl4qOmXJ7mC191wotttXGtOHL OlHD/5Qp7iLERtlPY+dBxHjWCxsf1p/WHcEtHi2em5vE3NdYCPg8dyWGfSFlHRUiB8Mo kisKFi51zhsFJCtFqF8H4ggi3w9dXqzzbkRrkwFQiSTPAicVApP6rAZifPjbHRHsKLa9 Kx67kI2cRYlneN4OeeloFSBdtG8BH9HlaK/JJ8QAImZXa+xwvbQWCMLdtXdmTg09mOvF nsxSgXf7I6iPBwqN7BHj14CJrEABg7vsdjBRsCRPGA2vVVTq8atFL5B8LdX0ucHWVO3d X84A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=mrbMWQFC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n5si13738694pgq.154.2019.08.01.07.16.24; Thu, 01 Aug 2019 07:16:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=mrbMWQFC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731817AbfHAOOJ (ORCPT + 99 others); Thu, 1 Aug 2019 10:14:09 -0400 Received: from mail-vk1-f193.google.com ([209.85.221.193]:46300 "EHLO mail-vk1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731665AbfHAOOJ (ORCPT ); Thu, 1 Aug 2019 10:14:09 -0400 Received: by mail-vk1-f193.google.com with SMTP id b64so14612293vke.13 for ; Thu, 01 Aug 2019 07:14:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KYYwECup+fF9qp+rfwpWlPQqwe1co2+YMnT+E8jGyP0=; b=mrbMWQFCA7ngezQ2lWfc7FsgOQG0hjP2nr0N9Pc+5y+ZR+GLm4EWPIUcbx50KNWVb9 Q1YoCxQHgrCt0HnibYnOcVCOgWECWvE4EXjBLqbfd3B7xV+Otd2Unk5oJardDz7QnjTr SoUBY5d1CmTSOur4PzjzcXO7xvltXPwy7C3dwEIHkh9GwZtH4KhLnNP57UWIt3UWU+1V cC+hEtZIILUpfBtcaQJQPL5XszdES/nYVopS3EmKuoiRO3Bd32uoa4s5XMSk5yd5EdLY /kfiq4hDnHIdW9DerzSQZhFc6z+TShtK2wXFdUQ5QuYfcDYTghfkQfA9bpBeOJ5ScF3j fIsg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KYYwECup+fF9qp+rfwpWlPQqwe1co2+YMnT+E8jGyP0=; b=N018zOxkJqZVRzQumfjjxjdQJsLnhfadoGNfb0SY3n2yEfbiosSS37Nu3AXvNbybAL oW6/QoGItSXtfNBJ3iEd7DZCfpLmDQX/a7GwFVbb9lvKvYSyC0cRkWNvbF6oCb8HG50H zlx1sPaaLAvtKvJsZagMUBluF0egJHsV1Yb2E4+imOz7TdXRWpwhmLQYUJCnMJKI9rJZ DPF28MErMMGLeetCgc/v31HEV2BmuUnQ41FaTqzRcTNQOf5dVfIausG7+KAHMaY0i85F 6FTuci1S94HDxbbLLgBbpIgE5HomS5SmmTlFLVsEYhQEkV4QTR2+LVFGxgadOHjIYuLJ 48Ng== X-Gm-Message-State: APjAAAVudoeoG6h6jDmdLwV1buf//lnUHdiZfuHzhKC+TkGNK80c5UAS pMtihnU4YdTsBdZIIsp49x/X73+R4hoCta9fouJU0g== X-Received: by 2002:a1f:2e56:: with SMTP id u83mr10776741vku.68.1564668847891; Thu, 01 Aug 2019 07:14:07 -0700 (PDT) MIME-Version: 1.0 References: <20190801135721.13211-1-ttayar@habana.ai> In-Reply-To: <20190801135721.13211-1-ttayar@habana.ai> From: Oded Gabbay Date: Thu, 1 Aug 2019 17:13:41 +0300 Message-ID: Subject: Re: [PATCH] habanalabs: Avoid double free in error flow To: Tomer Tayar Cc: "linux-kernel@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Aug 1, 2019 at 4:57 PM Tomer Tayar wrote: > > In case kernel context init fails during device initialization, both > hl_ctx_put() and kfree() are called, ending with a double free of the > kernel context. > Calling kfree() is needed only when a failure happens between the > allocation of the kernel context and its initialization, so move it to > there and remove it from the error flow. > > Signed-off-by: Tomer Tayar > --- > drivers/misc/habanalabs/device.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/drivers/misc/habanalabs/device.c b/drivers/misc/habanalabs/device.c > index 0c4894dd9c02..7a8f9d0b71b5 100644 > --- a/drivers/misc/habanalabs/device.c > +++ b/drivers/misc/habanalabs/device.c > @@ -970,7 +970,8 @@ int hl_device_init(struct hl_device *hdev, struct class *hclass) > rc = hl_ctx_init(hdev, hdev->kernel_ctx, true); > if (rc) { > dev_err(hdev->dev, "failed to initialize kernel context\n"); > - goto free_ctx; > + kfree(hdev->kernel_ctx); > + goto mmu_fini; > } > > rc = hl_cb_pool_init(hdev); > @@ -1053,8 +1054,6 @@ int hl_device_init(struct hl_device *hdev, struct class *hclass) > if (hl_ctx_put(hdev->kernel_ctx) != 1) > dev_err(hdev->dev, > "kernel ctx is still alive on initialization failure\n"); > -free_ctx: > - kfree(hdev->kernel_ctx); > mmu_fini: > hl_mmu_fini(hdev); > eq_fini: > -- > 2.17.1 > This patch is: Reviewed-by: Oded Gabbay Applied to -fixed Oded