Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp4928992ybf; Wed, 4 Mar 2020 13:38:59 -0800 (PST) X-Google-Smtp-Source: ADFU+vtkY/m8bsSLffgHQpE6JHNJtd1uPHd0b5Ak5OQgnJYne4DbAVjM8A/5FVnYkCslJUZgTli7 X-Received: by 2002:a9d:7514:: with SMTP id r20mr2262537otk.265.1583357939769; Wed, 04 Mar 2020 13:38:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1583357939; cv=none; d=google.com; s=arc-20160816; b=JbiC8xtpfeuQ4TaPWiE1AgTt8ecEyJFqxUkm25tU9YT9bHXhVNNaXD6g/HiDIS50kp axMaou2YMiNi8p1Qt3W+avgnXqqpS63rjnFAEo7hIq+N7kJ0Xbhffz2eXH9vdYsVcqoN auqqpkCcZYdkQ5oqoxsP6+kIQNbjDWKFbs6G8duopwYQwEhWNeqZYpeqU/KVoK8363Hj 6qeeA0BDzu7ChC2mZ7kP+OrwmWUSW0Qkl/St4EMLEZdAmO5+wJ2zTLk9dpJ0mJnuKAeV wpasBmF3tbf9BOq8xKLn6L/C2uZiRCLCAM3d7BrgXmOHEczllHfxQ1acymrAu0dwV1c1 vqkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:content-transfer-encoding :content-language:accept-language:in-reply-to:references:message-id :date:thread-index:thread-topic:subject:cc:to:from:dkim-signature; bh=QkLnH+NE8c3qkE/LnlNQPG4USM8MtcA/4B/Z5q7MV94=; b=c3U2PVBmYJ884nTthnfFE/mnhC6Eyhh959X6TVsRRYEPhEQkphQR/hTqC7NhKPXtS9 BgMuw2Cik2zhY4Lu3/Huc79y4mjoAUiGkeQ68nobiU3rGFCnbjdJ9rZXfYMMA8vd4pRa L/kt35emgRRplrRqXQj/DSvODC2zu23aVQJ/PMSmH9YvaZ7upVKqnAZYzIQSIKjDq8ch Q75Q5X92atClAO2VJR2kOI3K37MDhj0BPkglFP5Yehys9RWmLwJ4IXu7Mk2kwRV4f4Lf 0l32GkqgkLYRv43cHjNSypywHvTOxSGJApk/Em39elXvr3m3c7X7QlT9L1t8cakf9vlu k1CQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@bfs.de header.s=dkim201901 header.b=ox2a1lRV; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i8si1864176otr.227.2020.03.04.13.38.47; Wed, 04 Mar 2020 13:38:59 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@bfs.de header.s=dkim201901 header.b=ox2a1lRV; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729936AbgCDVif (ORCPT + 99 others); Wed, 4 Mar 2020 16:38:35 -0500 Received: from mx01-sz.bfs.de ([194.94.69.67]:29728 "EHLO mx01-sz.bfs.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728482AbgCDVif (ORCPT ); Wed, 4 Mar 2020 16:38:35 -0500 Received: from SRVEX01-SZ.bfs.intern (exchange-sz.bfs.de [10.129.90.31]) by mx01-sz.bfs.de (Postfix) with ESMTPS id 94AF520371; Wed, 4 Mar 2020 22:38:32 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bfs.de; s=dkim201901; t=1583357912; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=QkLnH+NE8c3qkE/LnlNQPG4USM8MtcA/4B/Z5q7MV94=; b=ox2a1lRVK9fnzc4iDIFh+2Xs0zIRwBsojXkNVowJNH0DwpX0/bc50gOOC5+uK2qfJH/AZ3 Tar6sQOvFZvIf9dUqNYqROoKSEAVxMnsUhJeEImDzuPnkITX/7YTiIBm8SkTtLAKVhw3F7 alPNFEjEwZpqP9jhEaoK2PZFXke8M/MTtToYdgL3atOVa0G6JF2Zkt1p1mgZES94xbobin 96CgPo5uO1m3gvMgVHgAT9pE1zEGrsRYwJ2nbTe9nG+Tz50oSs/7zxJCOFN5E1i0lmOH0g gGzu/+tQni4Mj8k+TtJdQC/rqpIKRwnIKkqHgTUX1J+rFHeIdYoinVBRa7cuHQ== Received: from SRVEX01-SZ.bfs.intern (10.129.90.31) by SRVEX01-SZ.bfs.intern (10.129.90.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.1913.5; Wed, 4 Mar 2020 22:28:31 +0100 Received: from SRVEX01-SZ.bfs.intern ([fe80::7d2d:f9cb:2761:d24a]) by SRVEX01-SZ.bfs.intern ([fe80::7d2d:f9cb:2761:d24a%6]) with mapi id 15.01.1913.005; Wed, 4 Mar 2020 22:28:31 +0100 From: Walter Harms To: Greg Kroah-Hartman , "linux-kernel@vger.kernel.org" CC: "stable@vger.kernel.org" , Christophe JAILLET , Paul Burton , "ralf@linux-mips.org" , "linux-mips@vger.kernel.org" , "kernel-janitors@vger.kernel.org" Subject: AW: [PATCH 5.5 110/176] MIPS: VPE: Fix a double free and a memory leak in release_vpe() Thread-Topic: [PATCH 5.5 110/176] MIPS: VPE: Fix a double free and a memory leak in release_vpe() Thread-Index: AQHV8Y196lGPcYxjR0WoJuuadsBv/Kg49D8A Date: Wed, 4 Mar 2020 21:28:31 +0000 Message-ID: References: <20200303174304.593872177@linuxfoundation.org>,<20200303174317.555620066@linuxfoundation.org> In-Reply-To: <20200303174317.555620066@linuxfoundation.org> Accept-Language: de-DE, en-US Content-Language: de-DE X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.137.16.40] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Spam-Status: No, score=-0.33 Authentication-Results: mx01-sz.bfs.de; none X-Spamd-Result: default: False [-0.33 / 7.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; HAS_XOIP(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FREEMAIL_ENVRCPT(0.00)[wanadoo.fr]; MIME_GOOD(-0.10)[text/plain]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_SEVEN(0.00)[8]; NEURAL_HAM(-0.00)[-0.980,0]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[]; BAYES_HAM(-0.33)[75.84%] Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org ________________________________________ Von: kernel-janitors-owner@vger.kernel.org im Auftrag von Greg Kroah-Hartman Gesendet: Dienstag, 3. M=E4rz 2020 18:42 An: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman; stable@vger.kernel.org; Christophe JAILLET; Paul Bu= rton; ralf@linux-mips.org; linux-mips@vger.kernel.org; kernel-janitors@vger= .kernel.org Betreff: [PATCH 5.5 110/176] MIPS: VPE: Fix a double free and a memory leak= in release_vpe() From: Christophe JAILLET commit bef8e2dfceed6daeb6ca3e8d33f9c9d43b926580 upstream. Pointer on the memory allocated by 'alloc_progmem()' is stored in 'v->load_addr'. So this is this memory that should be freed by 'release_progmem()'. 'release_progmem()' is only a call to 'kfree()'. With the current code, there is both a double free and a memory leak. Fix it by passing the correct pointer to 'release_progmem()'. Fixes: e01402b115ccc ("More AP / SP bits for the 34K, the Malta bits and th= ings. Still wants") Signed-off-by: Christophe JAILLET Signed-off-by: Paul Burton Cc: ralf@linux-mips.org Cc: linux-mips@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: kernel-janitors@vger.kernel.org Signed-off-by: Greg Kroah-Hartman --- arch/mips/kernel/vpe.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/arch/mips/kernel/vpe.c +++ b/arch/mips/kernel/vpe.c @@ -134,7 +134,7 @@ void release_vpe(struct vpe *v) { list_del(&v->list); if (v->load_addr) - release_progmem(v); + release_progmem(v->load_addr); kfree(v); } since release_progmem() is kfree() it is also possible to drop "if (v->load= _addr)" jm2c re, wh=