Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp2412231pxb;
        Fri, 29 Oct 2021 00:26:06 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwQQI59bZ1lO9lJ4c/A3gPL7667p8z0JG7FZSWBkJRZStUGLy6xOIsuVPtnTAYwTqO6HfoU
X-Received: by 2002:a63:e00b:: with SMTP id e11mr7044110pgh.190.1635492366140;
        Fri, 29 Oct 2021 00:26:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1635492366; cv=none;
        d=google.com; s=arc-20160816;
        b=nl7uQPwiL4KjW+9dTR6ubYV9++T8kTUKbRxk8wzwqUwdriAdNP/OTqzMebGUEx87HK
         qcjlf4ae8UJsK/BH0oQV0H/sGEQitDiHlbqdvwiH4wX8obuDefj+7qe20+2LXEJdjSBr
         WEszuflVIwgZcviT/CkuWAKEgMAcsezfOrXBFpqvR4NEUYg9cqXXIkPQdzHTj/Hwmwf3
         s3woO4eZ/boCkpJsRqqrZY4smoEdOEKMPl739ZKUsVZ8CjXK1huToO4wFusDMAmpKjsu
         xOZbBUtWZ4Z+Lzplba09fGnCX1iTdiBpkVvalNinAMXIbyWtWGOy+x2DMtrTemyv8Lpi
         FWlQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:references:in-reply-to:message-id:date:subject
         :cc:to:from:dkim-signature;
        bh=qmdDrGYqg+TDMbXgLfYsJi8pdSqy326HyK1Ny6bH7BM=;
        b=GzKmiZDLbgLAn7bfkIdFzBGyw+gF038J7xzBDMIPAaGbpnvsjkau+4dawLD7wqyYEZ
         WVs5qyJBmMyigIBADwpgkTUzqLW/Fnu8LMGRJR/kVzDFN1hLAF3n8jLZbsr+NAfPc90I
         9zzsWIB2dl97VlL+ULG1gVYtHYepTyYru4vrYDJxik9gxxUfv1IRSYFfHTlqmZzwe1hn
         UYZEu2ZyNa4auuvDp+JyG29nW/CrfVzNmtzz7qMa6fmhTVZYKZJb4N+v7k5ImOZopYiw
         YbGGg6Nk+1KbXWHbg+9li/jcgsh7E3hDZkF8ztAAK90ay08KF4/WY/3eAC5rOft2xcOJ
         CjaA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Fv9QCbMV;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id v12si1895287plp.293.2021.10.29.00.25.52;
        Fri, 29 Oct 2021 00:26:06 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Fv9QCbMV;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232211AbhJ2H1U (ORCPT <rfc822;m15259695263@gmail.com>
        + 99 others); Fri, 29 Oct 2021 03:27:20 -0400
Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:20684 "EHLO
        us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S232207AbhJ2H1U (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 29 Oct 2021 03:27:20 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1635492291;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:in-reply-to:in-reply-to:references:references;
        bh=qmdDrGYqg+TDMbXgLfYsJi8pdSqy326HyK1Ny6bH7BM=;
        b=Fv9QCbMVA/70FUhLAp/xE9ubr+mDGEIRntz8j3PbutRGByyrRtCNdj7njha+jTFl3qGgOU
        GyRNuErsq6DFYq4yayVTq/3v86pTxSghRb0NRvyXEP+VE5EwNNDYnPnCO/LcLYuKeiBUJg
        CaFkrAd2d/TThaaJddN4SEBInrnCnPU=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-319-I7c1XyygN0ySGEWRoJRlbA-1; Fri, 29 Oct 2021 03:24:48 -0400
X-MC-Unique: I7c1XyygN0ySGEWRoJRlbA-1
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 48AA7803F44;
        Fri, 29 Oct 2021 07:24:47 +0000 (UTC)
Received: from MiWiFi-R3L-srv.redhat.com (ovpn-12-171.pek2.redhat.com [10.72.12.171])
        by smtp.corp.redhat.com (Postfix) with ESMTP id C26945F707;
        Fri, 29 Oct 2021 07:24:42 +0000 (UTC)
From:   Baoquan He <bhe@redhat.com>
To:     linux-kernel@vger.kernel.org
Cc:     kexec@lists.infradead.org, dyoung@redhat.com,
        akpm@linux-foundation.org, Baoquan He <bhe@redhat.com>
Subject: [PATCH 1/3] x86/kexec: fix memory leak of elf header buffer
Date:   Fri, 29 Oct 2021 15:24:22 +0800
Message-Id: <20211029072424.9109-2-bhe@redhat.com>
In-Reply-To: <20211029072424.9109-1-bhe@redhat.com>
References: <20211029072424.9109-1-bhe@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

This is reported by kmemleak detector:

unreferenced object 0xffffc900002a9000 (size 4096):
  comm "kexec", pid 14950, jiffies 4295110793 (age 373.951s)
  hex dump (first 32 bytes):
    7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00  .ELF............
    04 00 3e 00 01 00 00 00 00 00 00 00 00 00 00 00  ..>.............
  backtrace:
    [<0000000016a8ef9f>] __vmalloc_node_range+0x101/0x170
    [<000000002b66b6c0>] __vmalloc_node+0xb4/0x160
    [<00000000ad40107d>] crash_prepare_elf64_headers+0x8e/0xcd0
    [<0000000019afff23>] crash_load_segments+0x260/0x470
    [<0000000019ebe95c>] bzImage64_load+0x814/0xad0
    [<0000000093e16b05>] arch_kexec_kernel_image_load+0x1be/0x2a0
    [<000000009ef2fc88>] kimage_file_alloc_init+0x2ec/0x5a0
    [<0000000038f5a97a>] __do_sys_kexec_file_load+0x28d/0x530
    [<0000000087c19992>] do_syscall_64+0x3b/0x90
    [<0000000066e063a4>] entry_SYSCALL_64_after_hwframe+0x44/0xae

In crash_prepare_elf64_headers(), a buffer is allocated via vmalloc() to
store elf headers. While it's not freed back to system correctly when
kdump kernel is reloaded or unloaded. Then memory leak is caused.

Fix it by introducing x86 specific function
arch_kimage_file_post_load_cleanup(), and freeing the buffer there.

Signed-off-by: Baoquan He <bhe@redhat.com>
---
 arch/x86/kernel/machine_kexec_64.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
index 131f30fdcfbd..fd8223fa2de5 100644
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
@@ -511,6 +511,15 @@ int arch_kexec_apply_relocations_add(struct purgatory_info *pi,
 	       (int)ELF64_R_TYPE(rel[i].r_info), value);
 	return -ENOEXEC;
 }
+
+int arch_kimage_file_post_load_cleanup(struct kimage *image)
+{
+	vfree(image->elf_headers);
+	image->elf_headers = NULL;
+	image->elf_headers_sz = 0;
+
+	return kexec_image_post_load_cleanup_default(image);
+}
 #endif /* CONFIG_KEXEC_FILE */
 
 static int
-- 
2.17.2