Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp983214pxp; Wed, 16 Mar 2022 23:26:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxD3qjB0uigY+T6c5bQCT3nuSe8knenVJpP0hKq0f9Z+qqOv4MjA/gdK8jXOed8g51K6FVr X-Received: by 2002:a63:c110:0:b0:380:7412:3955 with SMTP id w16-20020a63c110000000b0038074123955mr2476700pgf.55.1647498402258; Wed, 16 Mar 2022 23:26:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1647498402; cv=none; d=google.com; s=arc-20160816; b=b7ndT1w9Pdc0rXHcF2Ob2B5p9JPKTTEGANqj+k4VRjq+mG4t6cRxZYNvkJZnXWwgEz QDGgvSETWEE0zRc9suYkBDOgRj2qypuIbRs85Q/gJK6vgEmDC7XCfRJOdDaA9+Bv1EHd YfeMqQpbn/LLhbAXs+J8aQq8h1IwqrQcx31RxKpXJ5OG/dLe1QO45BSjcWxZzc9cLDLQ W1uLvuW9/iA1QKcPtZHTfOhwQ7G0DmxyHFmFAtu0hhzeXctoBBZnG6pe+ibq9hJp1uLp GKkmZW9l430TiZJgEkz5O2FNVbBAWqOL+2ZbyeBBSNIxHvitXya6ZEFDOsGOqroUZUBy MzSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=sD6Evvt413aW7EC+yE73RQslFqn+KLsEJuMxymm1Z5Y=; b=hU/s2tqK3bdFiVGluUgcWlJ1TSWwIOpyEizJ9pbpC8ZLWTtaDZoHr/CVrfE2kiA3fo HIqdrg2TP+NLkIDt8+c4RbAkgCfboQ6Mo2sn6oIItxJ+MOJ12gYqPfZsZ1iM8pZJv/y/ LvrqJt/s5BpDM1zhgDAtRRn8WrehQ/HzkzsGdVnLZ7zOHSq2bTssEZiuJgbuI+yJECCh cXBxKPDFDwEJ2hEpLYMGhuRpy1wTyia2Z70dSLK/QPqIogAkxlwbnjHa8LS70NntxYtL aYi05lAa7EmAYkX+odzjdiPa6JM58nm2Wu7jFSKD2QaYRUeZLdFheDhbpXbUb1RzWuCQ a/gQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=lbgYwm1J; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id k9-20020a17090a62c900b001bf364a8dc8si1484304pjs.13.2022.03.16.23.26.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Mar 2022 23:26:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=lbgYwm1J; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id CBD92289583; Wed, 16 Mar 2022 22:12:29 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345671AbiCOIFY (ORCPT + 99 others); Tue, 15 Mar 2022 04:05:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54868 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229500AbiCOIFX (ORCPT ); Tue, 15 Mar 2022 04:05:23 -0400 Received: from mail-yb1-xb2e.google.com (mail-yb1-xb2e.google.com [IPv6:2607:f8b0:4864:20::b2e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 68EE436153 for ; Tue, 15 Mar 2022 01:04:11 -0700 (PDT) Received: by mail-yb1-xb2e.google.com with SMTP id j2so35859375ybu.0 for ; Tue, 15 Mar 2022 01:04:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=sD6Evvt413aW7EC+yE73RQslFqn+KLsEJuMxymm1Z5Y=; b=lbgYwm1J3dzPB+Mm9vFE1RZvYUlB/QzsWhDPdMhrpe7tv0gszPoAUQ/2Ow50+wg3Gu rTKBGtWPHpbEvU03dwwJZEGuXbRHb1fLkyMw0uNtkFDXeGJKmbPV0sSR3MWkNJsGmSqH yfE4ngOiNG9Hi6MN1HYuJVM0a5Aj5nibrU83XJh0RSc6OVEO2/nX3QlbySpp0Ho4nhnG Bf3fm4QNKkS3BzAtg0E06i+wqhjuPfuCbo917Y98SV4f+3Fy2UWhavoEAKs07QJvbiCb JF1xYNRFe16WB3wm6xHMR16qhQtJkOdwyNjjiuifNf3ExhRW6ZFBSSIkadbJec3MkAds W59A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=sD6Evvt413aW7EC+yE73RQslFqn+KLsEJuMxymm1Z5Y=; b=hJ5abbKhuTCvaNcBdGLooarulA/Ou/yNj0XdxNxdmqr6I2fULY+yjCm0NHw4hhTlPW ePpRH/B4LYgqOufrKx/R+jBA9Kyw4dRurkPa4Z0WgVEEZFFM8N4NvbNklBhl3zjA0RS9 VRpBb1oE/98eOBDP2Pa0NZkqUOTKiVxdS10ldBtk+oTd86Ft7jQ1g5ml0lSHFGCb7hz+ jqKMiTgk2gxS9ESjRIu5vx58CZwtZh6nPP6nJDFlnCkx6SAH5oNFNQgbTv/58wqpe+Wo S4FAlOd+aa47BXYjAfNf/58wO1Tfh7EvePSvFXZPMy7qh+A0e7RGV5vsPJHog2sStbuP pCDQ== X-Gm-Message-State: AOAM531t4Xwoh9q3/wZ5eJVmAlGZXyBZ1Aa2rGjDVw7yYjkTiimFup00 gYwR2KXDMbieBa3NHN4QFSN1I06X99bWTM6xUvw= X-Received: by 2002:a25:af83:0:b0:633:73fb:ff57 with SMTP id g3-20020a25af83000000b0063373fbff57mr2275237ybh.46.1647331450663; Tue, 15 Mar 2022 01:04:10 -0700 (PDT) MIME-Version: 1.0 References: <20220308092047.1008409-1-butterflyhuangxx@gmail.com> In-Reply-To: From: butt3rflyh4ck Date: Tue, 15 Mar 2022 16:04:01 +0800 Message-ID: Subject: Re: [PATCH] virt: acrn: fix a memory leak in acrn_dev_ioctl() To: Greg KH Cc: Li Fei1 , LKML Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE, SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Mar 8, 2022 at 5:56 PM Greg KH wrote: > > On Tue, Mar 08, 2022 at 05:20:47PM +0800, Xiaolong Huang wrote: > > The vm_param and cpu_regs need to be freed via kfree() > > before return -EINVAL error. > > > > Fixes: 9c5137aedd11 ("virt: acrn: Introduce VM management interfaces") > > Fixes: 2ad2aaee1bc9 ("virt: acrn: Introduce an ioctl to set vCPU registers state") > > Signed-off-by: Xiaolong Huang > > Signed-off-by: Fei Li > > --- > > drivers/virt/acrn/hsm.c | 20 +++++++++++++++----- > > 1 file changed, 15 insertions(+), 5 deletions(-) > > > > diff --git a/drivers/virt/acrn/hsm.c b/drivers/virt/acrn/hsm.c > > index 5419794fccf1..423ea888d79a 100644 > > --- a/drivers/virt/acrn/hsm.c > > +++ b/drivers/virt/acrn/hsm.c > > @@ -136,8 +136,10 @@ static long acrn_dev_ioctl(struct file *filp, unsigned int cmd, > > if (IS_ERR(vm_param)) > > return PTR_ERR(vm_param); > > > > - if ((vm_param->reserved0 | vm_param->reserved1) != 0) > > + if ((vm_param->reserved0 | vm_param->reserved1) != 0) { > > + kfree(vm_param); > > return -EINVAL; > > + } > > > > vm = acrn_vm_create(vm, vm_param); > > if (!vm) { > > @@ -182,21 +184,29 @@ static long acrn_dev_ioctl(struct file *filp, unsigned int cmd, > > return PTR_ERR(cpu_regs); > > > > for (i = 0; i < ARRAY_SIZE(cpu_regs->reserved); i++) > > - if (cpu_regs->reserved[i]) > > + if (cpu_regs->reserved[i]) { > > + kfree(cpu_regs); > > return -EINVAL; > > + } > > > > for (i = 0; i < ARRAY_SIZE(cpu_regs->vcpu_regs.reserved_32); i++) > > - if (cpu_regs->vcpu_regs.reserved_32[i]) > > + if (cpu_regs->vcpu_regs.reserved_32[i]) { > > + kfree(cpu_regs); > > return -EINVAL; > > + } > > > > for (i = 0; i < ARRAY_SIZE(cpu_regs->vcpu_regs.reserved_64); i++) > > - if (cpu_regs->vcpu_regs.reserved_64[i]) > > + if (cpu_regs->vcpu_regs.reserved_64[i]) { > > + kfree(cpu_regs); > > return -EINVAL; > > + } > > > > for (i = 0; i < ARRAY_SIZE(cpu_regs->vcpu_regs.gdt.reserved); i++) > > if (cpu_regs->vcpu_regs.gdt.reserved[i] | > > - cpu_regs->vcpu_regs.idt.reserved[i]) > > + cpu_regs->vcpu_regs.idt.reserved[i]) { > > + kfree(cpu_regs); > > return -EINVAL; > > + } > > > > ret = hcall_set_vcpu_regs(vm->vmid, virt_to_phys(cpu_regs)); > > if (ret < 0) > > > > base-commit: 5859a2b1991101d6b978f3feb5325dad39421f29 > > -- > > 2.25.1 > > > > How did you test this? Ok, thanks. Firstly there is just some parameter that should be freed before func returns the -EINVAL error in the patch. I think it was correct, no need to test it. And secondly the commitor Li Fei1 also reviewed the patch code. finally I am sorry that no arcn hso hardware to test it. Regards, butt3rflyh4ck. -- Active Defense Lab of Venustech