Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp4108159iog; Tue, 28 Jun 2022 09:08:30 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tNdXSFxdw1wg9h+ud+YOx6nNZRm+HrgUj6eW5SgPTJGvjDX91FIofhZPfh6iLIen4Nh84V X-Received: by 2002:a17:90a:d98f:b0:1ec:943c:4fbe with SMTP id d15-20020a17090ad98f00b001ec943c4fbemr340813pjv.161.1656432510558; Tue, 28 Jun 2022 09:08:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1656432510; cv=none; d=google.com; s=arc-20160816; b=JxlPOcAJ9TbW2Bo3zI3q5tTDkpjweeKN+yQiBGouiFOoNrMzaBC8280Tg3UGduLZ6D 1Mu55ijwjyT5J7CJSt112wEtBGh6eMi9wCtmJv2rSIa4tEq3gWFsYxSk4wk/xhYXnw1j hCkAKuyYqkTiTX4WyXry22eXYYvmftoVC0/VDKnBxSfui9G4oXC07VhrJ3bC6TELnqxV +ML9mmw+B5RnWVbgPp2U9S8llpz2g/TOpjcG++g6n8A/bk2cQxkr9oOARfTOj4iChWEM J7H97x5WZA2DvVaS5UPGGbRLupcurUbytQjdxtTSWRgJA/Oj0Wv5BopjqDWxIbKD2pud 6icQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date:dkim-signature; bh=DakxM/+KiFO/D3po2I8kW227ufqvmzL2vNaM+Nshp8A=; b=iAMDyj4ppHrGq7I/NQ3Kg4/as4USt8QwI3vxEIYN60Lk7Oz77IOFnrS/O8Xx9FWRGw ypffYkGDntfpQHE2vVuwyqYFlXdS4HTYKde73iynvyjiowtMed8DXY96R1PhaxMVlLP6 NOCxnq3WQdtMpv59WjRtaC1DyvbMA3CgAk3oAylNBgIOuraxaJ/6+9lsD2HOR95CPO8G GH5rDdvkWxP/0VAVq8Q3N0AdGFV7AggomFq/+1Uo1YK877R2VJwqJP5/HCsZw3m7s7Yb 9oSKQUBtEbVaLVWCHzUbhOpK0hFN2MiFf9ltlL+7SJY60f9bDlVf+9mZogYkiCwT0IVj KozQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=GPd8kAa3; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s8-20020a632c08000000b0041169d36b3asi1045350pgs.331.2022.06.28.09.08.12; Tue, 28 Jun 2022 09:08:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=GPd8kAa3; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347622AbiF1PuV (ORCPT + 99 others); Tue, 28 Jun 2022 11:50:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59710 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347161AbiF1PuU (ORCPT ); Tue, 28 Jun 2022 11:50:20 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 05FD8237FE for ; Tue, 28 Jun 2022 08:50:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656431417; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DakxM/+KiFO/D3po2I8kW227ufqvmzL2vNaM+Nshp8A=; b=GPd8kAa3safcG/cbjKoqrOAKQ/XlXnFmn3V1JPyeqyw6JVSYhQthJ12mG//P3mJZh/Bl/B haREDhG7cWkrWB+XD1LIe4Zui+djXiNl05wDYqCW0GmQL44ealAmjmqrORjWrDRPIkbzN9 Tdp1d2ysZEAtbqx2tMxcMe2hnjqkCkw= Received: from mail-il1-f198.google.com (mail-il1-f198.google.com [209.85.166.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-421-KkZHI8BHNzWQDwMzg5Zc_A-1; Tue, 28 Jun 2022 11:50:15 -0400 X-MC-Unique: KkZHI8BHNzWQDwMzg5Zc_A-1 Received: by mail-il1-f198.google.com with SMTP id b11-20020a92340b000000b002d3dbbc7b15so7508704ila.5 for ; Tue, 28 Jun 2022 08:50:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to :references:organization:mime-version:content-transfer-encoding; bh=DakxM/+KiFO/D3po2I8kW227ufqvmzL2vNaM+Nshp8A=; b=x/v+Q3y6y6Z0KP2+34/0se9gy1jwfJeCVB6rS5yS+M2aMaxTuCijFn9R1iuzUQHlqT zZwQZD9hHBbOaX5w5CvBvWRCCluuqZuqtVdYMo67b67ZpPHv8gxNGTM3Am0ypl+un4B1 hE7WNe+blTWsn7rwBRDBA3/rOU8S+xnzIEaj+Zb3AagxmQrFBsqDMMVtqIUmMryIE2Ts FeQx806oeQ6elzVMvS8+BrZkkCAgUnJjsH3teh+HZkn8zjWaKca6pujm0AfcXMLEgTfn sMaMbsxytnL6+kRximE9HLYbl/+fCwsT6YZGhEg7NcySi760X279T7LzIzHpOQvvTUfM Xj9A== X-Gm-Message-State: AJIora8EQ7Nvu1fPRsbp58yRFYSN9tQ9erzsg89QxfpIb3/ULotVITg0 Al3F8tWPYavSbfkRp6VrhftGRtNOXQlhmKNb7a3sEO1m1P8u2O1csBaqWA2SOUOaPDGiJGsWoVp 8wWunLJcW5Sb4N+Ey9hrsyeyS X-Received: by 2002:a05:6e02:801:b0:2da:7df7:e7c3 with SMTP id u1-20020a056e02080100b002da7df7e7c3mr9657808ilm.105.1656431415121; Tue, 28 Jun 2022 08:50:15 -0700 (PDT) X-Received: by 2002:a05:6e02:801:b0:2da:7df7:e7c3 with SMTP id u1-20020a056e02080100b002da7df7e7c3mr9657799ilm.105.1656431414921; Tue, 28 Jun 2022 08:50:14 -0700 (PDT) Received: from redhat.com ([38.15.36.239]) by smtp.gmail.com with ESMTPSA id a14-20020a5d980e000000b006696754eef5sm6655206iol.13.2022.06.28.08.50.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 28 Jun 2022 08:50:14 -0700 (PDT) Date: Tue, 28 Jun 2022 09:50:13 -0600 From: Alex Williamson To: Schspa Shi Cc: cohuck@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2] vfio: Clear the caps->buf to NULL after free Message-ID: <20220628095013.266d4a40.alex.williamson@redhat.com> In-Reply-To: <20220628152429.286-1-schspa@gmail.com> References: <20220628152429.286-1-schspa@gmail.com> Organization: Red Hat MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-3.2 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 28 Jun 2022 23:24:29 +0800 Schspa Shi wrote: > API vfio_info_cap_add will free caps->buf, clear it to NULL after > free. Should this be something like: On buffer resize failure, vfio_info_cap_add() will free the buffer, report zero for the size, and return -ENOMEM. As additional hardening, also clear the buffer pointer to prevent any chance of a double free. Thanks, Alex > Signed-off-by: Schspa Shi > --- > drivers/vfio/vfio.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/drivers/vfio/vfio.c b/drivers/vfio/vfio.c > index 61e71c1154be..a0fb93866f61 100644 > --- a/drivers/vfio/vfio.c > +++ b/drivers/vfio/vfio.c > @@ -1812,6 +1812,7 @@ struct vfio_info_cap_header *vfio_info_cap_add(struct vfio_info_cap *caps, > buf = krealloc(caps->buf, caps->size + size, GFP_KERNEL); > if (!buf) { > kfree(caps->buf); > + caps->buf = NULL; > caps->size = 0; > return ERR_PTR(-ENOMEM); > }