Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp4108159iog;
        Tue, 28 Jun 2022 09:08:30 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1tNdXSFxdw1wg9h+ud+YOx6nNZRm+HrgUj6eW5SgPTJGvjDX91FIofhZPfh6iLIen4Nh84V
X-Received: by 2002:a17:90a:d98f:b0:1ec:943c:4fbe with SMTP id d15-20020a17090ad98f00b001ec943c4fbemr340813pjv.161.1656432510558;
        Tue, 28 Jun 2022 09:08:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1656432510; cv=none;
        d=google.com; s=arc-20160816;
        b=JxlPOcAJ9TbW2Bo3zI3q5tTDkpjweeKN+yQiBGouiFOoNrMzaBC8280Tg3UGduLZ6D
         1Mu55ijwjyT5J7CJSt112wEtBGh6eMi9wCtmJv2rSIa4tEq3gWFsYxSk4wk/xhYXnw1j
         hCkAKuyYqkTiTX4WyXry22eXYYvmftoVC0/VDKnBxSfui9G4oXC07VhrJ3bC6TELnqxV
         +ML9mmw+B5RnWVbgPp2U9S8llpz2g/TOpjcG++g6n8A/bk2cQxkr9oOARfTOj4iChWEM
         J7H97x5WZA2DvVaS5UPGGbRLupcurUbytQjdxtTSWRgJA/Oj0Wv5BopjqDWxIbKD2pud
         6icQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :organization:references:in-reply-to:message-id:subject:cc:to:from
         :date:dkim-signature;
        bh=DakxM/+KiFO/D3po2I8kW227ufqvmzL2vNaM+Nshp8A=;
        b=iAMDyj4ppHrGq7I/NQ3Kg4/as4USt8QwI3vxEIYN60Lk7Oz77IOFnrS/O8Xx9FWRGw
         ypffYkGDntfpQHE2vVuwyqYFlXdS4HTYKde73iynvyjiowtMed8DXY96R1PhaxMVlLP6
         NOCxnq3WQdtMpv59WjRtaC1DyvbMA3CgAk3oAylNBgIOuraxaJ/6+9lsD2HOR95CPO8G
         GH5rDdvkWxP/0VAVq8Q3N0AdGFV7AggomFq/+1Uo1YK877R2VJwqJP5/HCsZw3m7s7Yb
         9oSKQUBtEbVaLVWCHzUbhOpK0hFN2MiFf9ltlL+7SJY60f9bDlVf+9mZogYkiCwT0IVj
         KozQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=GPd8kAa3;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id s8-20020a632c08000000b0041169d36b3asi1045350pgs.331.2022.06.28.09.08.12;
        Tue, 28 Jun 2022 09:08:30 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=GPd8kAa3;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347622AbiF1PuV (ORCPT <rfc822;albert.barbe@gmail.com>
        + 99 others); Tue, 28 Jun 2022 11:50:21 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59710 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347161AbiF1PuU (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 28 Jun 2022 11:50:20 -0400
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTP id 05FD8237FE
        for <linux-kernel@vger.kernel.org>; Tue, 28 Jun 2022 08:50:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1656431417;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=DakxM/+KiFO/D3po2I8kW227ufqvmzL2vNaM+Nshp8A=;
        b=GPd8kAa3safcG/cbjKoqrOAKQ/XlXnFmn3V1JPyeqyw6JVSYhQthJ12mG//P3mJZh/Bl/B
        haREDhG7cWkrWB+XD1LIe4Zui+djXiNl05wDYqCW0GmQL44ealAmjmqrORjWrDRPIkbzN9
        Tdp1d2ysZEAtbqx2tMxcMe2hnjqkCkw=
Received: from mail-il1-f198.google.com (mail-il1-f198.google.com
 [209.85.166.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-421-KkZHI8BHNzWQDwMzg5Zc_A-1; Tue, 28 Jun 2022 11:50:15 -0400
X-MC-Unique: KkZHI8BHNzWQDwMzg5Zc_A-1
Received: by mail-il1-f198.google.com with SMTP id b11-20020a92340b000000b002d3dbbc7b15so7508704ila.5
        for <linux-kernel@vger.kernel.org>; Tue, 28 Jun 2022 08:50:15 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to
         :references:organization:mime-version:content-transfer-encoding;
        bh=DakxM/+KiFO/D3po2I8kW227ufqvmzL2vNaM+Nshp8A=;
        b=x/v+Q3y6y6Z0KP2+34/0se9gy1jwfJeCVB6rS5yS+M2aMaxTuCijFn9R1iuzUQHlqT
         zZwQZD9hHBbOaX5w5CvBvWRCCluuqZuqtVdYMo67b67ZpPHv8gxNGTM3Am0ypl+un4B1
         hE7WNe+blTWsn7rwBRDBA3/rOU8S+xnzIEaj+Zb3AagxmQrFBsqDMMVtqIUmMryIE2Ts
         FeQx806oeQ6elzVMvS8+BrZkkCAgUnJjsH3teh+HZkn8zjWaKca6pujm0AfcXMLEgTfn
         sMaMbsxytnL6+kRximE9HLYbl/+fCwsT6YZGhEg7NcySi760X279T7LzIzHpOQvvTUfM
         Xj9A==
X-Gm-Message-State: AJIora8EQ7Nvu1fPRsbp58yRFYSN9tQ9erzsg89QxfpIb3/ULotVITg0
        Al3F8tWPYavSbfkRp6VrhftGRtNOXQlhmKNb7a3sEO1m1P8u2O1csBaqWA2SOUOaPDGiJGsWoVp
        8wWunLJcW5Sb4N+Ey9hrsyeyS
X-Received: by 2002:a05:6e02:801:b0:2da:7df7:e7c3 with SMTP id u1-20020a056e02080100b002da7df7e7c3mr9657808ilm.105.1656431415121;
        Tue, 28 Jun 2022 08:50:15 -0700 (PDT)
X-Received: by 2002:a05:6e02:801:b0:2da:7df7:e7c3 with SMTP id u1-20020a056e02080100b002da7df7e7c3mr9657799ilm.105.1656431414921;
        Tue, 28 Jun 2022 08:50:14 -0700 (PDT)
Received: from redhat.com ([38.15.36.239])
        by smtp.gmail.com with ESMTPSA id a14-20020a5d980e000000b006696754eef5sm6655206iol.13.2022.06.28.08.50.14
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 28 Jun 2022 08:50:14 -0700 (PDT)
Date:   Tue, 28 Jun 2022 09:50:13 -0600
From:   Alex Williamson <alex.williamson@redhat.com>
To:     Schspa Shi <schspa@gmail.com>
Cc:     cohuck@redhat.com, kvm@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] vfio: Clear the caps->buf to NULL after free
Message-ID: <20220628095013.266d4a40.alex.williamson@redhat.com>
In-Reply-To: <20220628152429.286-1-schspa@gmail.com>
References: <20220628152429.286-1-schspa@gmail.com>
Organization: Red Hat
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-3.2 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW,
        SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 28 Jun 2022 23:24:29 +0800
Schspa Shi <schspa@gmail.com> wrote:

> API vfio_info_cap_add will free caps->buf, clear it to NULL after
> free.

Should this be something like:

    On buffer resize failure, vfio_info_cap_add() will free the buffer,
    report zero for the size, and return -ENOMEM.  As additional
    hardening, also clear the buffer pointer to prevent any chance of a
    double free.

Thanks,
Alex
 
> Signed-off-by: Schspa Shi <schspa@gmail.com>
> ---
>  drivers/vfio/vfio.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/drivers/vfio/vfio.c b/drivers/vfio/vfio.c
> index 61e71c1154be..a0fb93866f61 100644
> --- a/drivers/vfio/vfio.c
> +++ b/drivers/vfio/vfio.c
> @@ -1812,6 +1812,7 @@ struct vfio_info_cap_header *vfio_info_cap_add(struct vfio_info_cap *caps,
>  	buf = krealloc(caps->buf, caps->size + size, GFP_KERNEL);
>  	if (!buf) {
>  		kfree(caps->buf);
> +		caps->buf = NULL;
>  		caps->size = 0;
>  		return ERR_PTR(-ENOMEM);
>  	}