Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp1027428rwb; Sun, 6 Nov 2022 18:06:40 -0800 (PST) X-Google-Smtp-Source: AMsMyM5rdpPR7mXdnLTC+w4rzRbwpHyZfpEnkRn8he7SDrqZdYCgOEDgOLwX4Lt4HOOeux8voHfZ X-Received: by 2002:aa7:db01:0:b0:461:4dc9:74e with SMTP id t1-20020aa7db01000000b004614dc9074emr48203703eds.139.1667786800295; Sun, 06 Nov 2022 18:06:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1667786800; cv=none; d=google.com; s=arc-20160816; b=bmYEJnROBL4mhkrbXtpFCQzRWECbO4hQdm9DtrdjSUJek+ljjJDErnYFzm2ES089K4 YAc9zE5xYT419ZHnpkqujz44eq7smbfyqA5LkrN/Af7kDV2YZYu9H8rI4780lSZRDbnO kUDxAA/zsDPgPXqrbKs6ycG7MvvTVMi4OHYy31gLYv4Qj0YeVK1742TpxwBsSC9HaP4F MFuXLMHvGG1flD1dVBL3IXRl0i/LYhVOOyVrnEH0sffotBzuqay3dMmnGDhbiX7Gs4pw O0f1Wi73yk1oAERNdYHA9yyOxmTVddiNFOZWmHvzgX2ZtvSj5/Q96GORStiHee9Kht2s xMhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:subject:user-agent:mime-version:date:message-id; bh=OMEMyULoni18nuDJz3fMGLoRGwLWJ7U++GCuluuM9hY=; b=U1jOxBJ3d6WKh6nnVERAfATiT80HPyU8CuuS+h29vUbwNV9OiCb3hVBJKc+YjB/Sq2 Bg7bUEpSvHFYHcPMVPtick0LI6EeNgU15H17OqN9rNUNWacONcQgvGGkXVLSoqZ0duUe oBZSIIVn9bUbcmkNBKwIDXtrQ6gN91g2Sg2+ot+k3r1uhloUtBA1y3c2Ff789zcgRrmF QIW7g03NNocVtDrgrCsaecS53ylX2CreY03M76UtPZOAReUeKKj6c5eO1QCf/h7QcSZX kG5T1JZ7KYCF109tD/zWPSEbYtnCdkmSjrTx9HjgSSf7QAQgveXLD4COu07QvQSDDoO+ haXw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i23-20020a056402055700b00461c3758704si7359098edx.36.2022.11.06.18.06.17; Sun, 06 Nov 2022 18:06:40 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230209AbiKGBaP (ORCPT + 95 others); Sun, 6 Nov 2022 20:30:15 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39436 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229876AbiKGBaM (ORCPT ); Sun, 6 Nov 2022 20:30:12 -0500 Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [45.249.212.187]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 004672BC5 for ; Sun, 6 Nov 2022 17:30:11 -0800 (PST) Received: from kwepemi500012.china.huawei.com (unknown [172.30.72.54]) by szxga01-in.huawei.com (SkyGuard) with ESMTP id 4N5D8m0dV2zpSsn; Mon, 7 Nov 2022 09:26:32 +0800 (CST) Received: from [10.67.110.108] (10.67.110.108) by kwepemi500012.china.huawei.com (7.221.188.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 7 Nov 2022 09:30:09 +0800 Message-ID: <3b34d898-4690-c774-e92f-69796f9f5d37@huawei.com> Date: Mon, 7 Nov 2022 09:30:08 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.4.0 Subject: Re: [PATCH 1/2] RISC-V: kexec: Fix memory leak of fdt buffer To: Li Huafei , , , , , , CC: , , References: <20221104095658.141222-1-lihuafei1@huawei.com> From: "liaochang (A)" In-Reply-To: <20221104095658.141222-1-lihuafei1@huawei.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-Originating-IP: [10.67.110.108] X-ClientProxiedBy: dggems703-chm.china.huawei.com (10.3.19.180) To kwepemi500012.china.huawei.com (7.221.188.12) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 在 2022/11/4 17:56, Li Huafei 写道: > This is reported by kmemleak detector: > > unreferenced object 0xff60000082864000 (size 9588): > comm "kexec", pid 146, jiffies 4294900634 (age 64.788s) > hex dump (first 32 bytes): > d0 0d fe ed 00 00 12 ed 00 00 00 48 00 00 11 40 ...........H...@ > 00 00 00 28 00 00 00 11 00 00 00 02 00 00 00 00 ...(............ > backtrace: > [<00000000f95b17c4>] kmemleak_alloc+0x34/0x3e > [<00000000b9ec8e3e>] kmalloc_order+0x9c/0xc4 > [<00000000a95cf02e>] kmalloc_order_trace+0x34/0xb6 > [<00000000f01e68b4>] __kmalloc+0x5c2/0x62a > [<000000002bd497b2>] kvmalloc_node+0x66/0xd6 > [<00000000906542fa>] of_kexec_alloc_and_setup_fdt+0xa6/0x6ea > [<00000000e1166bde>] elf_kexec_load+0x206/0x4ec > [<0000000036548e09>] kexec_image_load_default+0x40/0x4c > [<0000000079fbe1b4>] sys_kexec_file_load+0x1c4/0x322 > [<0000000040c62c03>] ret_from_syscall+0x0/0x2 > > In elf_kexec_load(), a buffer is allocated via kvmalloc() to store fdt. > While it's not freed back to system when kexec kernel is reloaded or > unloaded. Then memory leak is caused. Fix it by introducing riscv > specific function arch_kimage_file_post_load_cleanup(), and freeing the > buffer there. > > Fixes: 6261586e0c91 ("RISC-V: Add kexec_file support") > Signed-off-by: Li Huafei > --- > arch/riscv/include/asm/kexec.h | 5 +++++ > arch/riscv/kernel/elf_kexec.c | 10 ++++++++++ > 2 files changed, 15 insertions(+) > > diff --git a/arch/riscv/include/asm/kexec.h b/arch/riscv/include/asm/kexec.h > index eee260e8ab30..2b56769cb530 100644 > --- a/arch/riscv/include/asm/kexec.h > +++ b/arch/riscv/include/asm/kexec.h > @@ -39,6 +39,7 @@ crash_setup_regs(struct pt_regs *newregs, > #define ARCH_HAS_KIMAGE_ARCH > > struct kimage_arch { > + void *fdt; /* For CONFIG_KEXEC_FILE */ > unsigned long fdt_addr; > }; > > @@ -62,6 +63,10 @@ int arch_kexec_apply_relocations_add(struct purgatory_info *pi, > const Elf_Shdr *relsec, > const Elf_Shdr *symtab); > #define arch_kexec_apply_relocations_add arch_kexec_apply_relocations_add > + > +struct kimage; > +int arch_kimage_file_post_load_cleanup(struct kimage *image); > +#define arch_kimage_file_post_load_cleanup arch_kimage_file_post_load_cleanup > #endif > > #endif > diff --git a/arch/riscv/kernel/elf_kexec.c b/arch/riscv/kernel/elf_kexec.c > index 0cb94992c15b..ff30fcb43f47 100644 > --- a/arch/riscv/kernel/elf_kexec.c > +++ b/arch/riscv/kernel/elf_kexec.c > @@ -21,6 +21,14 @@ > #include > #include > > +int arch_kimage_file_post_load_cleanup(struct kimage *image) > +{ > + kvfree(image->arch.fdt); > + image->arch.fdt = NULL; > + > + return kexec_image_post_load_cleanup_default(image); > +} Good catch,LGTM Reviewed-by: Liao Chang > + > static int riscv_kexec_elf_load(struct kimage *image, struct elfhdr *ehdr, > struct kexec_elf_info *elf_info, unsigned long old_pbase, > unsigned long new_pbase) > @@ -298,6 +306,8 @@ static void *elf_kexec_load(struct kimage *image, char *kernel_buf, > pr_err("Error add DTB kbuf ret=%d\n", ret); > goto out_free_fdt; > } > + /* Cache the fdt buffer address for memory cleanup */ > + image->arch.fdt = fdt; > pr_notice("Loaded device tree at 0x%lx\n", kbuf.mem); > goto out; > -- BR, Liao, Chang