Re: [PATCH v2 1/5] ramoops: use persistent_ram_free() instead of kfree() for freeing prz

From: Kees Cook
Date: Thu Jul 28 2016 - 15:35:25 EST


On Sun, Jul 24, 2016 at 8:56 PM, Nobuhiro Iwamatsu
<nobuhiro.iwamatsu.kw@xxxxxxxxxxx> wrote:
> From: Hiraku Toyooka <hiraku.toyooka.gu@xxxxxxxxxxx>
>
> persistent_ram_zone(=prz) structures are allocated by persistent_ram_new(),
> which includes vmap() or ioremap(). But they are currently freed by
> kfree(). This uses persistent_ram_free() for correct this asymmetry usage.
>
> Signed-off-by: Hiraku Toyooka <hiraku.toyooka.gu@xxxxxxxxxxx>
> Signed-off-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.kw@xxxxxxxxxxx>
> Cc: Mark Salyzyn <salyzyn@xxxxxxxxxxx>
> Cc: Seiji Aguchi <seiji.aguchi.tr@xxxxxxxxxxx>

Oh, yes, oops. I may extract this patch and get it into v4.8, since
this is an explicit bug fix. Thanks!

-Kees

> ---
> fs/pstore/ram.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/fs/pstore/ram.c b/fs/pstore/ram.c
> index bd9812e..22416c0 100644
> --- a/fs/pstore/ram.c
> +++ b/fs/pstore/ram.c
> @@ -567,11 +567,11 @@ fail_buf:
> kfree(cxt->pstore.buf);
> fail_clear:
> cxt->pstore.bufsize = 0;
> - kfree(cxt->mprz);
> + persistent_ram_free(cxt->mprz);
> fail_init_mprz:
> - kfree(cxt->fprz);
> + persistent_ram_free(cxt->fprz);
> fail_init_fprz:
> - kfree(cxt->cprz);
> + persistent_ram_free(cxt->cprz);
> fail_init_cprz:
> ramoops_free_przs(cxt);
> fail_out:
> --
> 2.8.1
>
>



--
Kees Cook
Chrome OS & Brillo Security