Re: [PATCH] module: fix memory leak on early load_module() failures

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Rusty Russell <rusty@rustcorp.com.au>
To: "Luis R. Rodriguez" <mcgrof@kernel.org>, jeyu@redhat.com
Cc: mbenes@suse.cz, atomlin@redhat.com, pmladek@suse.com,
	hare@suse.com, akpm@linux-foundation.org,
	linux-kernel@vger.kernel.org,
	"Luis R. Rodriguez" <mcgrof@kernel.org>,
	"stable # v2 . 6 . 30" <stable@vger.kernel.org>
Subject: Re: [PATCH] module: fix memory leak on early load_module() failures
Date: Sat, 11 Feb 2017 19:28:58 +1030	[thread overview]
Message-ID: <874m01rtm5.fsf@rustcorp.com.au> (raw)
In-Reply-To: <20170210220622.5220-1-mcgrof@kernel.org>

"Luis R. Rodriguez" <mcgrof@kernel.org> writes:
> While looking for early possible module loading failures I was
> able to reproduce a memory leak possible with kmemleak. There
> are a few rare ways to trigger a failure:
>
>   o we've run into a failure while processing kernel parameters
>     (parse_args() returns an error)
>   o mod_sysfs_setup() fails
>   o we're a live patch module and copy_module_elf() fails
>
> Chances of running into this issue is really low.

Good catch!

Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>

Cheers,
Rusty.

>
> kmemleak splat:
>
> unreferenced object 0xffff9f2c4ada1b00 (size 32):
>   comm "kworker/u16:4", pid 82, jiffies 4294897636 (age 681.816s)
>   hex dump (first 32 bytes):
>     6d 65 6d 73 74 69 63 6b 30 00 00 00 00 00 00 00  memstick0.......
>     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>   backtrace:
>     [<ffffffff8c6cfeba>] kmemleak_alloc+0x4a/0xa0
>     [<ffffffff8c200046>] __kmalloc_track_caller+0x126/0x230
>     [<ffffffff8c1bc581>] kstrdup+0x31/0x60
>     [<ffffffff8c1bc5d4>] kstrdup_const+0x24/0x30
>     [<ffffffff8c3c23aa>] kvasprintf_const+0x7a/0x90
>     [<ffffffff8c3b5481>] kobject_set_name_vargs+0x21/0x90
>     [<ffffffff8c4fbdd7>] dev_set_name+0x47/0x50
>     [<ffffffffc07819e5>] memstick_check+0x95/0x33c [memstick]
>     [<ffffffff8c09c893>] process_one_work+0x1f3/0x4b0
>     [<ffffffff8c09cb98>] worker_thread+0x48/0x4e0
>     [<ffffffff8c0a2b79>] kthread+0xc9/0xe0
>     [<ffffffff8c6dab5f>] ret_from_fork+0x1f/0x40
>     [<ffffffffffffffff>] 0xffffffffffffffff
>
> Cc: stable <stable@vger.kernel.org> # v2.6.30
> Fixes: e180a6b7759a ("param: fix charp parameters set via sysfs")
> Reviewed-by: Miroslav Benes <mbenes@suse.cz>
> Reviewed-by: Aaron Tomlin <atomlin@redhat.com>
> Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org>
> ---
>  kernel/module.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/kernel/module.c b/kernel/module.c
> index 38d4270925d4..8409a82424d2 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -3722,6 +3722,7 @@ static int load_module(struct load_info *info, const char __user *uargs,
>  	mod_sysfs_teardown(mod);
>   coming_cleanup:
>  	mod->state = MODULE_STATE_GOING;
> +	destroy_params(mod->kp, mod->num_kp);
>  	blocking_notifier_call_chain(&module_notify_list,
>  				     MODULE_STATE_GOING, mod);
>  	klp_module_going(mod);
> -- 
> 2.10.2

next prev parent reply	other threads:[~2017-02-11  9:09 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-02-10 22:06 [PATCH] module: fix memory leak on early load_module() failures Luis R. Rodriguez
2017-02-11  8:58 ` Rusty Russell [this message]
2017-02-13 18:33 ` Jessica Yu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=874m01rtm5.fsf@rustcorp.com.au \
    --to=rusty@rustcorp.com.au \
    --cc=akpm@linux-foundation.org \
    --cc=atomlin@redhat.com \
    --cc=hare@suse.com \
    --cc=jeyu@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mbenes@suse.cz \
    --cc=mcgrof@kernel.org \
    --cc=pmladek@suse.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.