* [PATCH v2] s390/sclp: Add check for get_zeroed_page()
@ 2025-02-18 2:52 Haoxiang Li
2025-02-21 15:11 ` Heiko Carstens
0 siblings, 1 reply; 3+ messages in thread
From: Haoxiang Li @ 2025-02-18 2:52 UTC (permalink / raw)
To: hca, gor, agordeev, borntraeger, svens, haoxiang_li2024,
schwidefsky
Cc: linux-s390, linux-kernel, stable
Add check for the return value of get_zeroed_page() in
sclp_console_init() to prevent null pointer dereference.
Furthermore, to solve the memory leak caused by the loop
allocation, add a free helper to do the free job.
Fixes: 4c8f4794b61e ("[S390] sclp console: convert from bootmem to slab")
Cc: stable@vger.kernel.org
Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>
---
Changes in v2:
- Add a free helper to solve the memory leak caused by loop allocation.
- Thanks Heiko! I realized that v1 patch overlooked a potential memory leak.
After consideration, I choose to do the full exercise. I noticed a similar
handling in [1], following that handling I submit this v2 patch. Thanks again!
Reference link:
[1]https://github.com/torvalds/linux/blob/master/drivers/s390/char/sclp_vt220.c#L699
---
drivers/s390/char/sclp_con.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/drivers/s390/char/sclp_con.c b/drivers/s390/char/sclp_con.c
index e5d947c763ea..c87b0c204718 100644
--- a/drivers/s390/char/sclp_con.c
+++ b/drivers/s390/char/sclp_con.c
@@ -263,6 +263,19 @@ static struct console sclp_console =
.index = 0 /* ttyS0 */
};
+/*
+ * Release allocated pages.
+ */
+static void __init __sclp_console_free_pages(void)
+{
+ struct list_head *page, *p;
+
+ list_for_each_safe(page, p, &sclp_con_pages) {
+ list_del(page);
+ free_page((unsigned long) page);
+ }
+}
+
/*
* called by console_init() in drivers/char/tty_io.c at boot-time.
*/
@@ -282,6 +295,10 @@ sclp_console_init(void)
/* Allocate pages for output buffering */
for (i = 0; i < sclp_console_pages; i++) {
page = (void *) get_zeroed_page(GFP_KERNEL | GFP_DMA);
+ if (!page) {
+ __sclp_console_free_pages();
+ return -ENOMEM;
+ }
list_add_tail(page, &sclp_con_pages);
}
sclp_conbuf = NULL;
--
2.25.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v2] s390/sclp: Add check for get_zeroed_page()
2025-02-18 2:52 [PATCH v2] s390/sclp: Add check for get_zeroed_page() Haoxiang Li
@ 2025-02-21 15:11 ` Heiko Carstens
2025-02-21 22:53 ` Vasily Gorbik
0 siblings, 1 reply; 3+ messages in thread
From: Heiko Carstens @ 2025-02-21 15:11 UTC (permalink / raw)
To: Haoxiang Li
Cc: gor, agordeev, borntraeger, svens, schwidefsky, linux-s390,
linux-kernel, stable
On Tue, Feb 18, 2025 at 10:52:16AM +0800, Haoxiang Li wrote:
> Add check for the return value of get_zeroed_page() in
> sclp_console_init() to prevent null pointer dereference.
> Furthermore, to solve the memory leak caused by the loop
> allocation, add a free helper to do the free job.
>
> Fixes: 4c8f4794b61e ("[S390] sclp console: convert from bootmem to slab")
> Cc: stable@vger.kernel.org
> Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>
> ---
> Changes in v2:
> - Add a free helper to solve the memory leak caused by loop allocation.
> - Thanks Heiko! I realized that v1 patch overlooked a potential memory leak.
> After consideration, I choose to do the full exercise. I noticed a similar
> handling in [1], following that handling I submit this v2 patch. Thanks again!
>
> Reference link:
> [1]https://github.com/torvalds/linux/blob/master/drivers/s390/char/sclp_vt220.c#L699
> ---
> drivers/s390/char/sclp_con.c | 17 +++++++++++++++++
> 1 file changed, 17 insertions(+)
Ok, but this should come without Fixes and Cc stable, since in real life this
code will never be executed. It is just to make the code look saner, and to
avoid that more people look into this in the future.
Acked-by: Heiko Carstens <hca@linux.ibm.com>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH v2] s390/sclp: Add check for get_zeroed_page()
2025-02-21 15:11 ` Heiko Carstens
@ 2025-02-21 22:53 ` Vasily Gorbik
0 siblings, 0 replies; 3+ messages in thread
From: Vasily Gorbik @ 2025-02-21 22:53 UTC (permalink / raw)
To: Heiko Carstens
Cc: Haoxiang Li, agordeev, borntraeger, svens, schwidefsky,
linux-s390, linux-kernel, stable
On Fri, Feb 21, 2025 at 04:11:57PM +0100, Heiko Carstens wrote:
> On Tue, Feb 18, 2025 at 10:52:16AM +0800, Haoxiang Li wrote:
> > Add check for the return value of get_zeroed_page() in
> > sclp_console_init() to prevent null pointer dereference.
> > Furthermore, to solve the memory leak caused by the loop
> > allocation, add a free helper to do the free job.
> >
> > Fixes: 4c8f4794b61e ("[S390] sclp console: convert from bootmem to slab")
> > Cc: stable@vger.kernel.org
> > Signed-off-by: Haoxiang Li <haoxiang_li2024@163.com>
> > ---
> > Changes in v2:
> > - Add a free helper to solve the memory leak caused by loop allocation.
> > - Thanks Heiko! I realized that v1 patch overlooked a potential memory leak.
> > After consideration, I choose to do the full exercise. I noticed a similar
> > handling in [1], following that handling I submit this v2 patch. Thanks again!
> >
> > Reference link:
> > [1]https://github.com/torvalds/linux/blob/master/drivers/s390/char/sclp_vt220.c#L699
> > ---
> > drivers/s390/char/sclp_con.c | 17 +++++++++++++++++
> > 1 file changed, 17 insertions(+)
>
> Ok, but this should come without Fixes and Cc stable, since in real life this
> code will never be executed. It is just to make the code look saner, and to
> avoid that more people look into this in the future.
>
> Acked-by: Heiko Carstens <hca@linux.ibm.com>
Applied, thank you!
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-02-21 22:54 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-02-18 2:52 [PATCH v2] s390/sclp: Add check for get_zeroed_page() Haoxiang Li
2025-02-21 15:11 ` Heiko Carstens
2025-02-21 22:53 ` Vasily Gorbik
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox