From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A757639022D for ; Fri, 3 Apr 2026 09:45:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775209523; cv=none; b=t5vlYXo1xWAu2h0d2F9P12wX3AwTmBgRO73mAl2uqHwBTgaJscJTrntVdTKAnAEsp9ShvD4lsL8WNbB1B9cniTS3Uxkf1Zhinl1bmEKrEHrlzy0UpqcafHruykgcwVWf4H4VEovRnfglgq038mD1hqo7EzagrsoN0LezDlt/6uo= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775209523; c=relaxed/simple; bh=rf4dDvWp3PU3Uif9HeZdC7SKlkhCZx6cxAvy4r5EGSY=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=Bvovr/BlccIMqpS4xS6j6tFxH+Xqn9FkdQC/VEVdBVTQTB0cIqQuPTvfJTaDTnw0G0b7IWaoiPcMyNJ+5iqG0QGdNLloqqNZ6HLJ7K6qwySn1W3BZQb34zT6vvVndYIGEWYyRCCpJ24sbNlqJSZDOd7dshfzDbNQ1FEjayMIKHU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=L26UcBJa; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b=fFosXsg/; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="L26UcBJa"; dkim=pass (2048-bit key) header.d=redhat.com header.i=@redhat.com header.b="fFosXsg/" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1775209519; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ZH9+LliZTB5HpO6CFpEOH4jpCgMrdVel5twiQSolHR0=; b=L26UcBJahTYdEPvtdGgDj+Nenz/AX9z6icHuHq18kVUqBfNJrtYr2XHbE6j03MR7lm9aGt Ld7FHAYG2HgbL5piDa8kDBXAmv3a7/C/KlEI6HEYHGyhPOthBQ8b4DQ9n35BJ8MjXpePFT l+9/kxODymFX8uIg+Nl7K1F7AoMM17U= Received: from mail-pg1-f198.google.com (mail-pg1-f198.google.com [209.85.215.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-308-0GGBUTtGMWiz8vMXxrMxYw-1; Fri, 03 Apr 2026 05:45:18 -0400 X-MC-Unique: 0GGBUTtGMWiz8vMXxrMxYw-1 X-Mimecast-MFC-AGG-ID: 0GGBUTtGMWiz8vMXxrMxYw_1775209517 Received: by mail-pg1-f198.google.com with SMTP id 41be03b00d2f7-c76ad3b732eso2537171a12.1 for ; Fri, 03 Apr 2026 02:45:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=google; t=1775209517; x=1775814317; darn=vger.kernel.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=ZH9+LliZTB5HpO6CFpEOH4jpCgMrdVel5twiQSolHR0=; b=fFosXsg/a38JkUqdV6xcQonp9NmOX8sDRiyKaaI4fgiZVqSA5NVy24V4QRubEBkSgu 1WylTp7gDURAkrHJ2UOKPWR/5cXDZNpPqyMehk7+LcRaUALkCjZuRn54g/TwhvPreb+R TGhTlReNdgsjQTR0GjQwDzZcKi3RHMt/QwDm+vjO761aFZaeZ8cmxcytrUqczZAS/tGD iv9WSpDHiC6uBQMq4401G8aRyizOaI87pZyKGV3+iC6fNX1xgaTsNQ4CqHSfMFPfDPb2 gTM1a/+moToWVzbSkE/uDlgg+j8RE1RDJE9NtbxAOnI4VElMtzhLA1A6lm1rRN8PW/9o Sb5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775209517; x=1775814317; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:x-gm-gg :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ZH9+LliZTB5HpO6CFpEOH4jpCgMrdVel5twiQSolHR0=; b=D2TBhfQ+b0JeY3bdvFggc2vz9ijc9oA7i+0RpqEWoNGjTOaRLTLNFgTxJuxX6RFpRn vXtmpCijNECZgVIZCJbNCM8tC72VrRNYkgUfxjBZ2CC7JeRhNQCTShqivPapR1kWYi6p 4xGZXIW7hWyJiYkQE4e8TflZWn22DvJ5bAV6eJG4U2+JYdj6Swa5ikYu+JjUocCvea9I njeSIwyOnptJ2J7YpPPK+ESrxHPJ3QFRhSICozv7EvuuAlAbEjD9WRa8re/bsAW/dXd6 2S6nNYfZDH2kXO19LZVfdDAyn0ZiyUGHxGYeZlVZyFSBdoLxbeE6WhNz195lUjBnoPk1 +wTw== X-Forwarded-Encrypted: i=1; AJvYcCUjRMABHRLjIYuJcpIkp9Wc715y8udPIkSAIXeRroupXUpccUJ9TCxK3X2vwjjN8al6Ca897d8txETLlBQ=@vger.kernel.org X-Gm-Message-State: AOJu0Yw4deYV/AyN+n1yeEHV1C5T/aLQf/oAbxZsGQMdYJWkv9R8XYrb ysJAC1FVJWI2PhtJQum4u+BipOEWKFH6SPL1cfO/aSdHF2PGA327s6Grl5vRuNl0AItm1z+Hnpi B96T5alprfNzARDq7HQhai0KgpHNzc4mjTlNXmjfZeFMHw/6TrMhAx70Z0i39u5asUw== X-Gm-Gg: AeBDies8hTCZTx8O5op30eYKLvurhuv25WUe5STeETtPDnDw/r/0K3/6I02k4eixPrG 04qtadVSNhqIDpGSPcE3iTj1hsybezHw2q6/h7rTpzNFdeuQ6KPCx7+4PsOLfyMzkZquuGLEPq7 GVSMeC1kqYMpm1WvlblQRRRC8zA95xFyk9VIjp44QGq9XEpMn9IrPcY4fo7BDjFHR/NJCEOidTT UZDs+TRCcf7ZhlgaHyL+XJZ8fA8pkAHYRyt3qMi8EqDl3TiE1ssFzYDi3vxV0RiObpRV4Tet1B5 EkMoqpYSzrLUXSo6RGyQEk7uEKg30OF/G1f9tRANfQwrkr4vC9RNpE2T9aJinfG9SbA8rcnlgBg nzIaWfvButdbx X-Received: by 2002:a05:6a00:3027:b0:81f:52d4:a5ec with SMTP id d2e1a72fcca58-82d0dba9c6fmr2625442b3a.43.1775209516623; Fri, 03 Apr 2026 02:45:16 -0700 (PDT) X-Received: by 2002:a05:6a00:3027:b0:81f:52d4:a5ec with SMTP id d2e1a72fcca58-82d0dba9c6fmr2625387b3a.43.1775209515832; Fri, 03 Apr 2026 02:45:15 -0700 (PDT) Received: from localhost ([209.132.188.88]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-82cf9c9cbf6sm5915263b3a.52.2026.04.03.02.45.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 03 Apr 2026 02:45:15 -0700 (PDT) Date: Fri, 3 Apr 2026 17:40:52 +0800 From: Coiby Xu To: Andrew Morton Cc: Sourabh Jain , kexec@lists.infradead.org, linux-arm-kernel@lists.infradead.org, linuxppc-dev@lists.ozlabs.org, devicetree@vger.kernel.org, Arnaud Lefebvre , Baoquan he , Dave Young , Kairui Song , Pingfan Liu , Krzysztof Kozlowski , Rob Herring , Thomas Staudt , Will Deacon , "Christophe Leroy (CS GROUP)" , Catalin Marinas , Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , Saravana Kannan , open list Subject: Re: [PATCH v5 3/3] arm64,ppc64le/kdump: pass dm-crypt keys to kdump kernel Message-ID: References: <20260225060347.718905-1-coxu@redhat.com> <20260225060347.718905-4-coxu@redhat.com> <51761fcf-955f-45e2-97a5-2b49d8e79d04@linux.ibm.com> <20260402233118.08ea88a6836bd10f01031cce@linux-foundation.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20260402233118.08ea88a6836bd10f01031cce@linux-foundation.org> On Thu, Apr 02, 2026 at 11:31:18PM -0700, Andrew Morton wrote: >On Thu, 2 Apr 2026 16:24:14 +0530 Sourabh Jain wrote: > >> But while reading crash_load_dm_crypt_keys() I noticed a possibility of a >> double free at the address pointed by `keys_header`: >> >> In crash_load_dm_crypt_keys()/crash_dump_dm_crypt.c >>     snip... >> >>     kbuf.buffer = keys_header; >> >>     snip.... >> >>     r = kexec_add_buffer(&kbuf); >>     if (r) { >>         pr_err("Failed to call kexec_add_buffer, ret=%d\n", r); >>         kvfree((void *)kbuf.buffer);                           <--- >> First Free >>         return r; >>     } >> >> Since `keys_header` is not reset, the next call to build_keys_header() >> will cause a double free at `keys_header`. >> >> static int build_keys_header(void) >> { >> >>     snip... >> >>     if (keys_header != NULL) >>         kvfree(keys_header); >> >>     snip... >> } >> >> What do you think? > >It looks that way to me. Thanks for confirming it! I'll send a patch after finishing the testing. -- Best regards, Coiby