From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-efi-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,
	INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 1420EC5519F
	for <linux-efi@archiver.kernel.org>; Wed, 25 Nov 2020 08:05:07 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 6CAB720872
	for <linux-efi@archiver.kernel.org>; Wed, 25 Nov 2020 08:05:06 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=natalenko.name header.i=@natalenko.name header.b="vM8tr4dL"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726463AbgKYIFG (ORCPT <rfc822;linux-efi@archiver.kernel.org>);
        Wed, 25 Nov 2020 03:05:06 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36676 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726317AbgKYIFF (ORCPT
        <rfc822;linux-efi@vger.kernel.org>); Wed, 25 Nov 2020 03:05:05 -0500
X-Greylist: delayed 38431 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Wed, 25 Nov 2020 00:05:05 PST
Received: from vulcan.natalenko.name (vulcan.natalenko.name [IPv6:2001:19f0:6c00:8846:5400:ff:fe0c:dfa0])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7100EC0613D4
        for <linux-efi@vger.kernel.org>; Wed, 25 Nov 2020 00:05:05 -0800 (PST)
Received: from mail.natalenko.name (vulcan.natalenko.name [IPv6:fe80::5400:ff:fe0c:dfa0])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
        (No client certificate requested)
        by vulcan.natalenko.name (Postfix) with ESMTPSA id 2ECA08AB47A;
        Wed, 25 Nov 2020 09:05:02 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=natalenko.name;
        s=dkim-20170712; t=1606291502;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=zvcW9HZaeh1OandD5GIG39Q2Ayk1GgjH3J6qCgDWOJw=;
        b=vM8tr4dL6fv0m7XBgouKQNyYgrzoVJ+S3IiBMJqx9qJ/88tpWX0ZzHYs7Tfw7b4kXYPp+C
        R4pNvyP6feDj6a47yQUFhOLwZx5G+RjzwiRwjkk8xVX6fN8TahOlxEVJDi2OCY7yJWQBNb
        LWuWNT01K4XkzrXOCr3RXVlWn1XkD5o=
MIME-Version: 1.0
Date:   Wed, 25 Nov 2020 09:05:02 +0100
From:   Oleksandr Natalenko <oleksandr@natalenko.name>
To:     Ard Biesheuvel <ardb@kernel.org>
Cc:     linux-efi@vger.kernel.org, jk@ozlabs.org, mjg59@google.com,
        David.Laight@aculab.com,
        Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@gmail.com>,
        stable@vger.kernel.org,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: Re: [PATCH] efivarfs: revert "fix memory leak in efivarfs_create()"
In-Reply-To: <20201125075303.3963-1-ardb@kernel.org>
References: <20201125075303.3963-1-ardb@kernel.org>
User-Agent: Roundcube Webmail/1.4.9
Message-ID: <97016e69314d90aef859ae6d98e4bb9c@natalenko.name>
X-Sender: oleksandr@natalenko.name
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-ID: <linux-efi.vger.kernel.org>
X-Mailing-List: linux-efi@vger.kernel.org

Hello.

On 25.11.2020 08:53, Ard Biesheuvel wrote:
> The memory leak addressed by commit fe5186cf12e3 is a false positive:
> all allocations are recorded in a linked list, and freed when the
> filesystem is unmounted. This leads to double frees, and as reported
> by David, leads to crashes if SLUB is configured to self destruct when
> double frees occur.
> 
> So drop the redundant kfree() again, and instead, mark the offending
> pointer variable so the allocation is ignored by kmemleak.
> 
> Cc: Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@gmail.com>

Should also have:

Cc: <stable@vger.kernel.org> # v5.9

> Fixes: fe5186cf12e3 ("efivarfs: fix memory leak in efivarfs_create()")
> Reported-by: David Laight <David.Laight@aculab.com>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
>  fs/efivarfs/inode.c | 1 +
>  fs/efivarfs/super.c | 1 -
>  2 files changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/efivarfs/inode.c b/fs/efivarfs/inode.c
> index 96c0c86f3fff..38324427a2b3 100644
> --- a/fs/efivarfs/inode.c
> +++ b/fs/efivarfs/inode.c
> @@ -103,6 +103,7 @@ static int efivarfs_create(struct inode *dir,
> struct dentry *dentry,
>  	var->var.VariableName[i] = '\0';
> 
>  	inode->i_private = var;
> +	kmemleak_ignore(var);
> 
>  	err = efivar_entry_add(var, &efivarfs_list);
>  	if (err)
> diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c
> index f943fd0b0699..15880a68faad 100644
> --- a/fs/efivarfs/super.c
> +++ b/fs/efivarfs/super.c
> @@ -21,7 +21,6 @@ LIST_HEAD(efivarfs_list);
>  static void efivarfs_evict_inode(struct inode *inode)
>  {
>  	clear_inode(inode);
> -	kfree(inode->i_private);
>  }
> 
>  static const struct super_operations efivarfs_ops = {

-- 
   Oleksandr Natalenko (post-factum)