* [PATCH] ia64:unwind: fix double free for mod->arch.init_unw_table
@ 2019-08-06 7:46 chenzefeng
2019-08-06 7:58 ` Greg KH
2019-08-06 17:23 ` Luck, Tony
0 siblings, 2 replies; 3+ messages in thread
From: chenzefeng @ 2019-08-06 7:46 UTC (permalink / raw)
To: tony.luck, fenghua.yu, chenzefeng2; +Cc: linux-ia64, linux-kernel, stable
The function free_module in file kernel/module.c as follow:
void free_module(struct module *mod) {
......
module_arch_cleanup(mod);
......
module_arch_freeing_init(mod);
......
}
Both module_arch_cleanup and module_arch_freeing_init function
would free the mod->arch.init_unw_table, which cause double free.
Here, set mod->arch.init_unw_table = NULL after remove the unwind
table to avoid double free.
Signed-off-by: chenzefeng <chenzefeng2@huawei.com>
---
arch/ia64/kernel/module.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/arch/ia64/kernel/module.c b/arch/ia64/kernel/module.c
index 326448f..1a42ba8 100644
--- a/arch/ia64/kernel/module.c
+++ b/arch/ia64/kernel/module.c
@@ -914,10 +914,14 @@ struct plt_entry {
void
module_arch_cleanup (struct module *mod)
{
- if (mod->arch.init_unw_table)
+ if (mod->arch.init_unw_table) {
unw_remove_unwind_table(mod->arch.init_unw_table);
- if (mod->arch.core_unw_table)
+ mod->arch.init_unw_table = NULL;
+ }
+ if (mod->arch.core_unw_table) {
unw_remove_unwind_table(mod->arch.core_unw_table);
+ mod->arch.core_unw_table = NULL;
+ }
}
void *dereference_module_function_descriptor(struct module *mod, void *ptr)
--
1.8.5.6
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] ia64:unwind: fix double free for mod->arch.init_unw_table
2019-08-06 7:46 [PATCH] ia64:unwind: fix double free for mod->arch.init_unw_table chenzefeng
@ 2019-08-06 7:58 ` Greg KH
2019-08-06 17:23 ` Luck, Tony
1 sibling, 0 replies; 3+ messages in thread
From: Greg KH @ 2019-08-06 7:58 UTC (permalink / raw)
To: chenzefeng; +Cc: tony.luck, fenghua.yu, linux-ia64, linux-kernel, stable
On Tue, Aug 06, 2019 at 03:46:33PM +0800, chenzefeng wrote:
> The function free_module in file kernel/module.c as follow:
>
> void free_module(struct module *mod) {
> ......
> module_arch_cleanup(mod);
> ......
> module_arch_freeing_init(mod);
> ......
> }
>
> Both module_arch_cleanup and module_arch_freeing_init function
> would free the mod->arch.init_unw_table, which cause double free.
>
> Here, set mod->arch.init_unw_table = NULL after remove the unwind
> table to avoid double free.
>
> Signed-off-by: chenzefeng <chenzefeng2@huawei.com>
> ---
> arch/ia64/kernel/module.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
<formletter>
This is not the correct way to submit patches for inclusion in the
stable kernel tree. Please read:
https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
for how to do this properly.
</formletter>
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: [PATCH] ia64:unwind: fix double free for mod->arch.init_unw_table
2019-08-06 7:46 [PATCH] ia64:unwind: fix double free for mod->arch.init_unw_table chenzefeng
2019-08-06 7:58 ` Greg KH
@ 2019-08-06 17:23 ` Luck, Tony
1 sibling, 0 replies; 3+ messages in thread
From: Luck, Tony @ 2019-08-06 17:23 UTC (permalink / raw)
To: chenzefeng, Yu, Fenghua; +Cc: linux-ia64, linux-kernel
> Here, set mod->arch.init_unw_table = NULL after remove the unwind
> table to avoid double free.
Applied. Thanks.
-Tony
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-08-06 17:31 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-06 7:46 [PATCH] ia64:unwind: fix double free for mod->arch.init_unw_table chenzefeng
2019-08-06 7:58 ` Greg KH
2019-08-06 17:23 ` Luck, Tony
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).