From: Hugh Dickins <hughd@google.com>
To: cgxu <cgxu519@mykernel.net>
Cc: Hugh Dickins <hughd@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
Daniel Xu <dxu@dxuuu.xyz>,
linux-mm@kvack.org
Subject: Re: [PATCH] mm/shmem: fix freeing new_attr in shmem_initxattrs()
Date: Fri, 3 Jul 2020 19:20:44 -0700 (PDT) [thread overview]
Message-ID: <alpine.LSU.2.11.2007031920280.1064@eggly.anvils> (raw)
In-Reply-To: <72d2c8fd-9f07-a48c-cb92-f3f0ba2f26b4@mykernel.net>
On Sat, 4 Jul 2020, cgxu wrote:
> On 7/4/20 4:15 AM, Hugh Dickins wrote:
> > On Fri, 3 Jul 2020, Andrew Morton wrote:
> > > On Fri, 3 Jul 2020 14:56:36 +0800 Chengguang Xu <cgxu519@mykernel.net>
> > > wrote:
> > >
> > > > new_attr is allocated with kvmalloc() so should be freed
> > > > with kvfree().
> > > >
> > > > ...
> > > >
> > > > --- a/mm/shmem.c
> > > > +++ b/mm/shmem.c
> > > > @@ -3178,7 +3178,7 @@ static int shmem_initxattrs(struct inode *inode,
> > > > new_xattr->name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
> > > > len,
> > > > GFP_KERNEL);
> > > > if (!new_xattr->name) {
> > > > - kfree(new_xattr);
> > > > + kvfree(new_xattr);
> > > > return -ENOMEM;
> > > > }
> > > Indeed. Maybe simple_xattr_alloc() should have been called
> > > simple_xattr_kvmalloc().
> > That would give a better hint, true. But it's been simple_xattr_alloc()
> > for a while, and "alloc" doesn't claim "kmalloc" or "__get_free_page"
> > or whatever, so its new users ought to check, and its old users ought
> > to be updated when a change is made.
> >
> > This is a
> > Fixes: fdc85222d58e ("kernfs: kvmalloc xattr value instead of kmalloc")
> > Cc: stable@vger.kernel.org # v5.7
> >
> > (Though I hope the restricted use of xattrs on tmpfs cannot actually
> > get into multi-page allocations.)
> >
> > It's a good catch, Chengguang, thank you: but isn't your patch
> > incomplete? It looks like this omission goes beyond mm/shmem:
> > include/linux/xattr.h contains a simple_xattrs_free(), used by
> > both shmem and kernfs, which also says "kfree(xattr)" still.
> >
> > Please extend and re-subject and re-Cc your fix to cover that
> > too (and check nothing else has been missed) - thanks.
>
> Thanks for pointing that out, I overlooked that part. Since this patch
> has already merged to Andrew's tree, I would like to make another
> patch to handle rest of the fixing and that probably can go into
> vfs-tree or others.
So it has. Well, I'd prefer you to make one patch for all the fallout,
sent to Andrew, Cc'ed to the people Cc'ed on fdc85222d58e and me; then
Andrew will drop mm-shmem-fix-freeing-new_attr-in-shmem_initxattrs.patch
in favor of the new patch - which will be fixing more of mm/shmem too
(it calls the buggy inline function). But if you or Andrew disagree,
no problem, better to fix it piece by piece than not at all!
Thanks,
Hugh
next prev parent reply other threads:[~2020-07-04 2:21 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-03 6:56 Chengguang Xu
2020-07-03 19:20 ` Andrew Morton
2020-07-03 20:15 ` Hugh Dickins
2020-07-04 1:59 ` cgxu
2020-07-04 2:20 ` Hugh Dickins [this message]
2020-07-04 2:44 ` cgxu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LSU.2.11.2007031920280.1064@eggly.anvils \
--to=hughd@google.com \
--cc=akpm@linux-foundation.org \
--cc=cgxu519@mykernel.net \
--cc=dxu@dxuuu.xyz \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox