[v8,04/16] microcode/amd: fix memory leak

Message ID	1564654971-31328-5-git-send-email-chao.gao@intel.com (mailing list archive)
State	Superseded
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> From: Chao Gao <chao.gao@intel.com> To: xen-devel@lists.xenproject.org Date: Thu, 1 Aug 2019 18:22:39 +0800 Message-Id: <1564654971-31328-5-git-send-email-chao.gao@intel.com> In-Reply-To: <1564654971-31328-1-git-send-email-chao.gao@intel.com> References: <1564654971-31328-1-git-send-email-chao.gao@intel.com> Subject: [Xen-devel] [PATCH v8 04/16] microcode/amd: fix memory leak Precedence: list Cc: Ashok Raj <ashok.raj@intel.com>, Wei Liu <wl@xen.org>, Andrew Cooper <andrew.cooper3@citrix.com>, Jan Beulich <jbeulich@suse.com>, Chao Gao <chao.gao@intel.com>, =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
Series	improve late microcode loading \| expand [v8,00/16] improve late microcode loading [v8,01/16] misc/xen-ucode: Upload a microcode blob to the hypervisor [v8,02/16] x86/microcode: always collect_cpu_info() during boot [v8,03/16] microcode/intel: extend microcode_update_match() [v8,04/16] microcode/amd: fix memory leak [v8,05/16] microcode/amd: distinguish old and mismatched ucode in microcode_fits() [v8,06/16] microcode: introduce a global cache of ucode patch [v8,07/16] microcode: clean up microcode_resume_cpu [v8,08/16] microcode: remove struct ucode_cpu_info [v8,09/16] microcode: remove pointless 'cpu' parameter [v8,10/16] microcode/amd: call svm_host_osvw_init() in common code [v8,11/16] microcode: pass a patch pointer to apply_microcode() [v8,12/16] microcode: split out apply_microcode() from cpu_request_microcode() [v8,13/16] microcode: unify loading update during CPU resuming and AP wakeup [v8,14/16] x86/microcode: Synchronize late microcode loading [v8,15/16] microcode: remove microcode_update_lock [v8,16/16] microcode: block #NMI handling when loading an ucode

Message ID

1564654971-31328-5-git-send-email-chao.gao@intel.com (mailing list archive)

State

Superseded

Headers

From: Chao Gao <chao.gao@intel.com>
To: xen-devel@lists.xenproject.org
Date: Thu,  1 Aug 2019 18:22:39 +0800
Message-Id: <1564654971-31328-5-git-send-email-chao.gao@intel.com>
In-Reply-To: <1564654971-31328-1-git-send-email-chao.gao@intel.com>
References: <1564654971-31328-1-git-send-email-chao.gao@intel.com>
Subject: [Xen-devel] [PATCH v8 04/16] microcode/amd: fix memory leak
Precedence: list
Cc: Ashok Raj <ashok.raj@intel.com>, Wei Liu <wl@xen.org>,
 Andrew Cooper <andrew.cooper3@citrix.com>, Jan Beulich <jbeulich@suse.com>,
 Chao Gao <chao.gao@intel.com>,
 =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>

Series

improve late microcode loading | expand

Commit Message

Chao Gao Aug. 1, 2019, 10:22 a.m. UTC

Two buffers, '->equiv_cpu_table' and '->mpb',  inside 'mc_amd' might be
allocated and in the error-handing path they are not freed properly.

Signed-off-by: Chao Gao <chao.gao@intel.com>
---
changes in v8:
 - new
 - it is found by reading code. No test is done.
---
 xen/arch/x86/microcode_amd.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

Comments

Jan Beulich Aug. 2, 2019, 1:39 p.m. UTC | #1

On 01.08.2019 12:22, Chao Gao wrote:
> --- a/xen/arch/x86/microcode_amd.c
> +++ b/xen/arch/x86/microcode_amd.c
> @@ -433,6 +433,9 @@ static int cpu_request_microcode(unsigned int cpu, const void *buf,
>           goto out;
>       }
>   
> +    mc_amd->equiv_cpu_table_size = 0;
> +    mc_amd->equiv_cpu_table = NULL;

Instead of adding these, you could as well use xzalloc()
further up and drop the explicit initialization of ->mpb and
->mpb_size to NULL/0 a few lines down.

> @@ -479,6 +482,8 @@ static int cpu_request_microcode(unsigned int cpu, const void *buf,
>   
>       if ( error )
>       {
> +        if ( mc_amd->equiv_cpu_table_size )
> +            xfree(mc_amd->equiv_cpu_table);

Why the if()? There's no problem calling xfree() with a NULL
argument.

> @@ -549,11 +554,14 @@ static int cpu_request_microcode(unsigned int cpu, const void *buf,
>   
>       if ( save_error )
>       {
> -        xfree(mc_amd);
>           uci->mc.mc_amd = mc_old;
> +        mc_old = mc_amd;
>       }
> -    else
> -        xfree(mc_old);
> +
> +    if ( mc_old->mpb_size )
> +        xfree(mc_old->mpb);
> +    xfree(mc_old->equiv_cpu_table);

Same here. With the adjustments made (could possibly be done
again while committing)
Reviewed-by: Jan Beulich <jbeulich@suse.com>

Jan

diff --git a/xen/arch/x86/microcode_amd.c b/xen/arch/x86/microcode_amd.c
index 7a854c0..afca51f 100644
--- a/xen/arch/x86/microcode_amd.c
+++ b/xen/arch/x86/microcode_amd.c
@@ -433,6 +433,9 @@  static int cpu_request_microcode(unsigned int cpu, const void *buf,
         goto out;
     }
 
+    mc_amd->equiv_cpu_table_size = 0;
+    mc_amd->equiv_cpu_table = NULL;
+
     /*
      * Multiple container file support:
      * 1. check if this container file has equiv_cpu_id match
@@ -479,6 +482,8 @@  static int cpu_request_microcode(unsigned int cpu, const void *buf,
 
     if ( error )
     {
+        if ( mc_amd->equiv_cpu_table_size )
+            xfree(mc_amd->equiv_cpu_table);
         xfree(mc_amd);
         goto out;
     }
@@ -549,11 +554,14 @@  static int cpu_request_microcode(unsigned int cpu, const void *buf,
 
     if ( save_error )
     {
-        xfree(mc_amd);
         uci->mc.mc_amd = mc_old;
+        mc_old = mc_amd;
     }
-    else
-        xfree(mc_old);
+
+    if ( mc_old->mpb_size )
+        xfree(mc_old->mpb);
+    xfree(mc_old->equiv_cpu_table);
+    xfree(mc_old);
 
   out:
 #if CONFIG_HVM

[v8,04/16] microcode/amd: fix memory leak

Commit Message

Comments

Patch