From: Peng Liu liupeng256@huawei.com
hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I51C37 CVE: NA
--------------------------------
Patch "kfence: Add a module parameter to adjust kfence objects" use memblock_free to free memory allocated from memblock, but a virtual address is passed to memblock_free where a physical address is expected. This mistake will lead to memory leak when fail to alloc kfence pool. Use __pa() to fix this, and the impact can be observed by "cat /proc/meminfo".
Fixes: 901b983c886b ("kfence: Add a module parameter to adjust kfence objects") Signed-off-by: Peng Liu liupeng256@huawei.com Reviewed-by: Kefeng Wang wangkefeng.wang@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- mm/kfence/core.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/mm/kfence/core.c b/mm/kfence/core.c index 2454b1c57fb1..02bd7b468162 100644 --- a/mm/kfence/core.c +++ b/mm/kfence/core.c @@ -838,7 +838,7 @@ static int __init kfence_dynamic_init(void) covered_size = sizeof(atomic_t) * ALLOC_COVERED_SIZE; alloc_covered = memblock_alloc(covered_size, PAGE_SIZE); if (!alloc_covered) { - memblock_free((phys_addr_t)kfence_metadata, metadata_size); + memblock_free(__pa(kfence_metadata), metadata_size); kfence_metadata = NULL; pr_err("failed to allocate covered\n"); return -ENOMEM; @@ -849,9 +849,9 @@ static int __init kfence_dynamic_init(void)
static void __init kfence_dynamic_destroy(void) { - memblock_free((phys_addr_t)alloc_covered, covered_size); + memblock_free(__pa(alloc_covered), covered_size); alloc_covered = NULL; - memblock_free((phys_addr_t)kfence_metadata, metadata_size); + memblock_free(__pa(kfence_metadata), metadata_size); kfence_metadata = NULL; } #else