The short summary (as mentioned in review): "KEYS: trusted: Fix memory leak in tpm2_key_encode()" Also, you should version your patches, and provide a change log. See: https://www.kernel.org/doc/html/v5.18/process/submitting-patches.html#the-canonical-patch-format For git format-patch you can simply supply "-vX" to get the-canonical-patch-format version included. On Wed, Jun 08, 2022 at 10:59:38AM +0800, Jianglei Nie wrote: > tpm2_key_encode() allocates a memory chunk from scratch with kmalloc(), > but it is never freed, which leads to a memory leak. Free the memory > chunk with kfree() in the return path. > > Signed-off-by: Jianglei Nie <niejianglei2021@xxxxxxx> > --- Here you can write: v3: ... v2: ... > security/keys/trusted-keys/trusted_tpm2.c | 12 +++++++++--- > 1 file changed, 9 insertions(+), 3 deletions(-) > > diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c > index 0165da386289..dc9efd6c8b14 100644 > --- a/security/keys/trusted-keys/trusted_tpm2.c > +++ b/security/keys/trusted-keys/trusted_tpm2.c > @@ -57,8 +57,10 @@ static int tpm2_key_encode(struct trusted_key_payload *payload, > unsigned char bool[3], *w = bool; > /* tag 0 is emptyAuth */ > w = asn1_encode_boolean(w, w + sizeof(bool), true); > - if (WARN(IS_ERR(w), "BUG: Boolean failed to encode")) > + if (WARN(IS_ERR(w), "BUG: Boolean failed to encode")) { > + kfree(scratch); > return PTR_ERR(w); > + } > work = asn1_encode_tag(work, end_work, 0, bool, w - bool); > } > > @@ -69,8 +71,10 @@ static int tpm2_key_encode(struct trusted_key_payload *payload, > * trigger, so if it does there's something nefarious going on > */ > if (WARN(work - scratch + pub_len + priv_len + 14 > SCRATCH_SIZE, > - "BUG: scratch buffer is too small")) > + "BUG: scratch buffer is too small")) { > + kfree(scratch); > return -EINVAL; > + } > > work = asn1_encode_integer(work, end_work, options->keyhandle); > work = asn1_encode_octet_string(work, end_work, pub, pub_len); > @@ -79,8 +83,10 @@ static int tpm2_key_encode(struct trusted_key_payload *payload, > work1 = payload->blob; > work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob), > scratch, work - scratch); > - if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed")) > + if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed")) { > + kfree(scratch); > return PTR_ERR(work1); > + } > > return work1 - payload->blob; > } > -- > 2.25.1 > BR, Jarkko