Re: [PATCH] remoteproc: core: Fix rproc->firmware free in rproc_set_firmware()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Jan 18, 2021 at 04:59:04PM +0000, Daniele Alessandrelli wrote:
> From: Daniele Alessandrelli <daniele.alessandrelli@xxxxxxxxx>
> 
> rproc_alloc_firmware() (called by rproc_alloc()) can allocate
> rproc->firmware using kstrdup_const() and therefore should be freed
> using kfree_const(); however, rproc_set_firmware() frees it using the
> simple kfree(). This causes a kernel oops if a constant string is passed
> to rproc_alloc() and rproc_set_firmware() is subsequently called.
> 
> Fix the above issue by using kfree_const() to free rproc->firmware in
> rproc_set_firmware().
> 
> Signed-off-by: Daniele Alessandrelli <daniele.alessandrelli@xxxxxxxxx>
> ---
>  drivers/remoteproc/remoteproc_core.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/remoteproc/remoteproc_core.c b/drivers/remoteproc/remoteproc_core.c
> index 2394eef383e3..ab150765d124 100644
> --- a/drivers/remoteproc/remoteproc_core.c
> +++ b/drivers/remoteproc/remoteproc_core.c
> @@ -1988,7 +1988,7 @@ int rproc_set_firmware(struct rproc *rproc, const char *fw_name)
>  		goto out;
>  	}
>  
> -	kfree(rproc->firmware);
> +	kfree_const(rproc->firmware);
>  	rproc->firmware = p;

Reviewed-by: Mathieu Poirier <mathieu.poirier@xxxxxxxxxx>

>  
>  out:
> 
> base-commit: 8cc8eeffd058f3e7e2d8710a514ffcbc2bd69d28
> -- 
> 2.26.2
> 



[Index of Archives]     [Linux Sound]     [ALSA Users]     [ALSA Devel]     [Linux Audio Users]     [Linux Media]     [Kernel]     [Photo Sharing]     [Gimp]     [Yosemite News]     [Linux Media]

  Powered by Linux