Missed master:ddb17dc880ee backport cause 'kernel BUG in __phys_addr' on 5.15.y.
introduced by:
5.15.y:962a3d3d731c (fs/ntfs3: Use kvmalloc instead of kmalloc(... __GFP_NOWARN))
Link: https://syzkaller.appspot.com/bug?extid=2c00ffdada0b04c96497
------------------
From: Konstantin Komarov <almaz.alexandrovich@xxxxxxxxxxxxxxxxxxxx>
Date: Tue, 16 Jan 2024 10:32:20 +0300
Subject: [PATCH] fs/ntfs3: Use kvfree to free memory allocated by kvmalloc
[ Upstream commit ddb17dc880eeaac37b5a6e984de07b882de7d78d ]
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Andrey Kalachev <kalachev@xxxxxxxxx>
---
fs/ntfs3/attrlist.c | 4 ++--
fs/ntfs3/bitmap.c | 4 ++--
fs/ntfs3/frecord.c | 4 ++--
fs/ntfs3/super.c | 2 +-
4 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/fs/ntfs3/attrlist.c b/fs/ntfs3/attrlist.c
index 723e49ec83ce..82bd9b5d9bd8 100644
--- a/fs/ntfs3/attrlist.c
+++ b/fs/ntfs3/attrlist.c
@@ -29,7 +29,7 @@ static inline bool al_is_valid_le(const struct ntfs_inode *ni,
void al_destroy(struct ntfs_inode *ni)
{
run_close(&ni->attr_list.run);
- kfree(ni->attr_list.le);
+ kvfree(ni->attr_list.le);
ni->attr_list.le = NULL;
ni->attr_list.size = 0;
ni->attr_list.dirty = false;
@@ -318,7 +318,7 @@ int al_add_le(struct ntfs_inode *ni, enum ATTR_TYPE type, const __le16 *name,
memcpy(ptr, al->le, off);
memcpy(Add2Ptr(ptr, off + sz), le, old_size - off);
le = Add2Ptr(ptr, off);
- kfree(al->le);
+ kvfree(al->le);
al->le = ptr;
} else {
memmove(Add2Ptr(le, sz), le, old_size - off);
diff --git a/fs/ntfs3/bitmap.c b/fs/ntfs3/bitmap.c
index 7dccff6c9983..2c29a3b386ba 100644
--- a/fs/ntfs3/bitmap.c
+++ b/fs/ntfs3/bitmap.c
@@ -129,7 +129,7 @@ void wnd_close(struct wnd_bitmap *wnd)
{
struct rb_node *node, *next;
- kfree(wnd->free_bits);
+ kvfree(wnd->free_bits);
run_close(&wnd->run);
node = rb_first(&wnd->start_tree);
@@ -1340,7 +1340,7 @@ int wnd_extend(struct wnd_bitmap *wnd, size_t new_bits)
wnd->nwnd * sizeof(short));
memset(new_free + wnd->nwnd, 0,
(new_wnd - wnd->nwnd) * sizeof(short));
- kfree(wnd->free_bits);
+ kvfree(wnd->free_bits);
wnd->free_bits = new_free;
}
diff --git a/fs/ntfs3/frecord.c b/fs/ntfs3/frecord.c
index da21a044d3f8..7a1f57dc58df 100644
--- a/fs/ntfs3/frecord.c
+++ b/fs/ntfs3/frecord.c
@@ -750,7 +750,7 @@ static int ni_try_remove_attr_list(struct ntfs_inode *ni)
run_deallocate(sbi, &ni->attr_list.run, true);
run_close(&ni->attr_list.run);
ni->attr_list.size = 0;
- kfree(ni->attr_list.le);
+ kvfree(ni->attr_list.le);
ni->attr_list.le = NULL;
ni->attr_list.dirty = false;
@@ -899,7 +899,7 @@ int ni_create_attr_list(struct ntfs_inode *ni)
goto out;
out1:
- kfree(ni->attr_list.le);
+ kvfree(ni->attr_list.le);
ni->attr_list.le = NULL;
ni->attr_list.size = 0;
return err;
diff --git a/fs/ntfs3/super.c b/fs/ntfs3/super.c
index 2ce26062e55e..78b086527331 100644
--- a/fs/ntfs3/super.c
+++ b/fs/ntfs3/super.c
@@ -441,7 +441,7 @@ static noinline void put_ntfs(struct ntfs_sb_info *sbi)
{
kfree(sbi->new_rec);
kvfree(ntfs_put_shared(sbi->upcase));
- kfree(sbi->def_table);
+ kvfree(sbi->def_table);
wnd_close(&sbi->mft.bitmap);
wnd_close(&sbi->used.bitmap);
--
2.30.2