From patchwork Fri Sep 29 07:42:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ekansh Gupta X-Patchwork-Id: 146674 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:cae8:0:b0:403:3b70:6f57 with SMTP id r8csp4170764vqu; Fri, 29 Sep 2023 09:47:21 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGw9EMkDyW8tBJig2DQlbPxFusmoO80LmSYe0ChT4IHXvuQh5QdR3h1oWtlv6frteQ1UGqf X-Received: by 2002:a17:903:228e:b0:1c6:2655:625d with SMTP id b14-20020a170903228e00b001c62655625dmr8564554plh.15.1696006041428; Fri, 29 Sep 2023 09:47:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696006041; cv=none; d=google.com; s=arc-20160816; b=IfPuDHwxmiJMFw0xWA5lPgo6WeLMwgsdjxZFFL8zUg6Lp8Hx77W3Z+MzRsYtwWbnwY auvZW4xUHjGzsrmhEUTWAk/DPvFAAPQz6K6tL0YHicJnPhA2YzXxddrZrFQlbO+bjlxY 5XbEBgdghgc07CffsKs/P++O+2GTpXrHYkMKI8luZ0GEADm62EzRTWVyeE79fwn2BZdS Qx0oEAx/yLhXlgQtqzLnjFhpzBDblHQJikYz+finZ7tBItlwqMffAWyuqmD3jCv5DwGY auUR4tHN+oZ+JmSsvFEnUP9LRKyf9JOtw95Jx5Z3RvZ1AQEBGgMsIme8wRBzmQY3x8qN 7HhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=0rGGk5TlG7sve1jYkAhgjG+txIkMX8x3vOh+Kmoblfo=; fh=A6NNGgejDd0F81I6I/9zWdWOtBqD0woImsi6PTqxbkw=; b=yxbJVyc6aESWIJZruaWEwnWILX0BDaMutesGV5m7LaodG3ko7VwcjkPjcmTEZmjcjr Jqh/eMZxzwM0UOCg5rCQk5+j8wgVeoN7ifTv6kFyAmtivxZvlUc+H1IVyWmlTeuyziEv iiI8CZCSGKX2hgZ8AHWjlOILKKNT84GTUVVyBJA8hU/aorWy7ANNfkPa8I72d2cfxp+U lc63xRjMF1HOHdL6AGb3SKajCMtbTm0g6Esm20VlSMMNjvECnEg5cCnYMg2OcaAjSp6J SKiXbsiMCqj3Vbi8YFmiqHYUZym99Pw24a62oyT9MKgqvsdruFMt/BEczzzmVI8/xdhY IAVw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@quicinc.com header.s=qcppdkim1 header.b=HKXOtQP4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=quicinc.com Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id z16-20020a656650000000b00578aa7b0e03si20401877pgv.695.2023.09.29.09.47.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 29 Sep 2023 09:47:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; dkim=pass header.i=@quicinc.com header.s=qcppdkim1 header.b=HKXOtQP4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=quicinc.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 4F47682ABAB7; Fri, 29 Sep 2023 00:43:12 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232760AbjI2Hm7 (ORCPT + 20 others); Fri, 29 Sep 2023 03:42:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44634 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232666AbjI2Hm6 (ORCPT ); Fri, 29 Sep 2023 03:42:58 -0400 Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C938B1A8; Fri, 29 Sep 2023 00:42:55 -0700 (PDT) Received: from pps.filterd (m0279868.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 38T7gqhX029961; Fri, 29 Sep 2023 07:42:52 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=qcppdkim1; bh=0rGGk5TlG7sve1jYkAhgjG+txIkMX8x3vOh+Kmoblfo=; b=HKXOtQP4Rk4qT7DGg6gqFbmWB59JyfgTvq15e6b+F3gFmJQuCL13Vbo09x9PmSBKcRjl CFC97MVHIkJ9IbG7caIGU2I5VNxkXuMYGaGAnDTp+frrs1oUzvSNmiPCoam3H3HUcs8D iAOZuNFGxwQtR+82hU5lDLgT7gCPty4hF1MVIkkgQhbOBTYk1vn97b7P7zP56TwuzqBN S+hkfZpR0h96Q6sxK2ouXen5nJJpDk5APSXQn1YPRM0gTFJonemiEMVDSQjTip7o8En1 ru5P0KRmGQ/7pjCxllhunt5ARUuxDPhIaO5M2/7bcpoIjGi8aiW5gMCEiEGhEvHU+BSq BA== Received: from nalasppmta01.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3tda4c1t0r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 29 Sep 2023 07:42:51 +0000 Received: from nalasex01b.na.qualcomm.com (nalasex01b.na.qualcomm.com [10.47.209.197]) by NALASPPMTA01.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 38T7goiL018442 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 29 Sep 2023 07:42:50 GMT Received: from ekangupt-linux.qualcomm.com (10.80.80.8) by nalasex01b.na.qualcomm.com (10.47.209.197) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.36; Fri, 29 Sep 2023 00:42:47 -0700 From: Ekansh Gupta To: , CC: Ekansh Gupta , , , , , stable Subject: [PATCH v1 1/3] misc: fastrpc: Reset metadata buffer to avoid incorrect free Date: Fri, 29 Sep 2023 13:12:38 +0530 Message-ID: <1695973360-14369-2-git-send-email-quic_ekangupt@quicinc.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1695973360-14369-1-git-send-email-quic_ekangupt@quicinc.com> References: <1695973360-14369-1-git-send-email-quic_ekangupt@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.80.80.8] X-ClientProxiedBy: nasanex01a.na.qualcomm.com (10.52.223.231) To nalasex01b.na.qualcomm.com (10.47.209.197) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: v0axPEQ6M4hpPFkmv_5rN9qqgsl7ITmy X-Proofpoint-ORIG-GUID: v0axPEQ6M4hpPFkmv_5rN9qqgsl7ITmy X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.980,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-09-29_05,2023-09-28_03,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 phishscore=0 mlxlogscore=999 lowpriorityscore=0 spamscore=0 adultscore=0 bulkscore=0 priorityscore=1501 clxscore=1011 mlxscore=0 impostorscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2309180000 definitions=main-2309290064 X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Fri, 29 Sep 2023 00:43:12 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1778391230993827470 X-GMAIL-MSGID: 1778391230993827470 Metadata buffer is allocated during get_args for any remote call. This buffer carries buffers, fdlists and other payload information for the call. If the buffer is not reset, put_args might find some garbage FDs in the fdlist which might have an existing mapping in the list. This could result in improper freeing of FD map when DSP might still be using the buffer. Added change to reset the metadata buffer after allocation. Fixes: 8f6c1d8c4f0c ("misc: fastrpc: Add fdlist implementation") Cc: stable Signed-off-by: Ekansh Gupta --- drivers/misc/fastrpc.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/misc/fastrpc.c b/drivers/misc/fastrpc.c index a66b7c1..fb92197 100644 --- a/drivers/misc/fastrpc.c +++ b/drivers/misc/fastrpc.c @@ -958,6 +958,7 @@ static int fastrpc_get_args(u32 kernel, struct fastrpc_invoke_ctx *ctx) if (err) return err; + memset(ctx->buf->virt, 0, pkt_size); rpra = ctx->buf->virt; list = fastrpc_invoke_buf_start(rpra, ctx->nscalars); pages = fastrpc_phy_page_start(list, ctx->nscalars);