git.baikalelectronics.ru Git - kernel.git/commit

author	Thomas Gleixner <tglx@linutronix.de>
	Sun, 31 Dec 2017 10:24:34 +0000 (11:24 +0100)
committer	Ingo Molnar <mingo@kernel.org>
	Sun, 31 Dec 2017 11:14:07 +0000 (12:14 +0100)
commit	a202c2672e50dd55a23bb9f3df16656cf8b37a65
tree	08f6eb7b4cbaf2e658c072714a8f95346f44c2ce	tree \| snapshot
parent	f4e3d2c7b51ac54b12d4e3fc0133ddd2b3735589	commit \| diff

x86/ldt: Plug memory leak in error path

The error path in write_ldt() tries to free 'old_ldt' instead of the newly
allocated 'new_ldt', resulting in a memory leak. It also misses to clean up a
half populated LDT pagetable, which is not a leak as it gets cleaned up
when the process exits.

Free both the potentially half populated LDT pagetable and the newly
allocated LDT struct. This can be done unconditionally because once an LDT
is mapped subsequent maps will succeed, because the PTE page is already
populated and the two LDTs fit into that single page.

Reported-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dominik Brodowski <linux@dominikbrodowski.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Linus Torvalds <torvalds@linuxfoundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Fixes: 2c77e0c2ca6d ("x86/pti: Put the LDT in its own PGD if PTI is on")
Link: http://lkml.kernel.org/r/alpine.DEB.2.20.1712311121340.1899@nanos
Signed-off-by: Ingo Molnar <mingo@kernel.org>