[Devel] [PATCH rh7 v2] keys, user: Fix high order allocation in user_instantiate() #PSBM-107794

Tue Sep 15 09:49:22 MSK 2020

On 9/14/20 2:16 PM, Andrey Ryabinin wrote:
> @@ -96,7 +97,8 @@ static void user_free_payload_rcu(struct rcu_head *head)
>  	struct user_key_payload *payload;
>  
>  	payload = container_of(head, struct user_key_payload, rcu);
> -	kzfree(payload);

can payload be NULL here?

> +	memset(payload, 0, sizeof(*payload) + payload->datalen);
> +	kvfree(payload);
>  }
>  
>  /*

> @@ -182,7 +184,8 @@ void user_destroy(struct key *key)
>  {
>  	struct user_key_payload *upayload = key->payload.data;
>  
> -	kzfree(upayload);

... and here too

> +	memset(upayload, 0, sizeof(*upayload) + upayload->datalen);
> +	kvfree(upayload);
>  }
>  
>  EXPORT_SYMBOL_GPL(user_destroy);
> 