From 7cbf4e982541ddecc462507457449119ccdcff3c Mon Sep 17 00:00:00 2001
From: Kunkun Jiang <jiangkunkun@huawei.com>
Date: Wed, 22 Feb 2023 18:20:24 +0800
Subject: [PATCH] vfio/iommu_type1: replace kvmalloc with kvzalloc and kfree
 with kvfree

virt inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6FHYK
CVE: NA

--------------------------------

For security purposes, kvzalloc is used to allocate memory. Because
the memory may be allocated by vmalloc. So we replace kfree with
kvfree here.

Reported-by: Zhaolong Wang <wangzhaolong1@huawei.com>
Signed-off-by: Kunkun Jiang <jiangkunkun@huawei.com>
Reviewed-by: Keqian Zhu <zhukeqian1@huawei.com>
Signed-off-by: Jialin Zhang <zhangjialin11@huawei.com>
---
 drivers/vfio/vfio_iommu_type1.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c
index a6fdab250ea0..20d13cf4aec7 100644
--- a/drivers/vfio/vfio_iommu_type1.c
+++ b/drivers/vfio/vfio_iommu_type1.c
@@ -1129,7 +1129,7 @@ static int vfio_iova_dirty_log_clear(u64 __user *bitmap,
 	int ret = 0;
 
 	bitmap_size = DIRTY_BITMAP_BYTES(size >> pgshift);
-	bitmap_buffer = kvmalloc(bitmap_size, GFP_KERNEL);
+	bitmap_buffer = kvzalloc(bitmap_size, GFP_KERNEL);
 	if (!bitmap_buffer) {
 		ret = -ENOMEM;
 		goto out;
@@ -1179,7 +1179,7 @@ static int vfio_iova_dirty_log_clear(u64 __user *bitmap,
 	}
 
 out:
-	kfree(bitmap_buffer);
+	kvfree(bitmap_buffer);
 	return ret;
 }
 
-- 
GitLab