| Message ID | 20190430025347.3097-3-erosca@de.adit-jv.com |
|---|---|
| State | Superseded |
| Delegated to: | Heinrich Schuchardt |
| Headers | show |
| Series | Misc EFI/GPT/UUID fixes | expand |
On 4/30/19 4:53 AM, Eugeniu Rosca wrote: > Below is what happens on R-Car H3ULCB-KF using clean U-Boot > v2019.04-00810-g6aebc0d11a10 and r8a7795_ulcb_defconfig: > > => ### interrupt autoboot > => gpt verify mmc 1 > No partition list provided - only basic check > Verify GPT: success! > => ### keep calling 'gpt verify mmc 1' > => ### on 58th call, we are out of memory: > => gpt verify mmc 1 > alloc_read_gpt_entries: ERROR: Can't allocate 0X4000 bytes for GPT Entries > GPT: Failed to allocate memory for PTE > gpt_verify_headers: *** ERROR: Invalid Backup GPT *** > Verify GPT: error! > > This is caused by calling is_gpt_valid() twice (hence allocating pte > also twice via alloc_read_gpt_entries()) while freeing pte only _once_ > in the caller of gpt_verify_headers(). Fix that by freeing the pte > allocated and populated for primary GPT _before_ allocating and > populating the pte for backup GPT. The latter will be freed by the > caller of gpt_verify_headers(). > > With the fix applied, the reproduction scenario [1-2] has been run > hundreds of times in a loop w/o running into OOM. > > [1] gpt verify mmc 1 > [2] gpt verify mmc 1 $partitions > > Fixes: cef68bf9042dda ("gpt: part: Definition and declaration of GPT verification functions") > Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> > --- > disk/part_efi.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/disk/part_efi.c b/disk/part_efi.c > index 812d14cdd871..c0fa753339c8 100644 > --- a/disk/part_efi.c > +++ b/disk/part_efi.c > @@ -698,6 +698,10 @@ int gpt_verify_headers(struct blk_desc *dev_desc, gpt_header *gpt_head, > __func__); > return -1; > } > + > + /* Free pte before allocating again */ > + free(*gpt_pte); > + > if (is_gpt_valid(dev_desc, (dev_desc->lba - 1), > gpt_head, gpt_pte) != 1) { > printf("%s: *** ERROR: Invalid Backup GPT ***\n", >
diff --git a/disk/part_efi.c b/disk/part_efi.c index 812d14cdd871..c0fa753339c8 100644 --- a/disk/part_efi.c +++ b/disk/part_efi.c @@ -698,6 +698,10 @@ int gpt_verify_headers(struct blk_desc *dev_desc, gpt_header *gpt_head, __func__); return -1; } + + /* Free pte before allocating again */ + free(*gpt_pte); + if (is_gpt_valid(dev_desc, (dev_desc->lba - 1), gpt_head, gpt_pte) != 1) { printf("%s: *** ERROR: Invalid Backup GPT ***\n",
Below is what happens on R-Car H3ULCB-KF using clean U-Boot v2019.04-00810-g6aebc0d11a10 and r8a7795_ulcb_defconfig: => ### interrupt autoboot => gpt verify mmc 1 No partition list provided - only basic check Verify GPT: success! => ### keep calling 'gpt verify mmc 1' => ### on 58th call, we are out of memory: => gpt verify mmc 1 alloc_read_gpt_entries: ERROR: Can't allocate 0X4000 bytes for GPT Entries GPT: Failed to allocate memory for PTE gpt_verify_headers: *** ERROR: Invalid Backup GPT *** Verify GPT: error! This is caused by calling is_gpt_valid() twice (hence allocating pte also twice via alloc_read_gpt_entries()) while freeing pte only _once_ in the caller of gpt_verify_headers(). Fix that by freeing the pte allocated and populated for primary GPT _before_ allocating and populating the pte for backup GPT. The latter will be freed by the caller of gpt_verify_headers(). With the fix applied, the reproduction scenario [1-2] has been run hundreds of times in a loop w/o running into OOM. [1] gpt verify mmc 1 [2] gpt verify mmc 1 $partitions Fixes: cef68bf9042dda ("gpt: part: Definition and declaration of GPT verification functions") Signed-off-by: Eugeniu Rosca <erosca@de.adit-jv.com> --- disk/part_efi.c | 4 ++++ 1 file changed, 4 insertions(+)