1. Patchew
  2. linux
  3. View series

[PATCH] bpf: replace kvfree with kfree for kzalloc memory

Qianfeng Rong posted 1 patch 1 month, 3 weeks ago 
kernel/bpf/verifier.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] bpf: replace kvfree with kfree for kzalloc memory
Posted by Qianfeng Rong 1 month, 3 weeks ago 
The 'backedge' pointer is allocated with kzalloc(), which returns
physically contiguous memory. Using kvfree() to deallocate such
memory is functionally safe but semantically incorrect.

Replace kvfree() with kfree() to avoid unnecessary is_vmalloc_addr()
check in kvfree().

Signed-off-by: Qianfeng Rong <rongqianfeng@vivo.com>
---
 kernel/bpf/verifier.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index c4f69a9e9af6..4e5de1ff7e30 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -19553,7 +19553,7 @@ static int is_state_visited(struct bpf_verifier_env *env, int insn_idx)
 				err = err ?: add_scc_backedge(env, &sl->state, backedge);
 				if (err) {
 					free_verifier_state(&backedge->state, false);
-					kvfree(backedge);
+					kfree(backedge);
 					return err;
 				}
 			}
-- 
2.34.1
Re: [PATCH] bpf: replace kvfree with kfree for kzalloc memory
Posted by Eduard Zingerman 1 month, 3 weeks ago 
On Mon, 2025-08-11 at 20:39 +0800, Qianfeng Rong wrote:
> The 'backedge' pointer is allocated with kzalloc(), which returns
> physically contiguous memory. Using kvfree() to deallocate such
> memory is functionally safe but semantically incorrect.
> 
> Replace kvfree() with kfree() to avoid unnecessary is_vmalloc_addr()
> check in kvfree().
> 
> Signed-off-by: Qianfeng Rong <rongqianfeng@vivo.com>
> ---

Acked-by: Eduard Zingerman <eddyz87@gmail.com>

>  kernel/bpf/verifier.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> index c4f69a9e9af6..4e5de1ff7e30 100644
> --- a/kernel/bpf/verifier.c
> +++ b/kernel/bpf/verifier.c
> @@ -19553,7 +19553,7 @@ static int is_state_visited(struct bpf_verifier_env *env, int insn_idx)
>  				err = err ?: add_scc_backedge(env, &sl->state, backedge);
>  				if (err) {
>  					free_verifier_state(&backedge->state, false);
> -					kvfree(backedge);
> +					kfree(backedge);

The backedge encapsulates verifier state, verifier states are
allocated using kzalloc() and freed using kfreed() in other places in
verifier.c => I think this patch is valid.

>  					return err;
>  				}
>  			}
Re: [PATCH] bpf: replace kvfree with kfree for kzalloc memory
Posted by Markus Elfring 1 month, 3 weeks ago 
…
> Replace kvfree() with kfree() to avoid unnecessary is_vmalloc_addr()
> check in kvfree().

Under which circumstances would you become interested to apply the attribute “__free”
(also in the affected if branch)?
https://elixir.bootlin.com/linux/v6.16/source/include/linux/slab.h#L476

Regards,
Markus
Re: [PATCH] bpf: replace kvfree with kfree for kzalloc memory
Posted by Qianfeng Rong 1 month, 3 weeks ago 
Hi all,

Sorry, please ignore this patch, because I found that there are still a 
lot of mixed uses of kfree and kvfree in kernel/bpf/verifier.c. Best 
regards, Qianfeng
Re: [PATCH] bpf: replace kvfree with kfree for kzalloc memory
Posted by Eduard Zingerman 1 month, 3 weeks ago 
On Mon, 2025-08-11 at 21:15 +0800, Qianfeng Rong wrote:
> Hi all,
> 
> Sorry, please ignore this patch, because I found that there are still a 
> lot of mixed uses of kfree and kvfree in kernel/bpf/verifier.c. Best 
> regards, Qianfeng

Using kvfree() in this position was sloppy on my side,
thank you for noticing this.

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.