1. Patchew
  2. linux
  3. View series

[PATCH] pstore/ram: fix resource leak when ioremap() fails

Cole Leavitt posted 1 patch 1 month, 1 week ago 
fs/pstore/ram_core.c | 9 +++++++++
1 file changed, 9 insertions(+)
[PATCH] pstore/ram: fix resource leak when ioremap() fails
Posted by Cole Leavitt 1 month, 1 week ago 
In persistent_ram_iomap(), ioremap() or ioremap_wc() may return NULL on
failure. Currently, if this happens, the function returns NULL without
releasing the memory region acquired by request_mem_region().

This leads to a resource leak where the memory region remains reserved
but unusable.

Additionally, the caller persistent_ram_buffer_map() handles NULL
correctly by returning -ENOMEM, but without this check, a NULL return
combined with request_mem_region() succeeding leaves resources in an
inconsistent state.

This is the ioremap() counterpart to commit 05363abc7625 ("pstore:
ram_core: fix incorrect success return when vmap() fails") which fixed
a similar issue in the vmap() path.

Fixes: 404a6043385d ("staging: android: persistent_ram: handle reserving and mapping memory")
Signed-off-by: Cole Leavitt <cole@unwrap.rs>
---
 fs/pstore/ram_core.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/fs/pstore/ram_core.c b/fs/pstore/ram_core.c
index ed97494abf60..0cc971f70eb0 100644
--- a/fs/pstore/ram_core.c
+++ b/fs/pstore/ram_core.c
@@ -493,6 +493,15 @@ static void *persistent_ram_iomap(phys_addr_t start, size_t size,
 	 * there is no need handle anything special like we do when the
 	 * vmap() case in persistent_ram_vmap() above.
 	 */
+	/*
+	 * ioremap() may fail. Release the mem region and return NULL
+	 * to let the caller handle the error.
+	 */
+	if (!va) {
+		release_mem_region(start, size);
+		return NULL;
+	}
+
 	return va;
 }
 
-- 
2.52.0
Re: [PATCH] pstore/ram: fix resource leak when ioremap() fails
Posted by Kees Cook 1 month, 1 week ago 
On Wed, 25 Feb 2026 16:54:06 -0700, Cole Leavitt wrote:
> In persistent_ram_iomap(), ioremap() or ioremap_wc() may return NULL on
> failure. Currently, if this happens, the function returns NULL without
> releasing the memory region acquired by request_mem_region().
> 
> This leads to a resource leak where the memory region remains reserved
> but unusable.
> 
> [...]

Thanks! I tweaked the patch a bit and applied to for-next/pstore, thanks!

[1/1] pstore/ram: fix resource leak when ioremap() fails
      https://git.kernel.org/kees/c/bb5278a89dad

Take care,

-- 
Kees Cook

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.